GozNym – Not A Two-Headed Greek Myth
In the latest and diabolical way hackers can separate you from your money, it’s pretty simple how it works. Forget how complicated the software and all the technical details. All that’s need for it to work is a click. A single click. By you. That’s it.
$4 Million And Counting
The spawn of Satan has arrived. Well..technically the spawn of Gozi ISFB and Nymaim. But if you’re the victim, you’ll feel like it’s Hell. This malware has developed over the last few years to arrive as a potent threat to your online banking, and bank account.
This devious little collection of bits and bytes waits for you to click on a link in an email, or from an infected website. And when you do, it’s all over but the sounds of your bank account draining. How many times has your humble correspondent warned you about phishing and spearphishing? Apparently one fewer times than needed.
So far, GozNym has drained about $4 million dollars from suckers…I mean unsuspecting victims. Come on man…how unsuspecting can anyone be anymore in this digital day and age?
GozNym lays in wait. When you log into your online bank account – BAM! Gotcha. Your user name and password are pilfered and sent back to parts unknown. Well, we sorta know. Eastern Europe and Russia and safe bets for this kind of thievery.
What Is Old Is New Again
That’s as true for Gary Busey as it is Nymaim. First discovered in 2013, this nasty little malware package has found a new soulmate in Gozi ISFB. Gozi was discovered in 2007! That’s like an eternity in the online world. Twitter started in 2006 for a quick reference point.
So in all that time, as the software evolved, guess what didn’t?
Sound familiar? It should. Humans continue to do the same stupid things to get us into trouble. Like click on links in emails, or web pages. I can hear some of you Millennials already..”I don’t want to live in a world where I have to be afraid of clicking a link. Waaaah!”.
Call The Wah-mbulance
Too bad. You take the world as you find – not as you wish it was. And the world tells us many links are bad. Especially if they come from dodgy websites or suspicious emails. You get that urge. You have to know. Must…click…or…I…will…miss…out.
Get over it. You’re a target. Act like one. Be suspicious of every link. Every email with an attachment. Your default behavior should be to delete. Make that email with the unsolicited attachment prove to you it’s worthy of living. Force that web link to reveal itself to you BEFORE you click on it.
Hint: If you’re surfing porn, especially at work, don’t be shocked when you catch digital herpes. Practice safe surfing…always.