focus notes
Use email and websites safely! Introducing malware infection countermeasures
table of contents
malwareIt is intentionally createdmalicious softwarerefers to. Malware can enter a computer through various routes, restricting user usage, or causing financial damage. This time, we will introduce one of the multiple infection routes of malware.We will focus on emails and web sites that you use and visit frequently on a daily basis and explain the specific infections and countermeasures that can be taken.
What is malware?
Malware is software or code that is malicious or harmful.There are various types of malware, each with different infection routes and symptoms.
Examples include Trojan horses that sneak into computers disguised as safe and useful programs, and spyware that sends information about infected computers to external parties.
Examples of symptoms when infected with malware
What symptoms does your computer show when infected with these malware? For example:If the following occurs, your computer may be infected with malware.
- Your computer takes a long time to start, or stops starting.
- Data in the computer has been tampered with or erased.
- I've been sent an email I don't recognize.
- The website has been defaced.
- Personal information such as passwords and credit card information has been misused.
Malware infection route
The main infection routes for malware are:Email, websites, shared networks, external storage media such as USB and CDs, etc.is.
In the next chapter, we will introduce the causes and countermeasures for infection in email and websites, which we often use.
Measures to take when using email
Targeted attacks targeting specific organizations or individuals are increasing as one form of malware infection via email. Therefore, the title is interesting enough to make the recipient want to open the email, and the text is written in a way that makes the recipient want to click on the URL.
Why malware infections spread through email
Sending and receiving emails is a familiar means of communication for many of us. However, because we send and receive a large amount of emails every day, the hurdle for detecting suspicious senders and files tends to be low.
The reason why malware infections can easily spread through email is due to subtle tricks employed by the sender.For example, ``Subject and text that are likely to be of interest to the recipient,'' ``Sender's name pretending to be a related party,'' ``File names and icons have been crafted to look like document files,'' ``Vulnerabilities have been exploited and viruses have entered the operating system,'' etc. Application usage.
Characteristics of emails intended to infect malware
In IPA's ``Report on Analysis of Targeted Attack Emails,'' the conditions for email recipients to trust are
- Subject line that may be of interest to email recipients
- Address of an organization whose sender's email address is likely to be trusted
- Body related to subject
- Attachment file name that matches the content of the main text
- The attachment is a word processing document, PDF file, etc.
- A signature that includes the organization name, individual name, etc. that corresponds to ②
It states:
The content of emails that meet these conditions is often beyond doubt at first glance, and if the email is opened without realizing it is malware, it may lead to infection.In addition, there is a method in which not only opening the email but also clicking on the URL included in the email leads to a fraudulent site that is the source of malware infection.
In general, the source of malware infection is hidden in email attachments, URLs, and scripts within the body of the email, which can be intentionally induced to open and attack your computer.
Measures against infection via email
Here, we will introduce specific measures to prevent infection by email.
◆ Scan attachments for viruses
Recently, there have been virus emails that spoof their sender address,Even if the name is familiar, we recommend scanning the attachment for viruses before opening it.The email may not only be from a known sender, but may also appear to be from a provider or a business that may be related to you. Be sure to scan for viruses before opening attachments.
Check the format of the email
If the email meets any of the following criteria: "The subject and body of the email are written in poor Japanese," "The sender or company is unknown," "The content is unrelated to your work," "The content obviously tries to get you to open the attachment," or "The email uses exaggerated keywords such as [Important Notice], [Urgent], [Urgent], or [Important]," it may be a source of malware.Refrain from opening files easily.
Measures to take when visiting websites
Malware targets vulnerabilities not only in the target computer, but also in websites. Attacks exploit site vulnerabilities to deface legitimate sites and spread infection to users.
Characteristics of websites intended to infect users with malware
The following types of sites are likely to be infected with malware:
◆Defaced website
By tampering with a legitimate site, for example, when a user visits the legitimate site,An invisible trick allows users to access fraudulent websites at the same time.etc., it may become infected with malware.
◆Phishing scam site
It poses as a financial institution, auction site, etc. and tricks you into entering personal information.The entered personal information may be misused to cause malware infection or fraudulent remittances.
◆Junk blog
the userAttract people with information that might interest them and guide them to fraudulent sitesIf the user accesses it, they may be infected with malware.
Types of sites to watch out for
The following types of sites are said to be easy targets for attacks due to their vulnerabilities and large number of users.
- dating
- Adult
- Content that claims to make money
- Shopping sites and sweepstakes sites
- blog
Of course, I can't say that this is the case in all cases, but please be careful.
Measures against website-based infections
The basic countermeasures are the same as those for infection by email. In addition, please pay attention to the following points when visiting the site:
- Set your browser's security level to high
- Carefully read warning messages sent by the OS and security software
- Cancel any unintended download requests
Casual actions can lead to malware infection
How was it? Such as attracting the user's interest or arousing anxiety to encourage them to open the email, or directing them to a website that may be infected.Malware infection methods are quite sophisticated.If you accidentally click on something without checking carefully when using it, it could lead to infection.Know the characteristics of emails and websites that may be infected with malware, and check them thoroughly.Use the Internet safely and securely.
-
What is a cyber attack? Explaining the types and examples
-
How many cyber attacks occur in Japan and what are their purposes?
-
What is unauthorized access? Explanation of damage details, causes, and countermeasures
-
Cyber attacks are increasing rapidly in Japan! Consider the reason
-
Invisible cyber attack! Introducing its visualization and countermeasures
-
What is the Unauthorized Access Prevention Act? Introducing applicable cases and measures to be taken
Achievements left behind
48 years since its establishment.
We have a proven track record because we have focused on what is important.
It has a long track record in both the public and private sectors.
Number of projects per year
500 PJ
Annual number of business partners/customers
200 companies
Maximum number of trading years
47 years
Total number of qualified persons
1,870 people