Quantcast

Beware of Viruses When Looking for Love Online

By Gene Quinn on February 13, 2009

PC Tools, a leading security software vendor with offices in Sydney, San Francisco, London, Shannon (Ireland), Melbourne, Kiev, and Boulder,  today issued a warning  to caution Internet users that virtual venues for dating, social networking, and adult entertainment all present dangerous digital risks from computer viruses, spyware and phishing, and with Valentine’s Day tomorrow the holiday is likely lead cybercriminals and cyber-vandals to attempt to cause serious damage.  PC Tools is urging the digitally active consumer to use comprehensive behavior-based security protection against love-themed Web 2.0 threats this Valentine’s Day.

A recent study from Web of Trust of 19 million web sites, adult websites pose the single most significant security threat for Internet users. In fact, out of all the websites Web of Trust deemed dangerous, 31% of them specialized in adult content. The study found that consumers who visited these sites were at increased risk from threats like spyware, viruses, and browser exploits such as drive by downloads and phishing attacks, with the intent of stealing an individual’s identity or depleting their bank accounts.

On Valentine’s Day, cybercriminals most commonly target the love-struck and single, using a range of phishing and socially engineered techniques that deliver Valentine’s and love-themed infected files or emails and messages with affectionate invitations to visit websites which attempt to gain access to a consumer’s PC. Often, infected systems are used as a tool in identity theft or financial loss – many victims wake up the “morning after” to find their identity stolen and bank accounts drained.

The new breed of digitally active online consumers also faces the risk of being infected through Digitally Transmitted Diseases (DTD’s) such as the new worm PC Tools first reported on January 23, 2009. With Valentine’s themed titles such as “meandyou.exe,” and “onlyyou.exe”, Waledac worm victims can be infected through links distributed in email or instant messages that redirect consumers to exploited websites that allow cybercriminals to gain control over the user’s computer. Like all infections, a DTD has the potential to spread to everyone the victim knows via unauthorized access to address books within their email client, social networking or instant messaging applications.

PC Tools researchers this week identified that Waledacmakers are distributing links to new malicious websites. Clicking on an image on one of these pages results in a download of various names: loveprogramm.exe, ecard.exe, postcard.exe, lovekit.exe, mylove.exe, runme.exe, loveexe.exe. While the files themselves are obfuscated to conceal their malicious intentions, Waledac makers are coercing users to download a file by offering a kit to create a Valentine’s Day flash e-card.

Recent examples of DTD outbreaks illustrate the variety of sophisticated methods cybercriminals have used to attack at Valentine’s Day. In 2008, PC Tools, through its ThreatFire community, identified the Valentine’s Storm, a threat delivering “withlove.exe” and other Valentine’s Day themed executable names as attachments within email messages containing subjects such as “I would dream” and “Memories of you.” In 2007, PC Tools also discovered Cyber-Lover, a software bot that flirted online on social networking sites while phishing for victims’ personal information and personal banking accounts.

PC Tools has launched an online Doctor’s Surgerywhere in-house security expert “Dr. Greene” will answer consumers’ computer security questions and help them stay safe online in anticipation of a surge of Internet threats around Valentine’s Day.  PC Tools is also offering some tips and tricks to playing safe online for the digitally active. PC Tools is also recommending the “digitally active” take a DTD test to determine their exposure to risk. 

The Author

Gene Quinn

Gene Quinn is a patent attorney and the founder of IPWatchdog.com. He is also a principal lecturer in the PLI Patent Bar Review Course, which helps aspiring patent attorneys and patent agents prepare themselves to pass the patent bar exam.

Gene’s particular specialty as a patent attorney is in the area of strategic patent consulting, patent application drafting and patent prosecution. He has worked with independent inventors and start-up businesses in a variety of different technology fields, but specializes in software, systems and electronics.

is admitted to practice law in New Hampshire, is a Registered Patent Attorney licensed to practice before the United States Patent Office and is also admitted to practice before the United States Court of Appeals for the Federal Circuit.

Gene is a graduate of Franklin Pierce Law Center and holds both a J.D. and an LL.M. Prior to law school he graduated from Rutgers University with a B.S. in Electrical Engineering.

You can contact Gene via e-mail.

Warning & Disclaimer: The pages, articles and comments on IPWatchdog.com do not constitute legal advice, nor do they create any attorney-client relationship. The articles published express the personal opinion and views of the author and should not be attributed to the author’s employer, clients or the sponsors of IPWatchdog.com. Read more.

Discuss this

There are currently 1 Comment comments.

  1. marshallIT February 13, 2009 3:35 pm

    Ha, all the dating language we’re using to describe the lack of protection is pretty funny — DTDs, and what-not. Too bad there’s no virtual condom; as with most things, self-control is the best medicine for staying safe. Problem is, unlike in the real world — where it’s at least a little easier to distinguish predators from peeps who have a genuine interest in you — most of the hot spots don’t come with any encryption. That means no matter what, you’re exposing a vulnerable side of yourself in a community like twitter.

    My advice — use the https WHENEVER possible, this goes for mail, twitter, whatever. It’s easier to tell when you’ve lost control and navigated off to some dubious site. Unfortunately no mail sites or social networks have implemented extended validation yet, but when they do (and right now on existing ecommerce sites) keep your eyes peeled for when that green url bar changes. A little common sense and a little general security knowledge can go a LONG way. Happy V day!