The way that cybercriminals distribute malware is ever changing, but some things have stayed the same—such as text message scams and phishing emails. The thing is, many people are now getting wise to these attacks, so cybercriminals are having to come up with new, ingenious scams that will fool us into clicking.
These newer scams are also becoming much more dangerous. So dangerous, in fact, that there are now viruses out there that can straight up drain your bank account.
One virus, called Zeus Panda, is moving with amazing speed, and this is one of those really dangerous cybercriminal creations that can steal all of your money. How do you get it? Through SEO poisoning.
What is SEO poisoning?
SEO poisoning, also known as “black hat SEO,” is a method that hackers use to push infected websites up to the top of Google search results. The “poisoned” site is entitled much like the one you’re trying to visit, and with it being towards the top of the search results, the likelihood of you clicking is quite high.
Once you visit one of these sites, a Word document is used to put the malware on your device. You will see a code saying HTTP 302, and then get directed to another site where the document is downloaded. If you open or save the file, Zeus Panda is now on your device.
At this point, a criminal can discover your banking information and use it to bleed your accounts dry.
Stopping the spread of Zeus Panda
The best way to stop Zeus Panda is to never click any links to your bank or other financial institution via search results. Instead, use your password manager, bookmark the page, or simply type the web address of the bank directly into the browser. There are some other things you should do, too:
Check your Word settings – Because this malware comes through a Word document, you must make sure that you are never downloading any files that you aren’t familiar with. Generally, these files will only work if you turn on macros. Fortunately, you can stop these files in their tracks by turning off the option to use macros in the program.
Use strong antivirus software – Make sure every device has a strong antivirus program loaded onto it. Additionally, keep your software updated at all times.
Turn on Two-Factor Authentication – Consider setting up two-factor authentication, which means that you have to take two steps to log into your account. For instance, you might put your password in, and then you will be sent a text with a special code that you also have to input. This helps give you an extra layer of safety.
Use a Virtual Private Network – When using free, unsecured WiFi, like at a hotel or coffee shop, your data and devices are dangerously exposed to hackers—or anyone within a 500-foot range. By now, readers of this blog know that a VPN like Hotspot Shield encrypts your data when you are on open and unencrypted WiFi, so make sure you download it for free today for both your mobile device and laptop.
Alerts and notifications – Your bank should have a section on their website for you to set up emails and texts for any and all transactions. The moment you are made aware of an unauthorized transaction, call your bank to stop it.
Understand the rules – Finally, make sure you understand the rules of security. For instance, many people think nothing of using the same password for all of their accounts. However, if your password is stolen, a hacker also has access to all of your accounts. So, before you use the same password for your banking account as you do for Facebook, remember that this is a distinct possibility. Instead, consider using a password manager so you can have unique passwords for every account.