Different articles in this series discuss how criminals use social engineering to target their victims. The end result of an attack by criminals on your computer is the installation of malware that can perform tasks silently in the background. This article focuses on how the software gets delivered for installation.
Most attacks today rely on a user doing something to initiate the software installation. Here are the primary ways the installation of malware is initiated:
- Clicking on a link to a website where the malware gets installed on the computer.
- Clicking on an attachment document containing malware or on a link to get malware embedded as a macro.
- Having a "trusted" support person install the malware during a support session.
- Direct installation by a criminal's technical support following a successful security breach.
- Automated installation over a network exploiting weak security and poor patching procedures.
- Physical installation from CD/DVDs or USB drives.
Each different attack initiated by a criminal combines elements of marketing, sales, and technology to distribute the malware. For example, if the criminal has expertise in email marketing campaigns, they would use either the website link or the attached document method to distribute the malware. A different approach would be if a criminal had access to a call center where a carefully crafted script tricks users into allowing a remote session with one of the criminal’s agents. Remember those phony calls from “Windows support” we warned you about? In this case, the agent simply installs the software as part of their support work. Another common method uses compromised remote access systems for the criminals to gain access directly to the remote systems to install software.
Whether the attackers are state sponsored or are criminals trying to steal money or resources, they use the same tactics to install malware on the victim’s computers. The weakest links in a company’s network defenses are its employees; users can be tricked using social engineering techniques. Once the employee is tricked to click, the methods for delivering and installing the malware are well established.
Click HERE for more details.