Another Worm Worms Its Way Into Instant Messaging Applications

From the more things change the more they remain the same files:

AV-killing worm spreads via Facebook chat and IM clients – A rather industrious piece of malware that – among other things – paves the way for other malware by disabling AV solutions and software update modules has been spotted spreading via several Instant Messaging applications (ICQ, Skype, GTalk, Pidgin, MSN, YIM) and Facebook.

The victims receive a message from an unknown user, offering a link to a funny or interesting video. If they follow it, the malware in question downloads automatically from the linked site and is executed.

Nothing new here – as any one of the 10 or more articles I’ve  written over the years on using Instant Messenger applications safely will attest to. The following post (originally published September 4, 2010) will serve as a quick refresher on how to navigate the Internet safely while using an Instant Messenger client.

Tips For Using Instant Messenger Applications Safely

In a recent Symantec survey, which questioned computer users on the most likely routes cybercriminals use to drop malware on unsuspecting users, one resultant statistic made me sit up a little straighter. Just 3.9% of survey participants believed that Instant Messenger applications had a role in malware distribution.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), I was more than a little surprised at this unrealistic response.

The reality is, from a security perspective Instant Messaging applications can present considerable security risks. Security breakdowns can occur when these programs are used to share files, folders, or in some cases, entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware and scams.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with users who want real-time contact with each other and (no surprise here), this makes them the perfect vehicle for cyber criminals.

Hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL which connects to a website that downloads malicious code. Viruses, worms, and Trojans then typically propagate, by sending themselves rapidly through the infected user’s buddy list.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Cyber Crooks Taking Another Crack At Yahoo Instant Messenger

I’ve been known to  stare at my monitor, humming a few bars of  – “IM malware go away, and come back another day”, from time to time. Doesn’t seem to work though.  🙂 IM malware never goes away – it just fades into the malware background chatter.

Despite the fact that Instant Messenger malware (which has been with us since 2005, or so), doesn’t create much of a fuss, and seems to prefer to stay just below the horizon, it’s as dangerous as it’s ever been.

In business, when something works, why bother to reinvent the wheel. A little nip here; a little tuck there and hey – you’re still in business! No surprise then, when we see that cybercriminals subscribe to this business philosophy.

–   Yahoo Instant Messenger Under Attack Again or Still? (May 4, 2010)

It’s easy to forget about the risks associated with Instant Messaging precisely because of this lack of profile. Until, that is, IM malware comes knocking – hard – like now!

BitDefender’s, Bogdan Botezatu, reports in a recent Blog post, that Yahoo Messenger is currently under attack – and, taking a hard knocking.

From the Blog:

New Yahoo Messenger 0-Day Exploit Hijacks User’s Status Update…and spreads malware, of course!

A newly discovered exploit in version 11.x of the Messenger client (including the freshly-released 11.5.0.152-us) allows a remote attacker to arbitrarily change the status message of virtually any Yahoo Messenger user that runs the vulnerable version.

Since you’re an astute and educated user, none of this comes as a surprise, I’m sure. But, what about a typical user – would he/she be surprised, do you suppose?

Let’s take a look –

In a recent Symantec survey, which questioned computer users on the most likely routes cybercriminals use to drop malware on unsuspecting users – just 3.9% of survey participants believed that Instant Messenger applications had a role in malware distribution.

Unfortunately, the only surprise here is – this is not a surprise.

The harsh reality is, from a security perspective, Instant Messaging applications can present considerable security risks. So naturally, cyber-criminals use Instant Messaging as a primary channel to distribute malware and scams.

We’ve talked about IM security a number of times here, but with this ongoing attack, a quick refresher might be in order.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs.

The risk here goes beyond malware, as sadly, they could come into contact with undesirable individuals. The risk is low of course, but……..

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software, Parental Control Bar,  to help you do just that.

BTW, you can hum “IM malware go away, and come back another day”, to the new version of that old familiar tune – Rain Rain Go Away.   

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Tips For Using Instant Messenger Applications Safely

In a recent Symantec survey, which questioned computer users on the most likely routes cybercriminals use to drop malware on unsuspecting users, one resultant statistic made me sit up a little straighter. Just 3.9% of survey participants believed that Instant Messenger applications had a role in malware distribution.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), I was more than a little surprised at this unrealistic response.

We’ve talked about IM security a number of times here, but this recent statistics indicates, a quick refresher might be in order.

The reality is, from a security perspective Instant Messaging applications can present considerable security risks. Security breakdowns can occur when these programs are used to share files, folders, or in some cases, entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware and scams.

Just a few days ago, for example, a Trend Micro analyst discovered an IM variant of the “Solve the IQ test”. Had he followed the instructions, he could have let himself in for a series of monthly charges of $9.99–$19.99 a month, automatically added to his cell phone bill.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with users who want real-time contact with each other and (no surprise here), this makes them the perfect vehicle for cyber criminals.

Hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL which connects to a website that downloads malicious code. Viruses, worms, and Trojans then typically propagate, by sending themselves rapidly through the infected user’s buddy list.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs.

The risk here goes beyond malware, as sadly, they could come into contact with undesirable individuals. The risk is low of course, but……..

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software, Parental Control Bar,  to help you do just that.

Readers with younger children, please read, KidZui – Free, Safe Internet Browsing for Kids, on this site. This guest writer article, by Silki Garg of the Internet Security Blog, provides a comprehensive review of KidZui.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Yahoo Instant Messenger Under Attack Again or Still?

A new variant of an old Yahoo Instant Messenger Worm spreading fast.

In business, when something works, why bother to reinvent the wheel. A little nip here; a little tuck there and hey – you’re still in business! No surprise then, when we see that cybercriminals subscribe to this business philosophy.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, etc, are wildly popular with users who want real-time computer contact with each other, and so, they form a perfect attack vector for malware distribution.

Symantec, along with a number of other security providers, are warning users of Yahoo Instant Messenger specifically, they are being targeted by a new variant of an old IM Worm, identified by Symantec as W32.Yimfoca.

(Graphics courtesy of Symantec)

If you are a Yahoo Instant Messenger user, you need to be particularly cautious, at the moment, in saving what appears to be a JPG or GIF file, but in fact could easily be this malicious executable.

This threat drops a worm which will lead to the attacker taking control of the victim’s computer. Additionally, the Worm is programmed to attack those in the victim’s contact list.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), the following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however, do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: “Keep Your Kids Safe With Free Parental Control Bar”.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Avoid Worms – Instant Messaging Tips

I wrote earlier today about a new worm currently circulating on the Internet, which Panda Security identifies as the MSNWorm.GU.

This worm uses MSN Messenger, and other chat applications, to spread. It infects systems silently, and without any visible symptoms.

Infection occurs when the victim clicks on a download link contained in a message received from a contact. Clicking on the link installs the worm on the target system, and the infection begins.

So, is there anything unusual about this worm; is it just a one off occurrence? Not at all – instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware. In fact, recent statistics indicate almost 50% of worms use instant messaging applications to spread.

Regrettably, from a security perspective these applications can present considerable security risks. Security risks increase  substantially when these programs are used to share files, folders, or in some cases even entire drives.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however, do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: “Parental Control Bar”

On the whole, the best protection against Instant Messaging threats involves having good antivirus and firewall protection to guard your security at all times. Elsewhere in this Blog, you can read an article on free security software and download those you might find useful.

Click here: “Best Free Security Applications”

For information on how Skype has become open to scamming, read the article Skype says I’m infected with malware … by my tech wizard friend Techpaul.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

YouSAB – The Best Way to Surf Anonymously

This is a guest post by Patrick Holm, in which he explains the benefits of YouSAB, a Secure VPN & VOIP messenger service, which is particularly effective for users living in countries that censor Internet content.

After reading Bill Mullins blog Iranian Surfers Downloading Anonymous Surfing Tool, I made a comment on our new service that can be used by Iranian web surfers (and other web surfers living under repressive regimes), to ensure them they can use the internet without fear of reprisal from government bodies.

These comments prompted Bill to invite me to describe our new software in the guest blogging section, which I have gratefully accepted.

After living and working in the IT industry, in Dubai, for the last 8 years, (which has censorship of Internet content), some of my colleges and I, managed to create VPN software to allow freedom for all on the internet.

After encouraging responses from the YouSAB community, we formed a company called YouSAB Ltd, in alliance with the payment gateway provider Gulhmes Ltd, to provide a VPN service which is a little different from other VPN providers.

What is the YouSAB community?

YouSAB is a Secure VPN & VOIP messenger service that enables users to access and interact with their social and business peers, through totally secure downloadable VPN software.

Originating from a vision of freedom and security, YouSAB was born out of a desire to fundamentally change the way people communicate.

YouSAB Ltd, and Gulhmes Ltd, veterans of the Internet payment security and high tech security industries respectively, joined together to create an easy to use, consumer-centric, truly converged peer-to-peer service, enabling its users to take control of their on line security from one single place on their computer.

One of the main purposes for the development of YouSAB community was to take a conventional VPN set up, and provide more usable features the ‘every day person’ can use to remain safe while online, at a fraction of the industry price.

What is the difference between YouSAB messenger and other VPN providers?

One of the main differences of the VPN messenger compared to other VPN providers is; VPN messenger has taken the highly secured method of VPN and added an additional layer of security protection using proxy Dynamic TCP tunnels Network, so if the VPN network was ever comprised, Internet users would have the safety of a proxy network to keep them anonymous at all times. Coupled with these two layers of protection are a whole host of features that really make YouSAB Messenger stand out from other VPN providers.

These include the following:

A platform where YouSAB community users can use two forms of communication, VOIP and Messenger texting.

YouSAB messenger, as the name suggests, allows all of its users to invite and build a buddy list of all their YouSAB contacts that they wish to communicate with, via VOIP and messenger. All members’ accounts have in built VOIP and messenger features, so users can use both forms of communication to contact their business, or social contacts across the VPN network.

Both methods are highly secured, and both are totally anonymous to the outside world, with no third party monitoring communications. We have had several independent reviews of the speed of the service, and download quality is very acceptable and voice quality is comparable to Skype, and Call serve PC-PC. YouSAB accounts also have profiles where users can post business or personnel information about themselves, if they wish.

Once connected to the VPN network, you are provided with uncensored internet use, and a non traceable IP address.

YouSAB messenger unblocks all your favorite websites, which are deemed, unsuited for viewership by your Employer, Internet Service Provider or country Government E.g. VOIP providers, and Unblock Facebook. It also gives you a bogus IP address, which is non-traceable, even to a highly experienced hacker.

This program really works well for users who are using unsecured Wi-Fi hot spots, or people who want to file share without fear of authorities tracking their activity.

Prepaid card facility that allows to you purchase credit to use the service for as low as 3 Euro, minimizing the risk versus a yearly, or monthly, payment subscription.

The YouSAB messenger network, with its advanced features, was originally designed with the business network in mind. This was to assist in business activity at a fraction of the cost of normal VPN business networks. After been encouraged by good response from the public, based on YouSAB’s ease of payment, we decided to offer it to the public.

YouSAB is a micro pay as you use service, and is controlled by the payments solution provided YouSAB Intercard. This service is a highly secured form of collecting payments and it works in conjunction with the popular online merchant PayPal which handles all payments.

Intercard payment solution controls the debits, or credits, to and from your YouSAB messenger account. Intercard is responsible of providing a clear and transparent service so you are able to understand at all times, what you have been charged, to the nearest micropayment.

Without getting into the complex workings of Intercard, the basic numbers that you need to be aware of are:

100 units of Intercard credit, is equal to 1 euro. This will allow you 40 hours of using your YouSAB messenger service.

Intercard will deduct 0.125 units every 3 minutes that you use the service, so you can be sure that you are getting value for money at all times.

YouSAB offers you different values of Intercard credit which are:

300 units which will give you 120 hours of use for 3Euro

500 units will give you 240 hours of use for 5 Euro

1000 units will give you 500 hours of use for 10 Euro

One of the best features of using Intercard is; you can use it to carry out balance transfers to and from your Intercard account. This feature was introduced as a test bed for our soon to be released online money exchange bureau, that users will be able to use to exchange online currency at favorable exchange rates e.g. PayPal to Web money.

These are just three main features for the YouSAB community, but we continue to work from feedback from our users (which we welcome), to further improve the service, so we that we can all retain our privacy while online.

Hope you liked the article, and if you want to download the software freely to test, you can do so here.

For further information checkout my site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Instant Messenger Clients – How Safe?

Fellow Blogger TechPaul, has advised his readers this morning, that chat messages are scaring users into installing malware in his article – Skype Phishing Returns. If you use Skype chat, or for that matter any other chat application, you need to be aware of this information.

This presents an opportunity to re-run a popular article previously posted on this site, setting out the precaution we all need to take when using any type of chat client.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with users who want real-time contact with each other.

But, and there always seems to be a “but” lately – from a security perspective these applications can present considerable security risks. Generally, security risks occur when these programs are used to share files, folders, or in some cases even entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware.

As Wikipedia explains it, hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL that connects him or her, to a website that then downloads malicious code. Viruses, worms, and Trojans typically propagate by sending themselves rapidly through the infected user’s buddy list.

Follow these tips to ensure you are protected when using instant messaging.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs.

The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals. The risk is low of course, but……..

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software, Parental Control Bar,  to help you do just that.

For readers with younger children, please read, KidZui – Free, Safe Internet Browsing for Kids, on this site. This guest writer article, by Silki Garg of Internet Security Blog, provides a comprehensive review of KidZui.

Steal Your Friends’ Instant Messenger Passwords – No Kidding!

The use of instant messaging for rapid communication, as opposed to voice contact, is a phenomenon that I must admit, has never appealed to me.

The reality is however, that programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular.

If you are an IM convert what would you think if you came across an application that advertised as follows? –

“Apheve Pro is a great piece of software which contains a key feature of disguising as multiple instant messaging services including Windows Live Messenger, Yahoo! and Skype. This program would be perfect for if you have the annoying visitor coming round who wants to sign in to their IM account”.

Pretty cool, huh? Imagine, a free application designed specifically to help you steal Instant Messenger logins including MSN Messenger, Yahoo IM and Skype as mentioned in the blurb above.

On the other hand, like me, you might feel disgusted, revolted, or just plain pi**ed off that such a piece of obviously illegal software is freely available on the internet.

There is nothing to be gained by describing how this piece of crap works. It is sufficient to say that it works; and it works far too well!

Since this application can be deployed in diverse locations including the workplace, schools, libraries, and so on, it is obviously a very dangerous hacking tool.

As I have said numerous times on this site, from a security perspective these applications can present considerable security risks. We can now add one more.

Follow these tips to ensure you are protected when using instant messaging.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Instant Messaging Safety Tips

I’m always amazed when I see my younger friends communicating with each other using instant messaging applications. Their use of instant messaging for rapid communication, as opposed to voice contact, is a phenomenon that I must admit has never appealed to me.

I excuse myself on this one by convincing myself that I’m an ancient fossil; after all my computing experience goes all the way back to the dark ages of MS-DOS 1. Not quite the days of the Dinosaurs; but close.

My comfort zone in communications is a telephone, used the old fashioned way for immediacy, or email where immediacy is not an issue. The reality is however, that programs such as MSN Messenger, Yahoo! Messenger, AIM, and a basket full of other IM applications, are extremely popular with the younger generation, like my younger friends, who want real-time contact with each other.

Regrettably, from a security perspective these applications can present considerable security risks. Generally, security risks occur when these programs are used to share files, folders, or in some cases even entire drives. Instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware.

As Wikipedia explains it, hackers use two methods of delivering malicious code through IM: delivery of virus, Trojan, or spy ware within an infected file, and the use of “socially engineered” text with a web address that entices the recipient to click on a URL that connects him or her, to a website that then downloads malicious code. Viruses, worms, and Trojans typically propagate by sending themselves rapidly through the infected user’s buddy list.

Follow these tips to ensure you are protected when using instant messaging.

Don’t click on links, or download files from unknown sources. You need to be alert to the dangers in clicking on links, or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files, or links are genuine. Remember, if you click on those links, or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords, and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Protect personal and confidential information when using IM. Revealing confidential or personal information in these types of conversations, can make you an easy target for Internet predators.

For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs.

The risk here goes beyond malware, as sadly, they could come into contact with undesirable or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: Parental Control Bar

Safety Tips For Instant Messaging

Programs such as MSN Messenger, Yahoo! Messenger, AIM, etc, are wildly popular with users that want real-time computer contact with each other. The danger, from an Internet security perspective, occurs when these programs are used to share files, folders, and in some cases entire drives.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), the following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message. Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable or even dangerous individuals. Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: Parental Control Bar

On the whole, the best protection against Instant Messaging threats involves having good antivirus and firewall protection to guard your security at all times. Elsewhere in this Blog, you can read an article on free security software and download those you might find useful.

Click here: Best Free Security Applications

For information on how Skype has become open to scamming read the article Skype says I’m infected with malware… by my tech wizard friend Techpaul.