IT Trenches

Jan 15 2010   7:33PM GMT

Recipe for malware infection – 10 steps



Posted by: Troy Tate
Tags:
antivirus
attack
firewall
information security
information security awareness
malware
patching
security awareness
social engineering
updates
zero day

For certain malware infection follow these steps:

1. Do not apply operating system patches.

2. Do not apply application patches.

3. Do open emails from unknown sources.

4. Do open attachments on emails from unknown sources.

5. Do open unexpected attachments appearing to be from known sources. “I’m sure this person meant to send me this PDF file.”

6. Do purchase and install a program which is supposed to fix the detected viruses on your computer. “I was just browsing the web and this window popped up saying I was infected and could fix all my problems with this 2010 SuperAntiMalwareAntiVirusFirewallPreventBuggySoftware application.”

7. Do follow instructions found in an email supposedly from the IRS, a banking institution or FBI asking for personal information including mother’s maiden name and social security number. The information should be entered on the website link shown in the email.

8. Do blindly click on the link shown in the email supposed to be from the trusted source. Just because the displayed link shows www.mytrustedbank.com and the clicked link shows www.mytrustedbank-com.gotchanow.cn.ru doesn’t mean that the message shouldn’t be obeyed.

9. Do go ahead and install the unsolicited Flash update on your computer. Surely that attached video won’t infect my 2010 SuperAntiMalwareAntiVirusFirewallPreventBuggySoftware protected computer.

10. Do not pay attention to that person over there saying they were infected when they ran the 2010 SuperAntiMalwareAntiVirusFirewallPreventBuggySoftware application. Surely they are not as smart as you.

What other steps would you suggest for becoming malware infected? Share your comments. <remove tongue from cheek>

Just thought I would share these tips with you. If you got this far, you might find this entry in the McAfee Security Insights blog interesting – Operation “Aurora” Hit Google, Others. Basically the attack was multi-layered. It began with social engineering and ended up with outbound data being sent to unknown attackers. It makes for some very interesting reading.

Thanks for reading & let’s continue to be good network citizens!

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • JesseQ
    Thank Troy for your wonderful post. At first I find it funny, but then it was very true scenario for those people who are novice users towards computer. We should be very careful and avoid clicking pop-up messages that said to be anti-virus provider since malwares are everywhere. Internets are always their primary host since Internet is a limited and free-access to all. So, with these TIPS coming from Troy on how to avoid installing malwares to your PC must be cautiously followed. Or else you will surely need [A href="http://personalmoneystore.com/Payday-Loans"]payday loans[/A] for computer repairs or worst, you might need a new PC/ laptop since the malware have already infected your motherboard that will cause too much/severe damage to your files, laptops, and PCs.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: