ISR News: Beware of Conficker Scams

March 31, 2009 by ADMIN

Share |

Excerpts From CIO.com

Google’s search rankings are being stuffed with links to fake security software that purports to remove Conficker, a widespread worm that’s currently the Internet’s number one security threat, but doesn’t.

Certain search terms will bring up a host of Web pages that could either infect a PC with malicious software or try to sell a dodgy security program, said Rik Ferguson, senior security advisor for the vendor Trend Micro.

Ferguson said he’s noticed an uptick in these kinds of sites over the last day or so as other legitimate software tools have been released that can detect Conficker, which has infected between 3 million and 10 million PCs worldwide.

For example, a search for “Nmap Conficker” will bring up malicious results, Ferguson said. Nmap is an open-source networking tool that has been upgraded to detect Conficker infections. Ferguson said he was surprised at how quickly the scammers began manipulating Google with those search terms, as Nmap was just recently upgraded.

Scammers game Google’s search engine by creating Web sites full of search terms, Fergusons said. Another tactic is spamming high-traffic Web sites that lead back to their malicious site in order to drive their Web site up the search ranks.

The fake security software Web sites will ask a user to download a file that scans a machine for malware. The software usually tells the user the PC has malicious software even if it isn’t infected, Ferguson said. The software will then badger the user to buy the questionable security program.

Conficker is a difficult-to-remove worm that has vexed the security community. Versions of the worm spread by taking advantage of a vulnerability in the Microsoft Windows Server service, through infected removable media or brute-forcing weak passwords.

Related: DHS Releases Conficker Worm Detection

These icons link to social bookmarking sites where readers can share and discover new web pages.

Share |

Filed under: D&O Liability, Financial, Government, ISR News, Uncategorized, hackers, identity-theft, malware, privacy

Tags: 2009, access, Anthony M. Freed, authentification, botnet, Breach, breaches, bypass, computer, conficker, confidential, consumer product liability, control, Costs, criminal, cyber security, cyber-crime, cybersecurity, D and O liability, Data, demonstration, due diligence, Economy, electronic database, email, Finance, Financial, Financial Identity, governance, hackers, hijacked, homeland Security, ID, identity thief, Infoduciary, Information, Information Fiduciary, Information-Security-Resources.com, InfoSec, infrastructure, ISR, law, legal, liability, malware, message, misuse, News, online fraud, privacy rights, remote, risk, Security, small business, spam, System, systems, theft, third party, up down, vendors, worm, zero day attack

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Categories
- Anthony M. Freed (26)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (23)
- Breach (540)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (26)
- Class Action Lawsuit (111)
- Cloud computing (106)
- Coby Royer (5)
- CTO Forum (9)
- D&O Liability (594)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (7)
- due diligence (303)
- Fame Foundry (1)
- FEATURE ARTICLE (428)
- Financial (580)
- Fred Leland (7)
- Gene Kim (3)
- Government (366)
- Greg George (5)
- H1N1 (15)
- hackers (532)
- healthcare (127)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (528)
- IDExperts (17)
- Ike Z. Devji (1)
- Infosec Island Network (31)
- Insider Threat (483)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (64)
- ISR News (321)
- Jacqueline Herships (2)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (2)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (21)
- Larry Ketchersid (1)
- Laton McCartney (7)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (494)
- Mark Smail (1)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (3)
- Michael Lohr (1)
- Michael O'Conner (4)
- MicroSolved (1)
- Mike Duncan (3)
- Mike Meikle (4)
- Mike Spinney (1)
- Military (204)
- national security (446)
- PCI (301)
- PCI Security Standards Council (32)
- Physical Security (11)
- privacy (545)
- Rachel James (10)
- reach (4)
- Rebecca Herold (16)
- Richard Stiennon (44)
- Robert Siciliano (34)
- Sarbanes-Oxley (495)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (8)
- The Privacy Professor (16)
- Thomas R. Fox (8)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (14)
- Tripwire (18)
- Uncategorized (621)
- virtualization (94)
- Webcast (49)

Copyright © 2008 To Present · Information-Security-Resources.com (Permissions and Disclaimers) You are welcome to use, for any lawful purpose, the information that WE write and post to this site, provided that you link to and attribute Information-Security-Resources.com and the author(s). Any 3rd-party material linked to or referenced on this site is subject to the rights of the owners of that material.

We provide business consulting services. We do NOT provide legal or financial advice. There is no attorney / client relationship, or any privilege associated with our services. Nothing expressed on this site, or in association with our services, should be taken as legal counsel or financial advice. The opinions expressed on this site are the personal opinions of the writer(s), not those of any other individuals or organizations.

Theme: Copyright © 2008 · Revolution Code Blue designed by Brian Gardner

Information-security-resources.com is part of the Infosec Island network.