The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.
In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5% of users ignore the warnings and download malicious trojans anyway.
Increasingly, instead of hacking the browsers themselves, cybercriminals are trying hack the people using them. It's called social engineering.
Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56% of all attacks included trojan horse programs.
Microsoft's own solution, SmartScreen Filter Application Reputation screening, introduced in IE 9, is designed to provide a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen