Web pages (particularly popups) can be dangerous
to your computer
It's easy to rig Web pages to
attack computers.
Web pages can do anything from
vandalizing
your computer to installing malware.
By extending
the original HTML concept, browsers
can now
access several program languages
-- Java,
Javascript, ActiveX and Microsoft
Word macros,
for example.
This means that Web pages (and HTML email)
can now include malicious code to be executed
by these powerful languages. They can install
spyware, adware, hijackers, dialers Trojans
or other kinds of malware. Often it all happens as the Web page opens,
you don't need to click any links.[where angels fear to click] [malware]
Browsers are designed to execute these languages
unless you change the settings. Your best
perimeter defense against the hazards of
HTML is to stay away from the risky Web sites.
Your best secondary defense is to use the
right system, and browser settings, and keep Windows and your browser
patched and up to date.
A growing threat
More spyware gets into computers
from popup
windows and other Web page chenanigans
these
days than from email attachments.
Those of
us us who frequently go online
have gotten
used to seeing popups or other
notices from
Web sites that advise us we need
additional
software to fix a problem, properly
view
a page, or some such malarkey.
(Yeah, like
I can really read Chinese characters
if they
were "displayed correctly".)
When asked if we want to download and install
the software, clicking OK can be a reflex
action. Spyware writers know this. They set
their bait, and a lot of us go for it (picture
a mouse with its neck in a trap at this point).
Sometimes, there's a tempting offer we can't
resist. It may be combined familiar graphics
or a look-alike Web address that makes it
look like something we can trust. You just
can't be too careful these days. There's
no limit to the deviousness these parasites
can come up with. Treat it like spam. If
you didn't ask for it, just ignore it.
I'm sure you know what a popup
window is.
They're irritating in the extreme.
Many of
them are devious in the extreme
as well.
Some can trigger serious trouble
for you
or your computer.
Example: You see a popup. It has an "X"
on it, so you click it to close the window.
That triggers the download and install of
malicious software. The software disconnects
you from your ISP, dials a $4.99 per minute
"premium service" and you end up
with a huge phone bill.
What happened? The "X" was fake
-- the whole window was just a graphic. Anywhere
you clicked was a link to the "drive-by
download".
How can you avoid drive-by downloads? A good
way is to prevent popups in the first place. If you do get a popup
though, close it using the "Ctrl-W"
trick. (As soon as it pops up, hold down
the Ctrl key and press the W key). That way
you won't trigger the download.
"Pop-up Downloads", AKA "drive-by
downloads" often appear as a small system
or security notice, and ask things like,
"Do you accept this download?"
or "Do you trust this software from...,
and do you want to install it?" It often
appears that if you don't, the content you
wanted won't be available. They're designed
to get a knee-jerk benefit of the doubt.
When you click the "Yes" button
the foistware is installed on your computer. [more]
That dialog box that pops up and claims you
need to install a plug-in to view special
characters, or to open the page, or to get
some great new whiz bang could also be a
trap. Even those that carry a widely recognized
name like Adobe Reader Macromedia Flash,
Shockwave, RealOne, etc. They could be fake. The best policy is to stop what's going
on, go to Adobe or whatever, download and
install the software, and then go back and
try the Web site again. Yeah, I know it's
a bother, but that's the price of being safe
instead of sorry.
Trick webpages
Counterfeit Web sites are used extract personal
information from people. Here, they are an
enabling vector -- the actual attack vector
is deception. Counterfeit websites look very much like
the the genuine websites they
imitate. You
think you're doing business with
someone
you trust. However, you're really
giving
your personal information, like
your address,
credit card number and expiration
date to
a rip-off artist.
These counterfeit Web sites are often used
in conjunction with spam. The spam message
usually is an urgent notice that you need
to straighten out some problem with your
account. The link you click takes you to
a Web site with an address that is very similar
to the legitimate one. Several banks, mutual
funds, PayPal, etc., have been used as templates
for these frauds. Once you get there, the
account number, password, expiration date
or any other information you enter goes directly
to the scammer.
Web mail is really just Web pages that give you access
to the contents of email messages. These
messages can be sent by anybody, so if the
message is in HTML format, it has the same
potential for mischief as any other Web page.
Of course you should follow the relevant
precautions for email and email attachments
as well when you're reading Web mail.
"Drive-By" websites surreptitiously
install malware that takes control of your
browser and steers you where they want to
go. Your best perimeter defense is to stay
away from risky websites -- gothic, warez,
crackz, gamer, cheat code, tres equis, and
sites of that ilk. Your secondary defense
is to use the right system and browser settings,
and keep Windows and your browser patched
and up to date. That may block installation
of the foistware.
Demonstration
There are all sorts of dirty tricks you can
do with Web pages. For example, there's a
simple way to include malicious content in
music or video files. All you need to do
is link to such a file, from a Web page,
the link can even be hidden. Download and
run example.mp3 -- you can trust me, I'm a grandfather --
to see a convincing but perfectly safe demonstration.
(*.mp3 is a popular compressed file format
used for music.)
You'll need to have Windows Media Player installed to play the sound and see the
results. In addition to the music, three
more browser windows will open -- unless
you have your security settings set too high.
These windows will just display some perfectly
safe content. If this little file can do
that, just imagine what a crook or malcontent
could do with a file they concoct.
|