How to Avoid Midterm Election Malware
U.S. midterm elections are about one week away and malware makers are seizing the opportunity to plant malicious software in linked elements associated with searches for this year's candidates.
Cybercriminals are attaching malware to online stories and images of candidates–Republican and Democrat alike– running in both national and state elections scheduled for November, according to CyberDefender Research Labs, a software security firm.
Utilizing a variety of search terms to unleash malicious attacks, cybercriminals are exploiting consumer interest in candidate platforms and debates. The more popular a candidate is, the higher the risk of encountering malicious links in search results. CyberDefender Research Labs highlighted the following examples:
Christine O'Donnell: Searches for Delaware's Republican candidate for senator using the keyword phrase "Christine O'Donnell Delaware" led to an infected Google search image result. This image result was attached to a browser specific URL that dropped either a Trojan downloader or a fake antivirus security tool.
Meg Whitman: Searches for California's Republican candidate for governor using keyword "Meg Whitman" also led to an infected Google search image result. Numerous images re-directed searchers to fake Firefox update pages where usersare asked to download a malicious Trojan file or a fake Adobe player.
Jerry Brown: Searches for California's Democratic candidate for governor with the keyword "Jerry Brown" can also lead to infected Google search results. Images of Brown re-direct to a fake antivirus scan page that encourages the user to download a fake antivirus program called "Security Tool."
So what is a politically curious citizen to do? First off, start with the official national or state Website for your party. For instance, Democrats in New Mexico may start at www.democrats.org , select the "Elections" tab, click on the state of New Mexico, select Diane Denish for Governor, and click "Website" on the right hand side of the page to go to Diane's official site.
Likewise, Republicans may start on www.gop.com, scroll down to find a link to their state of New Mexico, select "Candidates" on the state site, click on Susana Martinez for Governor and arrive at Susana's official site.
Search for election news from within well-known news sources or sites linked through the official party sites.
Check all website URLs carefully before clicking, and do not click on any sites where the candidate's name is misspelled.
IE browser safety
Internet Explorer users should make sure Microsoft SmartScreen Filter is turned on. Click the gear icon in the upper right side of the IE window, select "Safety" and check that the filter is activated. This is also a good time to download Microsoft's Malicious Software Removal Tool. Select the "What is SmartScreen filter?" from the filter activation box. A help and support window will open. Scroll down to find the removal tool link. The tool is compatible with Windows 7, Vista, XP and 2000.
Lock up search results on Google
Before viewing images in Google Image search, update the Google "Search Settings" under "Safe Search Filtering" by enabling the "Use strict filtering" option. You might want to take Google security filtering a step further by locking SafeSearch. Click the "Lock SafeSearch" link under the SafeSearch section.
Once activated, the strict filtering will apply to anyone using the same Web browser and computer as you.
Malware tool for advanced users
Malware comes from many sources and may be difficult to detect. An election year provides cybercriminals with additional resources for spreading their malware. For instance, a keylogger program will silently record your every keystroke and send it out for analysis by cybercriminals who hope you've typed in personal information like your social security number along with bank account information.
If you are an advanced user, consider running a program such as Trend Micro's HijackThis to help detect areas in your computer that may have been modified by malicious software. HijackThis does not determine what is good or bad. The program generates a report that displays a list of areas on your computer that may have been changed by spyware.
It takes an expert to interpret the results. Post the scan on a forum such as bleepingcomputer.com where volunteer experts help interpret HiJackThis scan results and recommend which files to remove. No guarantees, but the volunteers are both thorough and knowledgeable. Be prepared to run a number of removal programs, post detailed logs and follow directions to the letter. As I said, this is only for advanced users or those with abundant patience who would like to avoid a $100 remote expert fee.
- Stealth Malware Steals and Imitates Social Behavior
- How to Make Computers Easier on the Eyes
- 10 Things You Must Know About Malware Infections