Tag: Malware

Categories
Casserly Consulting Blog

The Most Devastating Hacks of 2018… So Far

bad_hack_2018_400.jpg

Network security is a crucial consideration for every contemporary business owner, as there are just too many threats that originate from an Internet connection to be overlooked. One only has to look at what businesses of all sizes have dealt with, even within this calendar year, to gain an appreciation for how crucial it is that every business owner consider their cybersecurity.

Here, we’ve assembled a few statistics and examples to illustrate just how serious the threat of cyberattack can be, hopefully inspiring you to prioritize your company’s network security. Consider these cybersecurity figures:

  • In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.
  • Nearly 1-in-3 organization have experienced some sort of cyberattack in the past.
  • Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.
  • 100,000 organizations were infected with the WannaCry ransomware (400,000 machines).
  • 5.4 billion WannaCry attacks were blocked in 2017.
  • The average monetary cost of a malware attack is $2.4 million.
  • The average time cost of a malware is 50 days.
  • Ransomware cost organization’s over $5 billion in 2017.
  • 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.
  • Phone numbers are the most leaked information.
  • 21 percent of files are completely unprotected.
  • 41 percent of companies have over 1,000 sensitive files left unprotected.
  • Ransomware is growing at 350 percent annually.
  • IoT-based attacks are growing at about 500 percent per year.
  • Ransomware attacks are expected to quadruple by 2020.
  • 7.7 percent of web requests lead to malware.
  • There were 54 percent more types of malware in 2017 than there were in 2016.
  • The cybersecurity market will be worth over $1 trillion by 2025.

If that wasn’t convincing enough, what follows is just an assortment of the attacks that 2018 has seen (as of July). To simplify things, we’ve organized them by the intended targets: public (like individuals and government bodies) and private (such as businesses):

Public
January

  • The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees.

March

  • Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta’s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million.
  • India’s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person’s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database.
  • Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn’t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event.

June

  • A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren’t able to respond to an active shooter situation.

Private
January

  • 280,000 Medicaid records were exposed when a hacker attacked the Oklahoma State University Center for Health Sciences. Among the information exposed were patient names, provider names, and full names for affected individuals.

February

  • An unsecured server owned by Bongo International, a company acquired by FedEx, leaked over a hundred-thousand files of FedEx customers. Some of the information leaked included names, drivers’ licenses, national ID cards, voting cards, and utility bills.

March

  • Orbitz, a travel booking site, fell victim to a security vulnerability that exposed 880,000 customers’ payment card information. There was also about two whole years of customer data stolen from their server.
  • French news site L’Express left a database that wasn’t password-protected up for weeks, despite being warned about the security issues regarding this.
  • 134,512 records regarding patients and financial records at the St. Peter’s Surgery and Endoscopy Center in Albany, NY were accessed by hackers.
  • MyFitnessPal, an application used by Under Armor, exposed about 150 million people’s personal information to threats.
  • The WannaCry ransomware claimed another victim in Boeing, which stated that “a few machines” were protected by Microsoft’s 2017 patch.

May

  • Thanks to Twitter storing user passwords in a plaintext file that may have been exposed by internal company staff, the social media titan had to force hundreds of millions of users to change their password.
  • An unauthenticated API found on T-Mobile’s website exposed the personal information of all their customers simply through the use of their cell phone number. The following information was made available: full name, address, account numbers, and tax IDs.
  • A bug found in Atlassian development software titles Jira and Confluence paved the way for hackers to sneak into IT infrastructure of several companies and one U.S. government agency.
  • Rail Europe, a popular server used by American travelers to acquire rail tickets, experienced a three-month data breach that exposed credit card information to hackers.

June

  • A marketing company named Exactis had 340 million records stolen from it, but what’s most shocking about this is that they had accumulated information about nearly every American out there. In response to the breach, there was a class action lawsuit made against the company.
  • Adidas’s website was hacked, resulting in a loss of a few million users’ personal and credit card information.
  • A hacker collective called Magecart initiated a campaign to skim at least 800 e-commerce sites, including Ticketmaster, for sensitive information.

Clearly, if these lists are any indication, companies of all sizes need to commit to maintaining their network security, holding it to a higher standard. For assistance in doing so, you can rely on the professionals at COMPANYNAME. We can design and implement security solutions to protect you from threats like these, and others that may rear their ugly heads. Give us a call at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Cryptomining is Inspiring Cybercrime

cryptomining_crime_400.jpg

Blockchain technology is mainly known for its use with cryptocurrencies. Even though the values of cryptocurrencies have leveled off after the incredible growth it has sustained over the past few months, users are still attempting to use cryptocurrencies to make a little bit of extra cash on the side. Of course, if there is money involved, you can bet that there will also be criminals and shady activity surrounding it.

Criminals love to take advantage of cryptocurrencies due to how much they value anonymity. Unfortunately for hackers, mining cryptocurrency legitimately can be expensive and take a long time. You even need dedicated computer hardware in order to do it, which creates substantial costs, like an increase in your power bill.

Due to how difficult it can be to mine cryptocurrency, a new threat called crypto-jacking has popped up. This type of malware hides on a user’s device and steals its resources for the purposes of mining cryptocurrency. This can lead to devastating results–a higher electric bill, lower device performance as a whole, and more wear and tear on your device’s components. This type of malware only works if the device accesses a compromised website. In the past, this threat would only work if the device remained on the website during the duration of the attack, but hackers have since found ways around this. Some infected websites have gotten so crafty that they can hide a pop-up behind the computer’s task bar, where it can remain for as long as the hacker needs it to.

Crypto-miners are also known for spreading this hidden code to all kinds of websites themselves, as well as through malicious browser extensions. This type of malware is has been found on a broad variety of different websites, like the United States Courts, the United Kingdom’s National Health Service, and the Australian state governments of Victoria and Queensland. It was found in a text-to-speech translation plugin used on these sites. Consequently, the developer of this plugin removed it from all sites as soon as it was discovered.

It’s incredibly important that your business pays attention to these kinds of events and trends, as they could create considerable issues for your organization’s operations. If you’re paying a lot of money for your business’ Internet solution, then hackers are taking advantage of all your bandwidth to pull a fast one on you. Cryptocurrency mining is one of those tasks that takes its toll on even the most powerful hardware, making it likely to shorten your technology’s lifespan. This ultimately costs your business in more ways than one.

Thankfully, there are ways that you can combat these attacks. Some browsers are incorporating anti-cryptocurrency measures, and some antivirus programs are making strides toward straight-up blocking crypto-jacking attempts in the first place. Furthermore, there are some extensions that also block crypto-mining and crypto-jacking scripts entirely.

COMPANYNAME can help you make sure that your IT solutions are running optimally, as well as securing your organization’s network from potential attacks. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Did You Know Your Router Can be Infected?

router_can_be_infected_400.jpg

A new type of malware is targeting routers in what is considered a large enough threat that even the FBI is addressing it. Even worse, a router isn’t necessarily a device that you think would be vulnerable to attack from a hacker. What can you do to keep your business’ Internet access points secure from hacking attacks? Let’s dig in to the details about what the VPNFilter malware does and how you can address it.

Explaining VPNFilter
The malware in question, VPNFilter, hides in routers for both individual users and small businesses with the intention of persisting even if the device has been rebooted. VPNFilter targets devices that are Ukraine-based most of the time, but others have been known to fall victim to this as well. It’s thought that the VPNFilter malware originated from a group called Sofacy. The malware itself takes three steps to become an issue for your organization.

The first is that the malware sets itself up so that it will persist even if the device is rebooted or turned off. The second stage of the attack consists of the malware installing permissions for itself to change router settings, manage files, and execute commands. This allows the router to essentially brick itself, leading to considerable connectivity problems. The final stage of this malware lets the hackers look at the data packets passing to and from the device, as well as the ability to issue commands and communicate through the Tor web browser.

The reason why the FBI recommends resetting your router is because the second and third steps are wiped when you do so, but the first stage remains regardless.

Is Your Router Affected?
While not all routers are affected, there is still a sizeable list of confirmed contaminated devices. Some of the affected brands include:

  • Asus
  • D-Link
  • Huawei
  • Linksys
  • MikroTik
  • Netgear
  • TP-Link
  • Ubiquiti
  • Upvel
  • ZTE

For a comprehensive list of affected devices, you can see specifics for each brand at Symantec’s website: https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware

How to Fix It
The best way to resolve these issues with VPNFilter is to perform a factory reset for your router, which completely deletes anything installed during the first stage of the threat. If the router’s manufacturer has administered a patch for the vulnerability, you can also install it following a factory reset so that you’ll never have to deal with this vulnerability again.

For more updates and tips on some of the latest threats, keep an eye on COMPANYNAME’s blog.

Categories
Casserly Consulting Blog

Your Router Can Host Some Pretty Nasty Malware

router_can_host_malware_400.jpg

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Slingshot
Slingshot works by replacing a library file with a malicious version that downloads more malicious components and then eventually launches a two-front attack on the computers connected to it. The first one runs low-level kernel code that gives an intruder free rein of a system, while the other focuses on the user level and includes code to manage the file system and keep the malware alive.

It is a very intricate attack that calls the nefarious code in from an encrypted virtual file system; managing to do so without crashing the host system, a feat not lost on the security experts at Kaspersky Lab, who deemed it a state-sponsored attack because of the quality of the overall attack and the complexity of its components. Reports suggest that the malware can basically steal whatever it wants, including keyboard strokes, passwords, screenshots, and information about network usage and traffic.

MikroTik has announced that they have patched the vulnerability on versions of their routing firmware, but concerns remain as no one is sure if other router manufacturers have been affected. If that were to come to fruition, Slingshot could be a much larger problem than is currently believed.

Other Instances
Slingshot isn’t the first instance of a router turning on its owner. Traditionally, router security is known to be largely unreliable. Much of this is on the manufacturers, which have been known to build many different products without having a strategy in place to keep them working with up-to-date security. It is also up to the user to keep their router’s firmware up-to-date – something that is very easy to not keep top-of-mind. Plus, some routers make firmware updates time-consuming and difficult.

To attack the network, hackers seek to change the DNS server setting on your router. When you try to connect to a secure website, the malicious DNS server tells you to go to an elaborately constructed phishing site instead. By spoofing the domain and rerouting you to a website that is specifically constructed to take advantage of you, you have very little chance of warding off the attack before it’s too late.

Hackers have also been known to inject all types of user hindrances such trying to perform drive-by downloads, or inundating users with advertisements. Many attacks make use of cross-site request forgery attacks where a malicious actor creates a rogue piece of JavaScript that repeatedly tries to load the router’s web-admin page and change the router’s settings.

What to Do If This Happens to You
The first thing you should do is work to ascertain if your router has been compromised. You can do this in several ways, but the most telling is that your DNS server has been changed. You’ll have to access your router’s web-based setup page. Once in, you have to visit the Internet connection screen. If your DNS setting is set to automatic, you are in the clear. If it’s set to “manual”, however, there will be custom DNS servers entered in the space. Many times, this is the first sign of a problem.

If you have been compromised, ensuring your router is set up to your manufacturer’s specifications will help you mitigate damage. To ward against this happening to you, you should always:

  • Install firmware updates: Making sure your router’s firmware is updated to the latest version will definitely help.
  • Disable remote access: Stop remote access to secure against anyone changing settings on your networking equipment.
  • Turn off UPnP: Plug and play can be very convenient, but your router could be affected through UPnP if there is any malware on the network since it is designed to universally trust all requests.
  • Change credentials: Changing your passwords are a simple way of keeping unwanted entities out of your router.

For more information about network and cybersecurity, the expert technicians at COMPANYNAME are accessible and ready to help you keep your network and infrastructure secure. For help, call us at PHONENUMBER.

Categories
Casserly Consulting Blog

Email Attachments are Schrӧdinger’s New Cat

Schrdingers_Cat_Lives_Dies_400.jpg

Have you ever heard of the physicist Erwin Schrӧdinger? He is most well-known for explaining a paradox related to quantum physics which involves a cat. Even though the theory behind Schrӧdinger’s cat is meant to explain something quite different, it can still be applied to a lot of different concepts. In particular, when explaining email security.

The thought experiment works as follows. The Schrӧdinger’s Cat scenario was created to strike down an interpretation of quantum mechanics that states an object can exist in all states but will revert to just one if it’s observed. As for Schrӧdinger’s experiment, a cat was hypothetically shut in a box with a small amount of radioactive material. This material had about a 50% chance of setting off a geiger counter. In this case, a hammer would smash a container filled with poison, killing the cat. If the Copenhagen interpretation is presumed to be correct, the cat would be both alive and dead until you see which one it really is.

At the time, Schrӧdinger’s cat was designed to challenge the Copenhagen interpretation, but a more modern version of this experiment can be seen in a business email solution. The primary topic associated with this line of thought is email attachments.

Spam and phishing emails are some of the more popular ways that cybercriminals use to spread their influence. The idea of how this ties into Schrӧdinger’s hypothetical cat involves approaching each email as both a normal message and a real threat at the same time. The only issue here is that there’s a lot more at risk with your business’s infrastructure than with a hypothetical scenario (no cats were harmed in the creation of this blog). After all, you don’t want to click on an email attachment unless you’re absolutely sure that it’s not going to cause problems for your organization.

Thankfully, there are ways that your business can protect itself from advanced threats that make their home attached to email messages, especially spam and phishing threats. Preventative measures like antivirus and anti-malware tools are great for keeping threats off of your infrastructure, and spam protection can help remove messages from your inbox before they become a cause for concern.

Your inbox needs to be secure, so why not do it the right way? To get started with network security solutions, call COMPANYNAME at PHONENUMBER today.

Categories
Casserly Consulting Blog

How to Spot Three Forms of Phishing Attacks

three_phishing_scams_400.jpg

One of the crazy things about hackers is that they will do whatever it takes to ensure that they steal as much information and sensitive data as possible. One of the more innovative ways that hackers spread threats is through spam. Unwanted messages have grown from simple annoyances, to the spread of unwanted software and malware, all the way to sophisticated attacks on targeted individuals known as phishing attacks. Do you have ways to secure your business?

Phishing attacks come in various shapes and forms. Here are some of the most common ways that hackers will use elaborate phishing attacks to scam your business, including phone calls, normal emails, and social media.

Phishing Calls
If you receive calls from strange numbers that don’t leave messages, there’s a solid chance that you could be the target of a phishing call. These messages are designed to target specific employees within your organization to coax information out of them. They might try to be from IT support to steal a printer model number, or perhaps they are hoping to steal usernames and passwords. Either way, the point stands that your organization contains lots of information that a scammer finds helpful.

It’s incredibly important that you teach your employees to know the difference between a fake phone call and a real one. Put them through the ringer when they call and try to guarantee their authenticity (or lack thereof). You should always cross-check contact information before giving up any information to anyone. When in doubt, simply don’t give away anything important.

Phishing Emails
While a phishing phone call will be pressuring your staff to make an immediate decision, a phishing email will likely give you more time to decide if you want to hand over information or commit to a decision. Tailor-made and customized phishing messages have risen in popularity with the intention of stealing specific information from a specific user. Often times, phishing emails will convince the user to click on a malicious link or download an attachment.

Implementing a spam filter and employee training exercises can go a long way to secure your company from phishing attacks. However, it’s still important to be able to identify the throwaway signs of spam and phishing. You should look for spelling errors or incorrect grammar, falsified information, and just about anything else that doesn’t necessarily belong. Still, phishing messages have become more elaborate than ever before, so make sure to consult security professionals if you truly can’t tell the difference between a real and fake message.

Phishing Accounts
It’s easy to use social media for bad purposes. Hackers can use them to attack their targets through the identity of someone else. A hacker can take on any identity they want, which makes phishing accounts even more difficult to identify–particularly if they have taken the identity of someone you might know. In general, just try to avoid messages that come out of the blue, and use your previous interactions with the sender to see if they are (or aren’t) who they claim to be.

Overall, just ensure that you approach potential phishing incidents with skepticism. It’s the best way to make sure that your business doesn’t fall to spam and phishing attacks. To learn more about how you can secure your company, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Cybercriminals Who Use This Malware Will Get A Nasty Surprise

ponzi_pyradmid_money400.jpg

Do you know what a botnet is and how it works? It’s basically a network of infected computers that can be used to perform Distributed Denial of Service attacks, overloading target networks and forcing them to endure downtime. They can also be used to distribute malware and other threats. What’s worse than this, you ask? Hackers can purchase botnets on the black market to use against their targets, but a new type of botnet strain is changing the way this works.

The black market is no stranger to sketchy sales. Users can pay with Bitcoin for the development of malware and other threats without knowing the first thing about hacking or technology. However, this convenience comes at a price, as any users of the new Cobian botnet now know. The malware involved–njRAT–surfaced in 2015 and includes a lot of terrifying features. Hackers can use a keylogger, webcam control, remote code execution, and even screensharing, just by shelling out some Bitcoins to a fellow hacker.

What these would-be hackers don’t know is that the developers include encrypted code which allows them access to the master control switch of the botnet. In other words, while users are purchasing their own botnets to use for whatever they want, full control of any botnets purchased is held solely by the developer of Cobian.

NakedSecurity describes the way that the botnet masks its presence, as well as how the threat activates when it’s time for its master to take over: “Cobian’s executable payload disguises itself as a Microsoft Excel file. Cobian’s secondary payload then checks to see if the second-level operator is online. If so, then the code that enables the author to acquire master control operates to evade detection. If the second-level operator is offline, the secondary payload acquires the address of the author’s command and control servers from Pastebin.”

It just goes to show that you can never trust a hacker–but you probably already knew that. This story should be a lesson for businesses that don’t suspect they are at threat of a hacking attack. If anyone can access threats like a botnet, you’ll need to step up your defenses to keep your business safe. COMPANYNAME can help with this task–to learn more, reach out to us at PHONENUMBER.

Categories
Security

These Police Officers Called for Backup… and it was Infected with Ransomware

b2ap3_thumbnail_police_ransomware_400.jpg The police exist to serve, protect, and enforce the law, but who can we turn to if even the cops are made victim of a cyberattack? This is the question the residents of Cockrell, Texas have to answer, as their police department fell victim to a ransomware attack known as the Osiris Ransomware.

Before you start to worry too much about this terrible new strain of ransomware, you should know that “Osiris” has been identified as a recent version of the Locky ransomware. The police department likely only referred to it as “Osiris” due to their encrypted files all sporting the extension “.osiris.”

This began as many ransomware attacks do; an on-screen message notified the police that their files had been locked, and would only be unlocked if the department paid up the demanded $4,000. As happens far too often, the ransomware was introduced into their system when a member of the department opened a spoofed email that appeared to be an official department communication. In keeping to best practices, the police’s IT department elected to restore the infected server’s files from a backup.

Unfortunately, the backup they had to restore from was taken after their systems had been infected, meaning that all they had were more locked and infected files.

This caused Cockrell authorities no small amount of trouble, as the encrypted files included years and years of photographic and video evidence to be used to prosecute cases. Time will only tell how much of an impact this will have on legal proceedings.

These events serve as a warning to all who rely on data in order to do their job, including businesses everywhere. It is essential to remember that your security is only as good as the people who are given access to your data. Furthermore, it reinforces the importance of keeping more than just one backup of your system. Backing up incrementally, and storing archived backups off site will usually safeguard a business from having the entire backup corrupted in the event of ransomware like this.

Reach out to us at PHONENUMBER so we can optimize your IT to protect you against ransomware and other critical issues.

Categories
Security

Rootkit Hacks are Nasty, But Preventable

b2ap3_thumbnail_rootkits_good_or_bad_400.jpg The challenge for business owners is that there are so many different types of online threats, it borders on impossible to protect themselves from all of them. All of these threats hold limitless possibility to ruin your organization’s operations, either short-term or long-term. One of the most common threats out there is called a rootkit hack, and it’s one that you certainly don’t want to mess around with.

Defining a Rootkit Hack
Rootkits are malware that sit on a device for extended periods of time, often undetected for weeks, months, or even years. In this sense, they are very similar to trojans, which hide on networks and are capable of dodging security tools like antivirus and firewalls. Rootkits, however, aren’t designed to allow for backdoor access at a later date (though they certainly could be capable of doing so). Instead, a rootkit focuses on giving hackers administrator permissions so they can access systems in a pseudo-”legitimate” manner. The unfortunate side-effect for the user is that everything they are using the infected computer to do is being intercepted and controlled by someone else, placing them at the mercy of the hacker.

What’s even more confusing is that not all rootkits place your business at risk. In fact, many organizations that provide technical support for IT assets use rootkits for remote access and maintenance. The problem is that rootkits allow hackers to steal information, which can lead to a disaster.

How a Rootkit Works
The first step in a rootkit’s exploitation is seizing administrator control. Once the hacker has done so, their options are limitless. They can perform tasks such as deleting important files, installing software (like spyware), changing programs, recording keystrokes, and so much more. Hackers could steal vital information like credentials, access logs, or other important data. Furthermore, rootkits are usually software-based, though hardware-based rootkits accomplish a similar role and are arguably easier to identify. Just look for any piece of technology that looks like it doesn’t belong.

How to Prevent Rootkit Hacks
Protecting yourself from hacking attacks doesn’t have to be hard, but the sheer amount of possibility involved with them can be daunting. Rootkits can make their way into your network through the use of infected downloads, phishing scams, malicious URLs, and countless other ways. Always check to ensure the authenticity of what you’re downloading, and make sure to stay away from potential outlets of malware or other sketchy websites known for spreading malicious software.

By keeping these security discrepancies in mind, and by maximizing your use of best practices, you can effectively keep exposure to threats at a minimum. An enterprise-level security solution also goes a long way toward keeping your business safe, along with a firewall, antivirus tool, web content filter, and spam blocker. These solutions all take preventative measures to limit exposure to threats, taking some of the difficulty out of managing network security.

What To Do
If something seems out of place with your computer, disconnect your PC from the Internet and all internal networks immediately. This prevents remote access control and data leakage from rootkit hacks, but most importantly, you isolate the problem so that it can’t spread. If you don’t know how to get rid of the problem, professional technicians like those at COMPANYNAME have your back.

To get to the root of all manners of cyber threats, reach out to us at PHONENUMBER.

Categories
Security

How Downloading Free Adware Can Lead to Malicious Crapware

b2ap3_thumbnail_downloading_unwanted_software_400.jpg One benefit of the Internet is that, if you search hard enough, you’ll likely find a free tool or app for virtually any common computing task. While certainly advantageous, freeware often comes with a hidden price, like having to also download additional, unwanted software, aka, “crapware.” If this freeware isn’t properly managed, it can wreak havoc on your system.

In most cases, the addition of crapware on a PC is obvious, like a browser toolbar suddenly appearing (that’s difficult to remove), or the addition of new antivirus software. Although, in cases where freeware is bundled with malicious crapware or adware, the unwanted applications are designed to be difficult to locate and remove.

How Does this Happen?
In most cases, the addition of crapware on a PC comes from the user being in such a rush to download the freeware that they don’t uncheck the option to also download the adware or crapware that’s bundled with the desired software. Essentially, it boils down to skipping over the fine print. To make matters more annoying, this practice is perfectly legal. After all, by leaving the box checked, the user agrees to the terms and services of downloading the software, which includes the installation of additional software.

In instances such as this, avoiding the spread of crapware can be as simple as making sure that every user on your network knows to uncheck this box when downloading freeware. Or better yet, banning altogether the practice of downloading freeware and unapproved software will almost guarantee that your network won’t become cluttered with unneeded and potentially malicious programs.

Why Does this Happen?
By now, every Internet user should understand that nothing online is truly free–take for example the plethora the free apps that make money by collecting your data and selling it to marketers. Similarly, many of the developers of freeware make money if they can “trick” a user into downloading the bundled adware or crapware. In some cases, developers have been known to make as much as $150 per install.

How Bad is It?
In a recent report by ZDNet, it was revealed that Google issues over 60 million warnings each week to users about the dangers of downloading potentially dangerous software. In fact, Google claims to issue more warnings for unwanted software than they do for malicious threats–three times more to be exact!

To better understand the nature of these software bundles, ZDNet cited a study where it was found “that 59 percent of bundles are flagged by at least one antivirus engine as potentially unwanted, and that some packages are built not to install when the presence of antivirus has been detected.”

You may have encountered a malicious app that originated from a freeware download if you’ve ever encountered a fake “system alert” when using your web browser. With this all-too-common scam, you’re presented with a fake security breach “requiring immediate action.” Often times, the recommended course of action involves the user unnecessarily transferring funds or control of their PC to the scammer.

How Can You Protect Your Business?
In addition to the aforementioned employee training, business owners will want to employ a network security solution that detects and blocks threats associated with downloading malicious software. With a content filter, spam blocker, firewall, and antivirus solution, a Unified Threat Management solution from COMPANYNAME is up for the task of keeping your business safe. Make sure that your company is protected from the worst of the web by giving us a call today at PHONENUMBER.