Last week I received a distress call from one of our clients. The client’s email account had been hacked. The attacker changed the victims’ password and wrote e-mails to the victim’s friends and relatives that she was in some trouble and in need of money. The attacker then requested her contacts to send them money through one of the mobile phone money transfer services.
Fortunately the team located the spyware, removed it and deleted the infected account from the mail server. They also took time to send apology messages that negated the attacker’s messages to her contacts. Unfortunately, some had already sent money. They shared their story to keep our readers informed.
Cyber conmen are an emerging trend in Kenya. This kind of attack is on the rise both locally and internationally. The attackers are using – among others spyware such as Zeus Trojan. They infect computers with the malicious software. Once your computer is infected they steal your personal data like email account passwords, bank account and credit card codes.
In Kenya, spyware attacks will increase as the availability of high-speed broadband internet rises.
How does infection occur?
An estimated 50 per cent of computer attacks globally are attributed to Zeus Trojan. This is because a pack of Zeus Trojan is freely downloadable from the internet. They then search the world wide web and find vulnerable computers. The most vulnerable computers are the ones that do not have their firewalls turned on.
Unsuspecting internet users often install it spyware while using their computers at home or at work. One of the most common infection methods is by opening attachments sent via e-mail. These attachments instruct users to perform some tasks related to their email accounts. The Trojan is quite persistent and often sends a second email stating something like, “Sorry you have not completed this procedure.” Users need to be sensitized so that they can recognize this ill-intended email.
Another way computers are infected is via browser security loopholes while you are surfing the web. Some sites are dangerous in that they have Trojan Spyware and Malware embedded in their HTTP cookies. A HHTP cookie authenticates, and remembers specific information about users. Set your web browser such that it only accepts cookies for trusted sites for example your bank’s website.
Zeus Trojan attackers have also started using social networking sites such as Facebook and Twitter and instant messengers by instructing user to download some software upgrade or urging them to join a particular game. Do not accept unknown requests.
How to protect yourself
Zeus Trojan recreates repairs and updates itself. Most malicious codes changes their recognition signatures so that they by-pass various prevention measures such as anti-virus and anti-spyware that are not up to date.
Ensure that your Firewall is turned on.
Set your browser to accept cookies only from trusted websites.
Install an anti-spyware and an anti-virus on your home and office computer. A good anti-spyware such as SpyHunter can help detect and remove different spyware including Zeus Trojan.
Update the anti-spyware and ant-virus as frequently as possible, this can be daily or weekly.
About Zeus Trojan
1. Zeus Trojan is a malicious code that does not require an IT administrator account to install. Any user can install it and become infected.
2. Zeus Trojan can steal private information from secure sites.
3. Zeus Trojan activities are not logged in the computer process list. This makes it difficult to detect it unless you have a good anti-spyware.