Spyware, Adware, Scareware, PUP's & Browser Hacking

People's browser's get hacked all the time.. Here's how they do it

Your adversaries in the cyber sphere pose threats to you and your business in many forms. They have a number of ways to cut you in. Below are some strategies hackers will use access your systems:

Spyware

Collects information and sends it back to the attacker. Hackers are studying your behaviour at this point for a more intentful attack futher down the line. They won't inflict harm directly during research mode. However, they may wish to compromise your privacy and anonymity depending on their motives. Spyware is ‘intelligence-gathering malware’. Corporations and hackers groups create these as well as governments.

AdWare 

Unsavoury software which pushes adverts upon you. It hijacks your default search engine to display ads in the browser. When you click on links, it directs you instead of where you wish to go. Adware is tricky as it actively resists efforts to remove it. Once it controls your browser, this is known as “browser hijacking”.

Pay close attention when installing particular software, especially if optional installs are included. These are in fact the browser hijackers. A 'tech-wise' move on your part would be to invariably choose custom installation as opposed to automatic. This prevents you from installing something you don't wish to install anyway, let alone malware which piggybacks its way in to your systems via the automatic download.

NOTE – Don't download software you didn't seek in the first place.

Scareware 

A form of social engineering meant to lead a person to believe a threat is real. A common one is fake security software insisting you have malware in your systems. It then asks you to pay to fix it. This con has been very successful in the case of personal anti-virus software identifying fake vulnerabilities, uploading reoccuring messages which fool people into handing money over to remove the supposed malware.

Potentially Unwanted Programs (PUP’s) 

Willingly downloaded applications with functions and behaviours which can be exploited against the user without their acquiesce. Common techniques to distribute PUP’s include piggybacking on user-accepted apps, social engineering, online ad hijacking, unintended installation of browser extensions, plug-ins, and forced installation along with legitimate apps. Police struggle as they don't display malicious behaviour which usually gets seized by security products. This story clearly demonstrates that some PUP creators are becoming more malevolent so PUP policies must be frequently renewed to ensure appropriate protection.

Online threats are cropping up in more and more insideous shapes and sizes. They're discreet but they are eventually destructive. Having robust technology is important; so is having a team of experts on side who can help to reduce your threat landscape - but it begins with equipping your staff with a little bit of digital savvy as they are your first 'barrier to entry' when it comes to protecting your business from cyber attacks.

Mitesh Patel

Managing Director

Mitesh Patel