FindLaw's Common Law

Consumer protection legal news from FindLaw.com.




November 2014

Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30            

FindLaw Blogs


FindLaw Blotter
Free Enterprise
Injured
Law & Daily Life


If you're looking for information on common law marriage, please visit the Common Law Marriage section on FindLaw.

« CPSC’s Buckyballs Recall Includes $375K in Refunds | Main | Cell Phone Catches Fire Under Pillow; Samsung Points to Warning »

Don’t Click on That Picture! It May Contain Malware

Most Internet users are well aware that suspicious links and fishy-sounding emails may actually be attempts to gain access to your personal information or infect your computer with a virus.

But what a lot of Internet users don't know is that even something as simple as an image on your computer screen could contain malware. These programs, when downloaded to your computer, can potentially be used to steal sensitive information, leading to identity theft or at the very least compromised computer security.

How does this image-based malware work?

Steganography Made Simple

The most recent cases of images containing malware used a process called steganography, which hides a message or file inside another file, such as an image.

In a recent string of computer infections, seemingly harmless images of cats and beautiful sunsets, usually sent via email, contained malware which was downloaded onto the users' computers as a JPEG file when the users clicked on the images. This made the file appear to be just another image, perhaps one that may have gotten saved in the wrong place.

But hidden inside this JPEG file, reports digital photography site PetaPixel, was malware. The malware in these images was programmed to bypass security systems on users' computers and steal log-in information entered online, such as the usernames and passwords for online banking websites.

Watch for Double Extensions

Another possible way for image-based malware to infect Windows computers is through the use of double extensions.

According to PCWorld, this method takes advantage of Windows' file-naming conventions by adding two extensions -- the letters that identify the format of a file -- to the end of a file, such as "picture.jpg.exe."

While most Windows computers will display the file as an image using the .jpg extension, it's actually an .exe file, which denotes an "executable program." This means that as you're viewing the image, a malware program is being downloaded onto your computer and likely attempting to mine your sensitive personal data or take control of your computer.

How to Prevent Being Infected by Image-based Malware

Luckily, there are some simple steps you can take to prevent being duped by these dangerous images:

  • Don't click on images in suspicious e-mails. Just like links, you should consider any image in a suspicious email a direct digital doorway to infection.
  • Keep your software up to date. Computer companies and software makers are constantly upgrading their products to protect against new threats. Keeping up with these updates will keep you from getting left behind and potentially exposed to dangerous malware and viruses.
  • Change your settings and pay attention to file extensions. If you are on a Windows computer, change your default setting to show you the extensions of files that are being downloaded, to protect against the double extension trick. Any time you see a file ending in .exe, be especially cautious.

Regardless what operating system you use, be aware of the types of files you should and shouldn't download. One picture could be worth a lot more than 1,000 words to an identity thief.

Related Resources:

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451609d69e201a3fd34bf4e970b

Listed below are links to weblogs that reference Don’t Click on That Picture! It May Contain Malware:



Subscribe



Archives




Common Law Vanguard Panel

The following firms have assisted the FindLaw editorial team in identifying emerging trends in consumer protection law and topics of importance to readers of this blog: