April Fools’ Day is a time for practical jokes, hoaxes and laughs. However, it’s important to understand that April Fools’ Day is also an ample opportunity for cybercriminals to capitalize on the popular day and its events for their own nefarious purposes.
To help you make sure cybercriminals don’t get the last laugh this April Fools’ Day - and to give you a few laughs, too - Kaspersky Lab has compiled a few of the top April Fools’ Day hoaxes throughout history and tips on what to look out for to stay safe online.
SCAM: Instant color TV, instant victim
Sweden's most famous April Fools’ Day hoax occurred on April 1, 1962 when a researcher went on live TV to announce a recent discovery: a fine-meshed screen placed in front of a black and white television screen would result in instant color TV. Nylon stockings made the perfect screen. Thousands of viewers cut open a pair of stockings and taped them over the screen of their television set, hoping to get color TV.
- If something sounds too good to be true, it probably is.
- Beware of emails offering free vacations, gift cards or other giveaways. Clicking on a link to claim the “offer” could result in downloading a malicious file onto your computer.
SCAM: Remote electricity ruse
In 1999, executives at 130 major companies received a package of information about an exciting new product: Total Home Remote Electricity, which would allow electricity to be beamed wirelessly anywhere within a house. The ads prompted executives to call for more information. High-level executives across companies called in to only be connected to an advertising agency that had sent out the fake ad as an April Fools’ Day publicity stunt.
- Business and Consumers alike: Be cautious of spear-phishing—suspicious emails, especially ones associated with social media, banking, online shopping or travel sites. Cybercriminals are out to compromise your computer and steal confidential data.
- Brand names of popular sites like LinkedIn or airline companies are often used to product fraudulent spam by cybercriminals.
- Avoid opening the email and do not click any links inside them, these are often rigged with exploits or malicious URLs that will install malware.
- If you have accounts associated with the site being referenced in the suspicious email, visit the official website directly to check for notifications by typing out the URL of the designated homepage as opposed to clicking on links from third-parties.
SCAM: MIT goes to Disney World
Did you know that the Massachusetts Institute of Technology was sold to Walt Disney Co. on April 1, 1998 for $6.9 billion? April Fools! A group of students hacked into the school’s central server, replacing the real web page with a phony one, complete with a picture of their famous dome wearing a pair of mouse ears and a press release outlining new schools like the Scrooge McDuck School of Management.
To avoid being a victim of hacking, password security is essential:
Use a different password for each different online resource. Never reuse the same password for different services. If you do, all or many of your other online accounts can be compromised.
Use complex passwords. Try to use a combination of symbols, letters and special characters. The longer the password, the safer.
Sometimes our online service providers don’t let us create really complex passwords, but try to use long passwords, with at least 23 characters in a combination of uppercase and lowercase letters. A password of 23 characters (131 bits) would be OK.
SCAM: Internet spring cleaning
Can you imagine a day with no Internet? In 1997, an email message spread throughout the world announcing the Internet would be shut down for a 24-hour “cleaning” from March 31 until April 2. The “cleaning” would clear out the clutter; dead email and inactive ftp, www, and search engines would be purged.
- Watch out for ransomware: Like the example above, cybercriminals take over your computer, offering to “clean it up” for a fee. Sometimes this technique masquerades as fake anti-virus. Don’t trust messages warning that your Internet or computer is shut down or infected.
- Don't click on pop-up windows even if they aren't blocked by the browser security or other security solutions. You should only click on messages from a legitimate antivirus solution installed on the computer. Ignore any messages warning you of infection that appear randomly while you're browsing the Internet
- Legitimate programs designed to combat malware will never first scan a computer and then demand money for activation. You should never pay for a product which does this: install a genuine antivirus solution developed by a well-known antivirus company and use this to scan and clean your computer.
- If you find an unknown antivirus program on your computer, check whether the vendor has an official site and technical support. If it doesn't, it is definitely a rogue antivirus.
Source : http://www.net-security.org, 27 March 2013.