In a new study on the safety of instant messengers ' Kaspersky Lab ' tells the difference between ICQ- spam from normal and why criminals want even ' ugly ' UIN. Meanwhile today runetchiki simultaneously began to report failures in the ICQ, the same problem faced half of the wording ' Vebplaneta ' - instead of connecting the program again and again prompts for the password.
There have been three of the most popular types of illegal activities in the field of instant messengers: stealing passwords (to the messenger himself ), the spread of malware, spamming.
Unlike e-mail the experts ' Kaspersky Lab ', in ICQ implemented the ability to search for companions of interest made to the contact information of users. This allows an attacker to produce mass mailing, designed to target audience.
The number of unwanted messages received by the user per unit time, depends on the ICQ- number. At the six-digit number in the middle comes 15-20 spam per hour, and many of them contain references to the Trojan-PSW. Win32. LdPinch. Unremarkable nine-digit numbers are 10-14 such messages a day, a ' beautiful ' - is 2-2.5 times higher.
Theme of the ICQ- spam is very different from the subject of spam e-mail. If the e-mail about 90% of spam messages advertising various products and services, the share ICQ on such proposals have less than 13%. In general, the spam in ICQ typical entertainment focus, which is quite logical: this channel is generally not used for business communications, and the lion's share of its users are young people.
However, in most cases, to protect themselves from danger, the user does not even need sophisticated anti-virus software, just head on his shoulders. Of course, there are errors in the messengers themselves ( in ICQ 6. x, for example, it was possible to execute arbitrary code due to the vulnerability associated with the processing of HTML-code, in the new assemblies are fixed), but often requires a user action, basically - go to the link.
' Kaspersky Lab ' advice to ignore the references to ' breaking news ' and offers to download a program that opens up to the user unprecedented horizons (eg, registration of an arbitrary ICQ number, or PIN-code generation for prepaid cards provider ).
In addition, experts do not agree with the lazy people who say, ' I'm on the computer still is not anything important '. Even the owners ' ugly ' and valued UIN passwords to lose him, but at the same time e-mail passwords, passwords to FTP- client, online games, and bank accounts.
Attackers can be applied to even the ' unimportant ' accounts. At the site, access to which is obtained through a hacked FTP, add a malicious iframe, but on behalf of the user sent a message to all of its IM- contacts with the request to borrow a couple of WMZ.
...
