An "Ebola virus" is infecting computers in the country and you better be prepared to fight it. Cyber criminals are exploiting the health scare over the Ebola outbreak to infect PCs with phising that talk about the epidemic but introduce mal ware.
These emails may come from recognizable or unidentifiable sources, but experts warn against opening them, let alone downloading any attachments.
How does it happen?
Attention-catching subject lines induce the receivers to read the messages. One example reads: "As a part of our drive towards ensuring a healthy and safe work environment coupled with management commitment to the prevention of Ebola Virus Disease (EVD) at home and in the office, The Security and Health Safety Team has declared Monday, 4th of August 2014 as Ebola Awareness Forum" and it's tagged "Stop Ebola now."
The message invites readers to view the attached slides attached. One, labeled 'Ebola Virus' has jpeg images and the other is a pdf zip file titled 'Ebola-Presentation'.
Mal ware is any software that spies on a computer and gathers sensitive information like your email account password. It includes viruses, worms and trojans.
"Every time there's a trending topic, hackers ride the wave to trap unsuspecting victims. It may be the FIFA World Cup, the Indian elections, Olympics, now Ebola. They will use it to grab eyeballs to help them install malicious codes on your computer," said Tarun Kaura, director, technology sales, Symantec India, which deals in anti-virus programmes.
What can mal ware do?
If an unsuspecting user opens the email the mal ware is automatically downloaded on the PC and can infect the system. It will steal sensitive information like the user name and password of the email account by capturing information that you type in real time and transmits this to the hacker.
Vijay Mukhi, cyber expert, explains, "In case you are carrying out internet shopping or banking transactions, the mal ware which is downloaded on your PC runs a programme every time you make transactions. It collects data such as your debit/credit card PIN and eventually transfers money from your bank account to an international account or can make transactions on websites using the identity of the victim."
What are cyber cops doing?
Cyber do not attack victims in their proximity. "They usually operate from different parts of the world. But the state or national cyber police do not have international jurisdiction. There is no international cyber force in place and thus the attackers barely get caught," says Mukhi.
"They have impersonated media sites like CNN to spread the Ebola scare. The user, who believes in CNN as a credible source, clicks on the link and the PC is infected. But CNN cannot sue the hacker as the identity is not known," he says.
How do you protect your PC?
Experts say users must keep their eyes and ears open and not click on any and every email received. "Anti-viruses help to block the download of suspicious files. However, hackers are improvising rapidly," warns Mukhi.
Kaura suggests using passwords that are stronger with a variation of characters rather than simple family names. "Also do not get lured to click on suspicious links," he says.