Cybercriminals are constantly devising new ways to get hold of our data. For example, via email, chat, and telephone. But also via your laptop or computer, for example when downloading software or an application. Attackers can send malicious software, ask you to fill in or copy something via an intermediate step, or send you to a 'fake' environment. So... as soon as you see or have to do something that 'is different from usual' or 'doesn't feel right', contact CERT-UT (cert@utwente.nl)
What are infostealers?
Infostealers are a type of malicious software that cybercriminals use to steal personal information from your computer or device. Once installed on your device, the malware collects sensitive information without your knowledge and sends it to the criminals. They can cause enormous damage if they are not detected in time.
What kind of information do infostealers collect?
Infostealers target various types of sensitive information:
- Login details: Usernames and passwords for email accounts or social media.
- Financial details: Credit card numbers, bank details, and information about cryptocurrency wallets.
- Personal details: Information such as your name, address, phone number, or social security number.
- System information: Data about your device's hardware, installed software, and security programs.
All of this data is valuable to criminals and can be misused for identity theft, financial fraud, or further cyberattacks.
How do infostealers get in?
Infostealers can find their way onto your device in various ways, often without you even noticing:
- Phishing emails: Emails that look like they come from a trusted source but contain a malicious link or attachment. If you click on it, the malware is installed.
- Malicious websites: By clicking on a link to an infected website or through malvertising (malicious advertisements), you can download malware without noticing. Even a trusted website can be hacked to spread malware.
- Illegal software: Downloading illegal software carries significant risks. These packages are often infected with malware.
- Vulnerabilities in software: Some infostealers exploit security flaws in outdated software or browsers to infect your device.
How can you recognize infostealers?
Are you being asked to do something on a website because you cannot access the website otherwise, or do you not trust a website or email? Report this as soon as possible to CERT-UT (cert@utwente.nl). Infostealers are designed to work unnoticed when they are active. These are signs to look out for:
- If you receive a message saying that you need to log in urgently and are asked to do so via the link in the email/text message.
- Unexpected emails, social media messages, or transactions on your bank account. Messages from “acquaintances” that are strange/different than usual or that you do not expect.
- If you receive a message to use your second factor (MFA) again without you being logged in.
If you recognize these signs, take immediate action and scan your device for malware and/or disconnect your device from the internet. If this happens on a device belonging to your institution, report it as soon as possible.
What can you do against infostealers?
- Use multiple factors to log in (Multi-factor authentication (MFA): This adds an extra layer of security, requiring you to enter an SMS code in addition to your password, for example. Sometimes you have to enable this yourself in your social media accounts.
- Update your software regularly: Make sure your computer and antivirus software are up to date.
- Log in by searching for the website yourself: If you are asked to log in, do not do so via the link in the email, but go to the official page.
- Be careful with emails: Do not open suspicious attachments or click on unknown links, especially if the sender is unknown to you.
- Avoid illegal software: Use legal software and only download software from reliable platforms, such as SURFspot.
