Malware will spread through instant messaging
|By Leslie McFadden
What it is: Threats via instant messaging will hit the spotlight in 2007 says David Cole, director of Symantec Security Response, because more young people are using instant message rather than e-mail to communicate. Threats include getting spam instant messages or "spim" from strangers and even friends.
Paul Wood of MessageLabs explains that users may suddenly
get instant messages from someone on their buddy lists. It may say
something like, "Look at this great link." Seeing that
the message comes from a friend may put the user's guard down long
enough to click on a link and accidentally download malware. "People
don't take time to check with the person who sent it to them,"
Unfortunately, the friend may not
be behind the instant message. As Symantec's Internet Security Threat Report for
January to June 2006 explains, "The infection of one computer can result
in messages being sent to all users in an IM contact list on that machine, creating
the potential for rapid proliferation."
|Here's a real example of spim, or spam over instant
messaging. Notice that the link appears with no explanation of where the link
would navigate to if clicked on or why it has been sent to the recipient. If this
link was clicked on, malicious code would install on the user's PC.|| ||
courtesy of Symantec Corp.|
What's worse from a security standpoint, some instant
messaging clients allow their users to communicate directly with
friends belonging to different IM communities. For example, Yahoo!
Messenger users can import contacts who are using Windows Live Messenger
and send them messages without installing the latter's software.
Cole cautions that threats may start to hop from server to server.
What you can do: Don't trust
unsolicited instant messages. If a suspicious message -- say, a
sudden message containing only a link with a vague phrase -- comes
from a friend, verify that your friend, and not an IM bot or virus,
sent you a link. "Type a message back to the person who sent
it to you. Say, 'Why, what's there?'" says Wood. "See
if there's someone on the other end of that message."
As for getting instant messages from strangers,
Cole recommends changing your privacy settings to block instant messages from
anyone not on your list of friends. If you know someone is going to be sending
you a friend request, you can turn it back on, he says. "Generally I know
when someone is going to send me a friend request. It doesn't happen randomly."
someone sends you an attachment, save it to a folder and scan
it first, says Marcus.
You can also get anti-virus software
that works with instant-messaging clients, Wood adds. Read the product description
carefully so you know what you're getting.
||6 types of Internet scams on the prowl: