I remember that when I was in school, my Dad bought me a computer which was a Pentium 2 powered desktop. I invited most of my friends out of curiosity to have a look at my desktop. In those days there was a software that was given to me by one of my cousins from Canada. I must say it as a program, that once was run use to display some messages saying YOUR ALL DATA IS BEING DELETED AND THE SYSTEM HAS CRASHED. My friends use to run the program somehow and I use to scare the hell out of them. It was a prank and indeed included lots of fun. What I want to convey here is that such software or malicious programs are known as scare wares and are used by many hackers to cause anxiety and threat to the people.
Scare wares or better to call them as fake softwares are indeed the bitter reality for the consumers around the globe nowadays. A good example is of fake antivirus softwares, the cyber criminals use social engineering to install a malicious code on the computers of the consumers. Once this code is installed, it starts displaying fraudulent alerts with fake messages. Below are such screenshots displaying fake messages.
The people usually fell into the trap due to the fact they get scared enough after reading such messages. These alerts prompt users to visit such websites to buy and download fake softwares to clean threats which never exist.
For cyber criminals, it is a lucrative business to threat people and steal their money by prompting them to buy fake softwares. This class of malwares scans the computers and comes up with a collection of junk files and data. To prove their legitimacy, these softwares will have names such as:
1. Internet defender
2. Security shield
3. Smart internet protection
4. Malware protection 2012
These malwares can also cause further distress among the users. They can interfere with the normal functioning of the system. They will terminate the processes, for example it will never allow you to run task manager. They can also force web re-directions where in as each and every time you try to access a web page you will be re directed to some or the other link. These softwares are also infamous for downloading further malwares like banking trojans or rootkits etc.
So, we can conclude here that scare ware malwares will be an ongoing problem which will continue due the fact that it involves monetary gains for the cyber criminals.
I was curious to find out weather my Cyberoam can take care of these scare wares. But, first of all I wanted to know what all features I have at my disposal to protect my users against such malwares.
Here is my verdict after some long testing:
1. Cyberoam's anti-virus engine is fabulous, I really mean it. I was not able to download any of the malicious software. I think nothing can be said more about it.
2. Secondly, I went ahead and enabled the Anti-Pharming feature of the Cyberoam, after which Cyberoam re resolves the DNS for the URLs with the DNS server configured in the appliance itself. This is by far the best way of protection against the redirectional links, directing the users to malicious websites instead of the original website.
3. On further research, I hit a couple of very interesting web categories, "SpywareandP2P" and "PhishingandFraud". I am not sure how the guys at Cyberoam do the categorization, but believe me it is really effective. I found several websites being denied by the Cyberoam when I applied them.
By the way I refered to http://www.spywarewarrior.com/rogue_anti-spyware.htm#products for testing purpose. You can try the same to test Cyberoam's capabilities in protecting your network.
Scare wares or better to call them as fake softwares are indeed the bitter reality for the consumers around the globe nowadays. A good example is of fake antivirus softwares, the cyber criminals use social engineering to install a malicious code on the computers of the consumers. Once this code is installed, it starts displaying fraudulent alerts with fake messages. Below are such screenshots displaying fake messages.
The people usually fell into the trap due to the fact they get scared enough after reading such messages. These alerts prompt users to visit such websites to buy and download fake softwares to clean threats which never exist.
For cyber criminals, it is a lucrative business to threat people and steal their money by prompting them to buy fake softwares. This class of malwares scans the computers and comes up with a collection of junk files and data. To prove their legitimacy, these softwares will have names such as:
1. Internet defender
2. Security shield
3. Smart internet protection
4. Malware protection 2012
These malwares can also cause further distress among the users. They can interfere with the normal functioning of the system. They will terminate the processes, for example it will never allow you to run task manager. They can also force web re-directions where in as each and every time you try to access a web page you will be re directed to some or the other link. These softwares are also infamous for downloading further malwares like banking trojans or rootkits etc.
So, we can conclude here that scare ware malwares will be an ongoing problem which will continue due the fact that it involves monetary gains for the cyber criminals.
I was curious to find out weather my Cyberoam can take care of these scare wares. But, first of all I wanted to know what all features I have at my disposal to protect my users against such malwares.
Here is my verdict after some long testing:
1. Cyberoam's anti-virus engine is fabulous, I really mean it. I was not able to download any of the malicious software. I think nothing can be said more about it.
2. Secondly, I went ahead and enabled the Anti-Pharming feature of the Cyberoam, after which Cyberoam re resolves the DNS for the URLs with the DNS server configured in the appliance itself. This is by far the best way of protection against the redirectional links, directing the users to malicious websites instead of the original website.
3. On further research, I hit a couple of very interesting web categories, "SpywareandP2P" and "PhishingandFraud". I am not sure how the guys at Cyberoam do the categorization, but believe me it is really effective. I found several websites being denied by the Cyberoam when I applied them.
By the way I refered to http://www.spywarewarrior.com/rogue_anti-spyware.htm#products for testing purpose. You can try the same to test Cyberoam's capabilities in protecting your network.
No comments:
Post a Comment