Fellow Blogger TechPaul, has advised his readers this morning, that chat messages are scaring users into installing malware in his article – Skype Phishing Returns. If you use Skype chat, or for that matter any other chat application, you need to be aware of this information.
This presents an opportunity to re-run a popular article previously posted on this site, setting out the precaution we all need to take when using any type of chat client.
Programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with users who want real-time contact with each other.
But, and there always seems to be a “but” lately – from a security perspective these applications can present considerable security risks. Generally, security risks occur when these programs are used to share files, folders, or in some cases even entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware.
As Wikipedia explains it, hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL that connects him or her, to a website that then downloads malicious code. Viruses, worms, and Trojans typically propagate by sending themselves rapidly through the infected user’s buddy list.
Follow these tips to ensure you are protected when using instant messaging.
Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.
Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.
Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.
Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.
For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.
It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.
Above all, if you are a parent, take exceptional care with the access that your children have to these programs.
The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals. The risk is low of course, but……..
Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software, Parental Control Bar, to help you do just that.
For readers with younger children, please read, KidZui – Free, Safe Internet Browsing for Kids, on this site. This guest writer article, by Silki Garg of Internet Security Blog, provides a comprehensive review of KidZui.
6 responses to “Instant Messenger Clients – How Safe?”
I thank you for directing your readers to my article. (On it, there’s a screenshot of the Skype phishing message.. if they want to see an “actual social engineering” example [if they haven’t already].)
I’ve taken to calling it “paranoid common sense”, and it certainly applies to IM.
I would like to add that – and this can be a controversial subject – that parents may want to use IM Monitoring software and ‘capture’ copies of their child’s text messaging.
(and maybe use Lingo2Word.com to translate the code into English..)
Thank you Paul.
IM risks are not only related to malware distribution, but the abusing is also a serious problem.
You’re quite right, these applications can be used to enable abusive behavior.
Thanks for pointing this out.
I think this is how my daughter got PC-Antivirus on her laptop.
I remember when you had this problem on your daughter’s machine, and the problems it caused.