1. Home
  2. Virus targets the social network in new fraud twist

Virus targets the social network in new fraud twist

[email protected] (Agencies)
August 18, 2013

Virus_targetsBoston, Aug 18: In the world of cyber fraud, a fake fan on Instagram can be worth five times more than a stolen credit card number.

As social media has become increasingly influential in shaping reputations, hackers have used their computer skills to create and sell false endorsements - such as "likes" and "followers" - that purport to come from users of Facebook, its photo-sharing app Instagram, Twitter, Google's YouTube, LinkedIn and other popular websites.

In the latest twist, a computer virus widely used to steal credit card data, known as Zeus, has been modified to create bogus Instagram "likes" that can be used to generate buzz for a company or individual, according to cyber experts at RSA, the security division of EMC Corp.

These fake "likes" are sold in batches of 1,000 on Internet hacker forums, where cyber criminals also flog credit card numbers and other information stolen from PCs. According to RSA, 1,000 Instagram "followers" can be bought for $15 and 1,000 Instagram "likes" go for $30, whereas 1,000 credit card numbers cost as little as $6.

It may seem odd that fake social media accounts would be worth more than real credit card numbers, but online marketing experts say some people are willing to spend heavily to make a splash on the Internet, seeking buzz for its own sake or for a business purpose, such as making a new product seem popular.

"People perceive importance on what is trending," said Victor Pan, a senior data analyst with WordStream, which advises companies on online marketing. "It is the bandwagon effect."

Facebook, which has nearly 1.2 billion users, said it is in the process of beefing up security on Instagram, which it bought last year for $1 billion. Instagram, which has about 130 million active users, will have the same security measures that Facebook uses, said spokesman Michael Kirkland.

He encouraged users to report suspicious activity through links on Facebook sites and apps.

"We work hard to limit spam on our service and prohibit the creation of accounts through unauthorized or automated means," Kirkland said.

KNOWING WHEN TO STOP

The modified Zeus virus is the first piece of malicious software uncovered to date that has been used to post false "likes" on a social network, according to experts who track cyber crime.

Fraudsters most commonly manipulate "likes" using automated software programs.

The modified version of Zeus controls infected computers from a central server, forcing them to post likes for specific users. They could also be given marching orders to engage in other operations or download other types of malicious software, according to RSA.

Cyber criminals have used Zeus to infect hundreds of millions of PCs since the virus first surfaced more than five years ago, according to Don Jackson, a senior security researcher with Dell SecureWorks.

That the virus is now being adapted to target Instagram is a sign of the rising importance of social media in marketing, and the increasing sophistication of hackers trying to profit from the trend.

Online marketing consultant Will Mitchell said he sometimes advises clients to buy bogus social-networking traffic, but only to get an early foothold online.

When asked about the ethics of faking endorsements, Mitchell replied, "It's fine to do for the first 100, but I always advise stopping after that."

He said one of his clients once bought more than 300,000 "likes" on Facebook against his advice, a move that Mitchell felt damaged the client's reputation. "It was just ridiculous," he said. "Everybody knew what they were doing."

Still, experts say schemes to manipulate social networks are unlikely to go away. Creating fake social media accounts can also be used for more nefarious purposes than creating fake "likes," such as identity theft.

"The accounts are always just a means to an end. The criminals are always looking to profit," said computer security expert Chris Grier, a University of California at Berkeley research scientist who spent a year working on a team that investigated fake accounts on Twitter.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 3,2020

Giving each and every app access to personal information stored on Android smartphones such as your contacts, call history, SMS and photos may put you in trouble as bad actors can easily use these access to spy on you, send spam messages and make calls anywhere at your expense or even sign you up for a premium "service", researchers from cybersecurity firm Kaspersky have warned.

But one can restrict access to such information as Android lets you configure app permissions. 

Giving an app any of these permissions generally means that from now on it can obtain information of this type and upload it to the Cloud without asking your explicit consent for whatever it intends to do with your data.

Therefore, security researchers recommend one should think twice before granting permissions to apps, especially if they are not needed for the app to work. 

For example, most games have no need to access your contacts or camera, messengers do not really need to know your location, and some trendy filter for the camera can probably survive without your call history, Kaspersky said. 

While decision to give permission is yours, the fewer access you hand out, the more intact your data will be.

Here's what you should know to protect your data.

SMS: An app with permission to send and receive SMS, MMS, and WAP (Wireless Application Protocol) push messages, as well as view messages in the smartphone memory will be able to read all of your SMS correspondence, including messages with one-time codes for online banking and confirming transactions.

Using this permission, the app can also send spam messages in your name (and at your expense) to all your friends. Or sign you up for a premium "service." You can see and conrol which apps have these rights by going to the settings of your phone.

Calendar: With permission to view, delete, modify, and add events in the calendar, prying eyes can find out what you have done and what you are doing today and in the future. Spyware loves this permission.

Camera: Permission to access the camera is necessary for the app to take photos and record video. But apps with this permission can take a photo or record a video at any moment and without warning. Attackers armed with embarrassing images and other dirt on you can make life a misery, according to Kaspersky.

Contacts: With permission to read, change, and add contacts in your address book, and access the list of accounts registered in the smartphone, an app can send your entire address book to its server. Even legitimate services have been found to abuse this permission, never mind scammers and spammers, for whom it is a windfall.

This permission also grants access to the list of app accounts on the device, including Google, Facebook, and many other services.

Phone: Giving access to your phone means permission to view and modify call history, obtain your phone number, cellular network data, and the status of outgoing calls, add voicemail, access IP telephony services, view numbers being called with the ability to end the call or redirect it to another number and call any number.

This permission basically lets the app do anything it likes with voice communication. It can find out who you called and when or prevent you from making calls (to a particular number or in general) by constantly terminating calls. 

It can eavesdrop on your conversations or, of course, make calls anywhere at your expense, including to pay-through-the-nose numbers, Kaspersky warned.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 6,2020

The Covid-19 pandemic has made an unprecedented impact on the Indian businesses, particularly small and medium enterprises (SMEs) and startups. According to a joint survey by FICCI and Indian Angel Network (IAN), the pandemic has hit the businesses of around 70% startups.

With uncertainty in the business environment and an unexpected shift in priorities of the government as well as corporates, many startups are struggling to survive, it says.

In a nationwide survey on the 'Impact of Covid-19 on Indian Startups' involving 250 startups, 70% participants said their businesses had been impacted by Covid-19 and around 12% had shut operations.

The survey shows only 22% startups have cash reserves to meet the fixed cost expenses over the next 3-6 months, and 68% are reducing operational and administrative expenses.

Around 30% of the companies said they would retrench employees if the lockdown was extended too long. The 43% startups have already started 20-40% salary cuts over April-June.

Over 33% startups said investors had put the investment decision on hold and 10% said the deals had been scrapped. Only 8% startups had received funds as per the deals signed before Covid-19 outbreak, the survey revealed.

The reduced funding has forced startups to put a hold on business development and manufacturing activities, which has resulted in loss of projected orders.

The survey highlights the need of an urgent relief package for startups, including possible purchase orders from the government, tax relief and swifter tax refunds, and immediate fiscal support measures, including grants, soft loans and payroll grants.

Besides 250 startups, 61 incubators and investors also participated in the survey.

While 96% of investors accepted that their investments in startups had been impacted by Covid-19, 92% said their investments in startups would continue to be low over the next six months.

Around 59% investors said they would prefer to work with the existing portfolio firms in the coming months. Only 41% said they would consider new deals.

"A comparison of priority investment sectors before and during Covid-19 shows 35% investors are now looking at investments in healthcare startups, followed by EdTech, AI/Deep Tech, FinTech and Agri," said the survey.

Around 44% incubators surveyed said their day-to-day operations had been considerably hit by Covid-19. Most incubators are now supporting their portfolio firms by providing them virtual platforms to interact with mentors, investors and industries.

Dilip Chenoy, FICCI Secretary General, said, "The startup sector is stressed for survival at the moment. The investment sentiment is also subdued and is expected to remain so in the coming months. Lack of working capital and cash flows may lead to major layoffs over the next 3-6 months."

Indian startups needed an enabling ecosystem and flow of funds to continue operations, the survey said.

Padmaja Ruparel, President, Indian Angel Network & Co-Chair of FICCI Startup Committee, said, "In these uncertain times, as investors, we must play an important role to provide the Indian startups funding, mentoring and hand-holding support to stay afloat and come out at the other end of this crisis."

To that end, IAN recently announced a debt fund to help IAN portfolio companies raise working capital and ensure business continuity by partnering with debt providers.

This must be replicated on a wider scale, so a larger number of startups are provided the capital support to make it during these tough times, Ruparel said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 18,2020

Thiruvananthapuram, Mar 18: To raise awareness about protective measures against coronavirus, Kerala Police released a dance video on the State Police Media Centre's Facebook page promoting the washing of hands, here on Tuesday.

In the video, the police officers were seen dancing to the tunes of Kalakkatha from the Malayalam action-drama thriller Ayyappanum Koshiyum while demonstrating the right technique for washing hands.

The video gained over 27,000 likes and over 2,400 comments and more than 33,000 netizens shared the video.

The video has received a positive response with users congratulating Kerala Police for the initiative.

"Congrats Kerala police media for this kind of initiative," one user commented on Facebook. Another user thanked the police in the comments section saying, "Super super thanks to KL (Kerala) police."

The number of people who have tested positive for the coronavirus in Kerala is 25.

The total number of confirmed COVID-19 cases in India has reached 147, including 122 Indians and 25 foreign nationals, said the Ministry of Health and Family Welfare earlier today.

Globally, the virus has infected more than 184,000 people and killed more than 7500, as per the data available on the World Health Organisation website.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.