As a kid I loved to hunt wild creatures, trap them and bring them home alive. Snakes were my favorite. My mom still tells the story of my bringing home a four foot reptile during her tea party with neighborhood moms.
These days kids are just as likely to introduce dangerous creatures of the digital kind into the home computer.
An interesting segment appeared on NBC's Today Show this morning that describes the risk. The story focused on kids who downloaded and used a file sharing program to access music online. Unfortunately they were using the same computer that Mom and Dad used to prepare the family tax return and did not realize the completed tax forms were shared for the entire world to see! Any identity thief could simply type "Tax Return" into their own file sharing program's search field and find the family's 1040 form ripe for the picking. The family profiled in the Today Show story had their tax form filed electronically by an online thief who was very happy to receive their $2000 tax refund.
There are more insidious risks to file sharing networks: they are an excellent means for spreading Trojans that quietly infect computers, remain under your antivirus radar, and do more long-term damage than grabbing a tax return. File sharing programs are used by millions of users around the world to download "free" software. Need Photoshop but don't want to spend the money? File sharing programs can deliver you a "cracked" copy (a permanent free trial) or a key generator you can use to generate your own license key. Bogus key generators ("keygens") are the most common form of malware on file sharing networks.
Malware distributors watch for file sharing searches of any and all keywords and immediately offer up files that match the keywords. Searches for "Benjamin Franklin" in a file sharing program will return hits like "Benjamin Franklin keygen" or "Benjamin Franklin Greatest Hits." The files these search results point to can be executable programs or songs and videos that can deliver infections to computers that play them.
Here is an example of a file sharing search this morning. The marked entry, "benjamin franklin KeyGen," is identified by Authentium's Command Anti-Malware as "W32/Trojan2.FXIS." This is a trojan that infects the Windows login service so it runs every time a user logs in. What does it do next? Anything it wants to.
These infections can include Banking Trojans, Keyloggers and DNS Changers that are described elsewhere on this blog.
Kids do download the darndest things. Authentium's SafeCentral provides secure banking and shopping even on computers that may have been infected by the kids.
Now I'm going to call my mom and remind her that none of the snakes, crabs or lizards I brought home ever emptied the family bank account.
Update:
March 16, 2009: A couple of media outlets picked up on this story over the weekend:
Dallas Morning News - Pamela Yip covered the story in Sunday's paper here:
Protect your personal data when filing taxes online
MarketWatch - Andrea Coombes included it in last Friday's Taxing Times and will be following up with more this week in the Market Watch Personal Finance section
Thursday, February 26, 2009
Kids Download the Darnedest Things
