Less than 24 hours after the earthquake in Chile, I began seeing reports that miscreants were using the latest national disaster as an opportunity to spread computer viruses. “Be careful…”, the news broadcasters urged, “…when making charitable donations over the internet. “ Evidently, what may appear to be a link to a charitable organization can actually be a link to your own personal computing disaster!!! One wrong click and these bogus websites can open your computer up to all kinds of malicious software, or malware. I’m dismayed…why do people do this? So, I did some research.
Malware is designed with the express intention of invading someone’s computer, operating system, network or application without their knowledge or consent. It includes a variety of program codes such as viruses, worms, spyware, adware, crimeware, Trojan horses, rootkits, stealware, and a whole slew of computer contaminants!
Early forms of malware were designed with the intention of being a mild prank or mere nuisance. Typically, young programmers designed viruses because they could, and not necessarily with the intention of doing harm. Evidently, they found entertainment value and personal gratification in seeing how far their program could be spread. Infectious programs as mere pranks are now being replaced with programs designed with hostile intent; vandalism, loss of data, and even extortion! There are far more examples of malicious software than I can begin to describe in detail here, but I do want to take a closer look at two types of programs being used to scam would-be-donors out of their generous contributions (like those wanting to give money to earthquake victims).
First are the outright fraudulent websites that have been created specifically for swindling money out of well intended individuals. They may look legitimate, and even refer to highly recognizable and reputable organizations such as the Red Cross. In reality, they have no affiliation and are fly-by-night hood-winkers ready to accept your donation and use it for their own financial gain. The FBI has published warnings about scammers like this.
Their suggestions include:
*Only open attachments from known senders.
*Make contributions directly to known organizations rather than relying on others to make the donation on your behalf to ensure contributions are received and used for intended purposes.
*Do not give your personal or financial information to anyone who solicits contributions: Providing such information may compromise your identity and make you vulnerable to identity theft.
This seems like common sense to me and it is hard for me to image that people easily fall prey to this type of scam.
Stealware, however, is and even more insidious program that basically transfers funds from the party it is directed to, to a third party. More specifically, “Stealware is software that modifies affiliate tracking codes, replaces affiliate cookies on a user’s computer or "overlays" links on a web site with another affiliates tracking link - resulting in payments going to another person or company. Originally designed to route commission or bonus payments earned for affiliate advertising, stealware is now being used to redirect funds intended for legitimate sites to less than scrupulous individuals.
Not only is the use of malware drastically on the rise, at the same time, it is getting more and more difficult to detect and prevent the spread of these intrusive programs. So how do we put a stop to, or punish those who seek to invade our computing existence with malicious intent? That's a subject for another article!
For more specific examples of why people write malware programs see “Why do People Write Viruses?”