Current Events – Infections that begin with windshield fliers
Not all computer malware infections are done completely electronically. In recent events, cars in Grand Forks, North Dakota were tagged with “windshield fliers” which resembeled a parking ticket, stating they were violating the “standard parking regulations” and that in order to view more about their offense they must visit some URL online. This seems like quite the extent for one to go in order to infect ones computer, but often enough – it works.
The infection starts with a piece of paper with a link on it – that is intented to look like something that one must take a legal response to – being a parking violation. Once the user visits the link, it states that you must install a toolbar in order to view your specific offense & photos of it. Of course, it’s not a toolbar you are installing, but malware. This malware did various other things – such as popups and suggesting that you need an anti-virus scanner/software, which leads you to more malware/malicious sites etc…
There are many malicious things an adversary can do to your computer once it has access to it. It is getting this access that is the hardest part. This instance goes to show that attackers will go to strange length in order to gain access to your computer. Most infections are brought on by the user’s choice in one way or another though. A user clicking on a bad link or granting a malicious program permission to be installed and ran on your computer is an action the user takes – most the time not knowing the consequences, or that there are any underlying ones at all. If a user wants to protect themselves, they have options – they can install an anti-virus or firewall that will alert them (most of the time) when an application/web site is malicious or is trying to compromise your system without your approval. But this still doesn’t stop all attacks.. In fact, if a user wants 100% security against attacks to their computer, then simply not using it is one solution – not a practical one, but it’s a start. Not using the internet is another – but who can live without the internet?
The fact remains that in order to gain access to another’s computer, the easiest way to accomplish it is to have them let you in. By tricking someone into clicking yes to one administrative action they think does one thing, but that does something completely different – like allowing this administrative privledges to the attacker is by far one of the most frequent ways viruses and malware are introduced to ones computer.
So how can things like this be prevented? It is not often that a parking notice will get your computer infected. For one – the parking notices/tickets should be formal enough that one can notice a real one from a fake one. But not everyone can – which is what this attacker was banking on. Company employees and University students are being advised to not click on a link or allow something access to your comptuer unless you know exactly where that link/request came from. Lots of spam these days tries to suck one into “impulse clicking” in which you read the email, and get excited about the content, such as shopping or free content, and you without thinking click on the link.
The interesting thing about this attack is that it started at the physical level. Someone physically took the time to print the pieces of paper, and walk through parking lots placing them on windshields. We as humans are gullible, and attackers are clever at crafting enticing ways to lure a user into their malicious-ness.