People that use IM’s…”instant messaging” programs like Windows Live Messenger (WLM), Yahoo, ICQ, AIM, etc. frequently get invitations from what appears to be friendly strangers, when in fact it’s an automated harvester (“bot”) seeking to infect your machine.
I’ll use WLM for this example because I use it myself for communicating with people in real time when I’m doing a remote assistance session.
You’ll see something like this in a pop up:
DO NOT allow that person (a bot in reality, not a live person) to communicate with you OR ADD them to your contact list. Check the “Block this person…” radio button.
Unless you know the person, AND you send them an invitation to join you in a chat, OR they tell you in an email that they’re going to invite you, DO NOT add anybody to your “buddy” list (I believe that’s the Yahoo term). Even if you recognize the name, DON’T add them unless they specifically tell you they’re going to contact you on an IM. That’s because spammers have the ability to “spoof” (fake) an IM from a trusted source.
So it’s best to pre-arrange these things so that you’ll know an invitation is coming.
This may seem like overkill, but IM’s are notorious for being vehicles of infections. One of the favorite tactics of malware writers is to hook you into adding them to your contact list and communicating with them, and then inserting a link to what you think is a .jpg picture, but in reality it could be a backdoor Trojan. The classic is “Click on this link to see a really neat pic”. Yeah…right!
DON’T DO IT!
Sounds like nasty little things…..
Bots can be used for a variety of malicious things.
1. Prompt you to click on a link (by promising a hot pic or free iPod) and infecting your PC with a malware.
2. Harvest your email id.
3. Gateway to social engineering that will later be used to get money / passwords from your friends.
Hey Jeet,
Asolutely! And the pisser of it is that these nasty little things are automated and, with the exception of writing the malicious code for the stupid things and releasing them into the wild, there’s really no other work involved.
And the social engineering thing is another tactic these bums use. The “I Love You” virus was a perfect example. When people saw that title in an email, they “just had to open it” to see who it was.
And that jdbmgr with the teddy bear icon was another good example of social engineering.
But you’re correct. Malware nowadays is big business, not for the kicks that script-kiddies used to be motivated by (a twisted motivation, I might add).
Do you know if this goes on on Pidgin too? I’ve never had request like this on there … except on GaduGadu – a Polish IM.
Hey David,
I’m not familiar with Pidgin. But if you’ve never had a request like that, sounds like maybe not.
I have considered IM but now it looks like one more place for caution. Thanks Frank.
Jonathan,
You serve up great articles and keep them coming!
Good advice, thanks