19 May 2014

Deceptive downloads and ransomware have become major security threats

Microsoft has found that cybercriminals are turning to deceptive tactics for malicious purposes in order to steal personal and financial information. In the last quarter of 2013, the number of computers that had to be disinfected as a result of deceptive tactics more than tripled, the company found.

The increase in deceptive tactics corresponds with a 70% decline in the number of severe vulnerabilities exploited in Microsoft products between 2010 and 2013.  “Keeping cybercriminals on the run requires a robust security strategy,” said Tim Rains, Director, Trustworthy Computing, Microsoft. “The safest houses don’t just have locked doors, they have well-lit entry points and advanced security systems. It’s the same with computer security—the more we layer our defenses the better we are at thwarting attacks.”

According to Microsoft’s new data, one of the most common tactics used was deceptive downloads. These downloads were identified as a top threat in 95% of the 110 countries/regions that Microsoft’s data examined.

The top three deceptive threats in Singapore during the fourth quarter of 2013 were:

· Rotbrow,
a family of trojans which install browser addons that supposedly protect users from other addons;
· Brantall, a family of trojans which download and install other software; and
· Obfuscator, which hides the purpose of other malware.

Cybercriminals lure their victims with deceptive downloads by bundling malicious software (malware) with legitimate downloadable content such as software, music or videos found online. The impact is often not seen right away. Infected machines often continue to function, and the only observable signs of the malicious download might be a slower computer or unexpected search results popping up in a browser.

Ransomware is another deceptive practice that continues to affect people and can be devastating for those victimised by it. 

Ransomware often pretends to be an official-looking warning from a well-known law enforcement agency. It accuses its victim of committing a computer-related crime and demands they pay a fine to regain control of the computer. The top ransomware threat encountered globally increased by 45% between the first half and the second half of 2013.

In light of this new information, Microsoft advises customers keep themselves protected, including by: using newer software whenever possible and keeping it up to date, only downloading from trusted sources, running antivirus, and backing up files.

Microsoft's cybersecurity report is released twice a year, and analyses data from more than a billion systems worldwide as well as from some of the busiest online services. Key findings from Volume 16 of the report includes new data from the second half of 2013.