I recently received two email messages from people who had been the victims of cybercrime. These people weren’t just readers of our blog—they work on our team. That means that they spend almost every day thinking about viruses, online fraud, security updates, and other issues of computer security.
And they still weren’t immune to the threat.
I got permission to share these stories in an effort to prove that cybercriminals are so tricky that they can even fool people who should know better.
The first tale comes from an employee who I’ll call “Christine.” Christine writes:
I was on a news site and got infected with a computer virus. I believe I got some pop-up about an Adobe Acrobat test, and I may have hit “OK” rather than closing the pop-up. Instantly, I started getting all of these dire warning threats that my security had been breached, my computer was infected, and I should download the latest update to “Win 7 Internet Security 2011.”
I’ve actually never had a virus before, but I knew that Microsoft would never abbreviate the word “Windows” to “Win,” and then I spotted a few telltale other signs—a couple misspellings in the messages, and the warnings were so alarmist that I knew they couldn’t be from Microsoft. So I wasn’t dumb enough to click on anything, but it did paralyze my computer for a while, flooding my PC with these messages and blocking my access to the Internet.
From another PC, I found information on this virus and recommendations on how to remove it. I tried to remove it manually and had trouble locating where it was in my files. Then I tried downloading a spyware scanner (which I had to put on a USB drive, and then transfer to my infected PC). After getting it on my PC (I had to rename the .exe file because the virus knew it was spyware removal software and wouldn’t let me run it) and finding the infection, I found out that I needed to buy it before it would fix anything!
Then I remembered Microsoft’s scanner and did the same thing, and it worked! It found the virus and removed it—I guess I had the “Win32/FakeRean” virus that we featured in the newsletter a few months back. It was a fast, easy download, and it found and fixed my system for free.
Now I’ve downloaded every security update I can find, and scanned my system about 5 different times.”
This sounds like rogue security software to us. For more information, see Watch out for fake virus alerts. If you think you might have the same problem, download the Microsoft Safety Scanner.
The second story comes from an employee who I’ll call “Megan.” Megan writes:
“Right before I left for vacation I got a message that my email account had been “compromised.” At first I thought that this was a scam, but when I checked my credit card statement, I realized that over $600 of merchandise had been charged to my account. That was because I used the same user name and password information for my email account as I did for other online accounts, including my bank account.
I was using a strong password. It wasn’t a word from the dictionary and it had a mix of numbers and letters. The problem was that I used this same password since I opened the email account more than four years earlier. And like I said, I was using the same user name and password on many of my online accounts, including my bank account. I immediately changed the password on my email account, on my bank account, and on all other financial accounts. And this time I used different passwords.”
Have you had this problem? Learn how to create strong passwords or test your password’s strength.
Do you have a computer security tale of woe? Share it in our comment section below.
