The purpose of the Exploit kit is to fill your computer with malicious software simply by clicking a link in an email. It’s essentially a Trojan.
An exploit Kit is definitively “Crimeware””
Crimeware is designed (through social engineering or technical stealth) to perpetrate identity theft in order to access a computer user’s online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the crimeware. Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation.
Just take a look at the above email. The email tells me that a new TV was shipped from Amazon, via my account to some address in Florida.
I would like a new TV but certainly wouldn’t ship it to Florida if I did buy one.
Of course the natural reaction is to click on a link in the email to see exactly what is going on and why you’re buying someone else a TV.
This isn’t the case though – look closely at the email.
Firstly the email didn’t come from Amazon – it came from a “Dino Delacruz” – this is a dead giveaway.
Other subtle mistakes in the email include the code error at the top of the message (next to “Your Orders”), multiple periods after the word Order, a lack of tracking information (it’s hard to track what isn’t there), misuse of uppercase letters and more.
“Thank you for shopping with us. We thought you’d like to know that we shipped your item, and that this completes your order. Your order is on its way, and can no longer be changed. If you need to return an item from this shipment or manage other orders, please visit Your Orders on Amazon.com
This shipment does not have an associated tracking or delivery confirmation number.”
Of course this isn’t an Amazon standard message.
Knowing what a malicious email looks like, knowing what will happen if I click etc I took the risk, purely for the reason of this post, to see what happened. As expected my updated, free version of AVG alerted me at once to the issue and immediately removed the kit.
How can you prevent computer exploits like this? Well, install and update your antivirus software – There’s a lot of free antivirus applications out there. I usually recommend AVG.
How can you clean up your computer if you are subject to an exploit kit? Well, that depends on the severity of the infection. Drop a comment and we’ll talk about it.
Author: Andy Quayle
Andy was born in the Isle of Man and currently lives in Pittsburgh.
Known globally as a willing source for tech news and views, Andy takes great pride in consultation and education.
Should his schedule permit, Andy is available to help you with your SEO and Web Analytics needs.