A recently released study by cybersecurity firm Damballa revealed that many companies are ignoring clickfraud malware, leading to serious infections on enterprise machines. Clickfraud malware is a type of malicious software that surreptitiously clicks on ads on a compromised device in order to defraud advertisers. While this may not seem like a big problem for most businesses, the presence of clickfraud malware on an enterprise device is a major sign that more serious security problems are on the way.
"210,000 computers are infected with clickfraud malware every day."
According to Stephen Newman, chief technology officer at Damballa, instances of clickfraud malware have become increasingly frequent in 2015. Nearly 32 million active infections were spotted by the company in just the first half of this year, equaling about 210,000 infections every day. Once a machine has been compromised, it is connected to a larger botnet that uses the device to send out more malware and commit more acts of cybercrime like sending out ransomware. The hackers behind these attacks can change what they are using a compromised device for in a very short amount of time; one threat analyzed by Damballa researchers saw criminals install three additional clickfraud infections as well as a CryptoWall in less than two hours.
Phishing emails increasingly lead to malware infections
While malware can infect a device through a variety of methods, this particular strain is installed through a malicious link in a spear phishing email. Targets are sent an email with convincing language and are tricked to click on a link inside the message that installs the malware without the computer user knowing. Once the malware is downloaded, the compromised device is connected to the Asprox botnet, which gets updates from its command and control center that includes a separate malware downloader as well as a rootkit and clickfraud installer. Once the malicious software has taken hold of a computer, a CryptoWall is also installed which encrypts all of the files on a machine in just a matter of seconds, making them inaccessible to their rightful owners. As if all of that activity is not scary enough, the malware is capable of moving on to other parts of a network and perpetuating the cycle on new machines once the program has killed its initial host.
"As this report highlights, advanced malware can quickly mutate and it's not just the initial infection vector that matters, it's about understanding the chain of activity over time," said Newman. "The intricacies of advanced infections mean that a seemingly low risk threat – in this case click fraud – can serve as the entry point for far more serious threats."
Malicious emails are becoming a serious problem for enterprise security.Protect critical IT assets by using FoIP
As social engineering techniques become more convincing and harder for computer users to spot, many companies are feeling helpless in the fight against phishing scams and the malware they bring. The only way for an organization to protect against phishing emails is to never click on a link they contain, if you do not know you are reading a phishing email, how can you make sure to avoid malicious links? The more reliable way to truly avoid phishing scams is by removing email from your company altogether.
While this may sound like an impossible move for most businesses, it is not as crazy as it seems. A growing number of cyberthreats make their way onto enterprise networks through malicious emails, yet companies continue to rely on the insecure channel as their main method of communication. A reliable alternative for enterprise communication is fax-over-IP.
FoIP business internet fax services utilize the Internet to send faxes, but cannot be used to send spam messages like email services can. Service providers like FaxCore protect message transmission by utilizing back-end encryption techniques to ensure only the recipient is able to read sensitive messages. Documents sent over a business internet fax connection are stored on an organization’s dedicated server and are also protected by encryption, making FoIP one of the safest ways for businesses to communicate today.
Enhance enterprise communication, collaboration and compliance efforts with a proven FoIP solution from FaxCore. Contact FaxCore today to learn more about their 'Partly-Cloudy' cloud faxing for business.
