Of all the various types of stories we cover on this blog, I find computer hacking schemes to be the most fascinating. Maybe it’s because I was once the victim of computer hacking. I find this story particularly interesting because I can recall working on my computer and being directed to “fake websites.” For example, when I log into my email account, the url address should begin with “https” – “s” being important as this means when you type in your password, you should be on a secure site. Not only was the “s” missing, but the url address was unfamiliar to me. Banks will also use secure sites for entering your password. I didn’t catch this the first time and was directed to an email page that looked like it had been designed by a 7th grader.
I have since installed a monitoring software that includes a firewall where you can set your own preferences. It tracks all activity on my computer and you can save the activity in logs.
I realize we all have enough to track in our busy lives, but if you suspect your computer’s behavior is a bit “off,” you may want to watch the url address bar just to see if something doesn’t look right to you. This “Click-Fraud Scheme” story isn’t an identical situation to my experience, but I share it because it is along the same lines – computer hacking. Hackers will use various means to gain your personal information or money. It seems like we are constantly hearing of new, creative methods being used by these crooks to gain access to computers.
A band of Estonian and Russia cybercriminals infected at least 4 million computers worldwide with a virus and used a complex ad click-fraud scheme to pocket $14 million, federal authorities alleged Wednesday.
Consumers caught up in the scheme — including at least 500,000 victims in the U.S. — were unaware that their everyday Web browsing contributed to the scheme. When infected users visited popular Web sites like Apple’s iTunes, Netflix, ESPN.com or WSJ.com, advertisements in the sites were replaced by ads controlled by the hackers, earning them illicit gains through advertising affiliate arrangements. The scam is sometimes called “advertising replacement fraud.”
The same virus also altered search engine results so consumers who clicked on some links were rerouted to websites designated by the defendants, which triggered payments under advertising contracts.
In one example cited in the indictment, a user who clicked on a link for the Internal Revenue Service after searching for “IRS” at Yahoo.com was instead redirected to an H&R Block tax preparation website.
The malicious software also prevented victims from connecting with their antivirus software providers and updating their software, so the virus would evade detection.
The suspects face 27 charges, including wire fraud and computer intrusion. Government computers, including at least 100 computers at NASA, were infected in the scheme, the indictment alleges.
When consumers type in typical Web addresses, such as www.msnbc.com, that address is converted to a numerical Internet Protocol address utilizing a trusted Domain Name Server on the Internet. But files located on each local computer can tell a victim’s machine to get their DNS information from a different computer on the Internet. The computer criminals infected computers in 100 countries, directing them to loop for DNS information from a set of hacker-controlled machines in Chicago and New York, according to the indictment. This enabled to criminals to serve up rogue ads and earn commissions no them.
The FBI has more details about the allegations on its website. It also wants to hear from consumers who think their computer is infected and offers a tool for testing your Internet connection on that site.
Standard, up-to-date antivirus software should detect the virus.
Read full story@ msnbc