Andrew Brandt’s comments come against the US Thanksgiving celebrations, when much of the US takes a holiday – and is a time when hackers and malware authors traditionally behave like mice when the cat is away.
“As another Thanksgiving rolls around, I’d like to take a moment to give thanks for the things that make my life and work a little easier. So, thank you, cybercriminals, for having so little ability to craft an original scam or thought”, he says in his Thanksgiving security posting.
“The fact that you’re using tired, hackneyed social engineering scams in your attempt to infect computers with malware makes it far easier for everyone to identify those same boring, repetitive attacks—and avoid them. Your laziness and sloppy consistency is a gift”, he adds.
Brandt goes on to say that, over the past several weeks, he and his research team have e been watching the criminals rev up their activities with email spam and exploit kits.
You might, he notes, recognize some of the names of companies referenced in the spam email we’ve been receiving: The trade association NACHA; UPS, DHL, the US postal service (whose initials, USPS, these criminal masterminds cannot help but confuse with UPS); and online stores like Athleta and YesAsia.
Such is the level of repetition amongst the hackers and cybercriminals, however, that he calls their current malware: “regifting: It’s what the cybercriminals are doing this holiday season.”
And while - at this time of year it’s far easier for the average person to mistake one of the malicious emails for a real one – he says that it’s relatively easy to use Firefox addons like NoScript to stop many of these malware scams in their tracks.
“Using tools like the NoScript add-on for Firefox, which stops the malicious Javascript code from functioning, defeats virtually all exploit kits. But that shouldn’t stop you from updating Flash, Acrobat, and Java as well”, he says.
“When it comes to the email attachments, the best advice we can offer is to remain vigilant. Don’t click anything you aren’t expecting to receive. Even an HTML attachment can contain exploit code, or redirect your browser to a site where that exploit code is hosted”, he adds.