Cybercriminals Use Facebook, Bitcoin to Steal Digital Currency

Sophisticated cyber criminals are increasingly using malware and smartphones to snatch digital currency from unsuspecting victims, Internet security experts report. “Cyber criminals are looking to use mobile phones to take money from users because if you can get users to transact with you through their mobile phone, then you can extract money from user in this way,”  says Tony Anscombe,  senior security evangelist for website security company AVG. The thefts can be done through text messages or premium SMS services.  To steal loot this way no credit card is necessary. Cyber thieves attempt to get users to provide a phone number that will allow them to apply a minimal fee to each cell phone bill, perhaps  $1 or $10.  It’s those little fees connected to sending text messages that can go unnoticed. But, it’s money-minter for cyber criminals. “Cyber criminals are targeting high-profile platforms, gadgets or services where, even if only a small percentage will fall victim, cybercriminals will still gain considerable amounts of money,” according to the Community Powered Threat Report, released on Tuesday  from AVG. New targets for online criminals include Facebook Credits, Xbox Points, Zynga coins and Bitcoin. If a digital picketpocketer can gain access to your Bitcoins, which are typically stored in a digital “wallet,” the information can be deleted from your computer, causing a consumer to lose all monies connected to the program. The cyber thief that now has access to the wallet to make purchases online. On Facebook, cyber thieves are getting access through clickjacking.  The crooks use code embedded in videos posted onto Facebook walls with titles like “who is looking at your profile” or “this is funny.” Those videos contain malicious code designed to extract your phone number, possibly through an online survey. They can then use your phone number to tack an automatic fee to your phone bill. Facebook Clickjacking Scams Noticed by AVG in 2011:

  • Big baby born – amazing effects
  • Who is looking at your profile
  • Girl caught stripping on webcam by her dad
  • You won’t believe what this teacher did to his student
  • This guy took a picture of his face every day for eight years
  • Lily Allen shows her breasts on British television

Android devices, which use an open network for applications, are growing more attractive to cyber criminals, who build fake apps. With the sheer volume of applications rising daily, it’s more difficult to determine if an app is legit or fake. It’s this confusion that has thieves grinning. In 2011, AVG noticed an uptick in the number of apps repackaged and posted to the Android market with malicious code. “The Android’s success is phenomenal but, because of that, once you get to a certain market share, you get on the radar of the bad guy,” says Anscombe.  ”The bad guy thinks there is something worth attacking and then he looks at the weak spot. ” AVG Tips to Decrease Risk:

  • Always check the permissions requested by the downloaded application.
  • Don’t conduct online banking activities via unofficial applications.
  • Check your phone bills! Some malware signs you up for premium message subscription services without your knowledge.
  • Don’t download applications from untrusted or pirated sources.