malware_analysis

This week’s blog will focus on malware sites and malware spam.  With the holidays quickly approaching, hackers are looking for creative ways to get you to download malicious content.  In addition to the normal adult themed, gibberish .coms, and legitimate sounding sites, we found a few with close misspellings of real and popular sites.  For example, a site seeking to trap those shopping at ‘Nordstrom’ used a close spelling of ‘Nordsrtom’.  Typing in an address too quickly can cause you to inadvertently download malware.  I suggest you use a search engine and follow the real link.

From the ePrism side, we continue to see low level shopping campaigns, with an expected ramp up early next week.  The vast majority of sites blocked over the past week were from known spamming servers.  These accounted for over 3 million emails blocked.

Many people are concerned, and rightly so, about data breaches over the past few months.  But let’s consider the problem from a different angle.  The reason that the stolen data is so valuable is because credit cards can be used without anyone checking if the card really belongs to them.  When was the last time someone asked for ID when you used a credit card at the supermarket? The gas station? Or ever when purchasing online?   Consider these tips when shopping in the future to limit your risks:

  1. Only use prepaid or low limit credit card for purchases.  Even if these numbers are stolen, the damage is more manageable over your $30K limit credit card.
  2. Use alternative methods of payment.  Apple Pay may be the way of the future.  Credit cards have been around since the 70’s.  The technological shift to new payment methods, that use more than one verification source, is far more secure.  Consider that even if you lose your phone, a thief could not access payment methods without your finger print.  Europe does something similar with their credit cards.  When a card is used, a pin is sent to the user’s cell phone for authentication.  Without the new pin for each purchase, the card is useless.
  3. Use cash.  Although you may not get the credit card “bonus points”, small retailers my offer a better discount when paying in cash.

Have a safe and happy Thanksgiving.  See you next week.


Mike Walls is Managing Director, Security and Operations and Analysis at EdgeWave. While on Active Duty in the U.S. Navy, Mike served as Commander Task Force 1030 reporting directly to the Navy’s Fleet Cyber Command, and was responsible for Cyber readiness of over 400,000 people, 300 ships, and 4,000 aircraft.  Comments and questions for Mike Walls are welcome: blog@edgewave.com