Phishing/Trojan Scams on The Rise

Phishing/Trojan Scams On The Rise

By Vickie J. Scanlon

There seems to be a decline in straight phishing scams-meaning that attackers are finding different methods to obtain the same gains they found with phishing but are now incorporating a Trojan. I give you a quick intro to what phishing is, as well as, what a Trojan is and can do to your system, before giving examples of what is hitting the Internet.

But before we go any further, we need to identify what phishing and a Trojan is-in simplest terms.

What is Phishing?

Phishing is where a sender send an email or text message with the sole purpose of enticing the receiver to unknowingly release personal information. The email will be from a company that you do business with on a regular basis. The email will entice you with a sense of urgency. The sender is hoping that you will not think twice about clicking on the link provided. Never click on the link.

What is a Trojan?

A Trojan is a program that "appears" legitimate. But when it is run, it can be used to locate personal information, make your system vulnerable to entry or it can be used to simply destroy programs or data on your hard disk. A Trojan is like a virus, except it does not replicate itself. It will stay in the computer doing damage or allowing somebody from a remote site to take control of your computer. Most times a Trojan sneaks in attached to a free game or some other utility that you have unwittingly downloaded.

What can Trojans do:

1. install keystroke logger- which captures your keystrokes
2. Looking for passwords on certain websites-they can either capture keystrokes or take
screen shots of the websites you visit.
3. Emails- getting people to click on a link that takes you to a
"malicious" website.

Now that you know what phishing is and what a Trojan is and what it can do, let me explain the phishing Trojan combo.

The Phishing/Trojan combo-Examples

The phishing Trojan combo has been around for a while, but it's utilization seems to be on the line. Below you will find two different examples.

Phishing with the Zeus Trojan

The Phishing/Zeus Trojan attack is aimed at Outlook Web Access users within organizations. The employee will see an email which they think was sent by the systems administrator, asking them to please modify their email settings.

Though the link may appear to be from the administrator it is not. The Access site is really from a site in Columbia, Romania, Russia or Chile.

The victim will download the file with the Zeus Trojan. The Zeus Trojan's job is simple to keep track of what the individual who download the file is doing.

Phishing and the Online Banking Trojan

Phishing and the Online Banking Trojan is hitting the Social Media arena. The Facebook/Trojan phishing scam objective is to get the user's account information. Once they enter their credentials the users are prompted to download an ".exe" file which is really a Zbot Trojan. Zbot Trojan is a "banking Trojan" that will look for personal banking information, login credentials and will perform key logging activities, as well.

How to Protect Yourself

1. Keep firewalls, anti-virus and anti-spyware programs up-to-date to help protect your computer from Trojans.
2. Regularly scan your computer for new viruses
3. All unsolicited emails should be treated with caution. Never click on the links or copy and paste the link into your browser. The click and paste routine will not protect you.

4. Most Trojans take advantage of vulnerabilities in Internet Explorer. If you are using Internet Explorer be sure you have the latest version of the software, have downloaded critical and security updates. Or use a different web browser.

And, last but not least, always be cautious about an email asking for personal information.

About the Author:

Vickie J Scanlon -- Visit her site at: My Affiliate Place for articles, affiliate deals on consumer and business computers, tech accessories, software and where to report your scams and more.