We sent this email out to customers as most of them don't follow security trends on the Internet. We have posted it here with links to the sites we refer to:
We're writing this very plain email without any links to warn people of the current high level of virus, malware and cybercrime activity on the Internet at the moment. We don't even want to place links in here to click on, because the message is to be extremely vigilant about clicking on website links in email!
In the past month we have had thousands of hacking attempts, across every CMS or database driven site we host, so far only two sites have had problems which have been fixed, and we continue to keep a close eye on all our sites. These attacks are very complex and range from attempts to exploit vulnerabilities through to bulk password attacks and attempting to use email forms to send spam. You can find out a lot of information about what is currently happening by visiting "Dancho Danchev" and reading his articles on his own blog and on several news sites like ZDNet. Over the last six months we've seen the highest levels of activity and the most sophisticated methods for propogation ever!
The short story is that hundreds of thousands of sites have been infected over the past few months and continue to become infected every day. The latest threat is in the form of a newsletter containing links from CNN, and if you follow the links to the hacked sites, it prompts you to install a Flash Player, falsely telling you that yours is out of date. The next part is even worse, as described from the Computer World website where we found the information on this issue:
QUOTE: One distinguishing feature of the attack, Masiello added, is the endless loop it uses to frustrate victims. If user clicks "Cancel" in the dialog that prompts for an update, another pop-up appears, said Masiello, that tells the victim that they have to download it to view the video. Clicking "Cancel" there returns the user to the first dialog.
"It puts you in this perpetual loop, so your only options are to kill your browser [session] or be browbeaten into installing it," said Masiello.
Another quote from comments of one victim:
QUOTE: "And 4 more of my users clicked on the links in these emails today even though they 1) never signed up for CNN emails, 2) saw that the from address was bogus, and 3) saw that the links were to a third party site."
Once the malware makes it onto your machine, it joins the network of compromised machines known as a "botnet", a network of robot computers in other words. Some of these botnets are tens of thousands of machines strong at their peak, all of them trying many different ways to infect more computers. The key here is to never install a Flash Player unless you do it via the Adobe(.com) website.
So please be extra careful, ensure your virus software and operating system is up to date, and don't click on anything unless you know for sure you can trust the site. Even then, if the site link is hidden, it might look like a trusted site and be a bogus one. We're placing this article on our own site in the blog section and we'll link to the references from there.
