- Jul 16, 2001
- 17,976
- 141
- 106
Text
Cyber-romantics thinking of sending their beloved a Valentine's Day screen saver or cutesy desktop icon should think twice, unless they want to spend more quality time with their helpdesk staff. Instead of unlocking the heart of that special someone, they could unleash those gifts that keep on taking: adware and spyware.
Aluria Software, a division of Earthlink Inc., has published a list of the top sites that could turn Valentine's Day into a malware massacre. They include acez.com, fredscorner.ezthemes.com, freevalentinesscreensavers.com, hellasmultimedia.com, iconcave.com, links2love.com, scenicreflections.com, and screensavers.com. A trip to any of them is likely to result in a drive-by adware or spyware download.
Several of these sites employ "drive-by" spyware downloads that use JavaScript or ActiveX to install the spyware when a user visits a Web site acting as a carrier. Some browsers allow system administrators to block ActiveX downloads or at least warn users that a download is being attempted, says Hiep Dang, director of threat research and engineering for Aluria, which EarthLink purchased in September. "Whenever you find something for free on the Web, chances are, it'll come bundled with spyware, whether these free programs are screen savers, smiley faces, or wallpaper," he adds.
Cyber-romantics thinking of sending their beloved a Valentine's Day screen saver or cutesy desktop icon should think twice, unless they want to spend more quality time with their helpdesk staff. Instead of unlocking the heart of that special someone, they could unleash those gifts that keep on taking: adware and spyware.
Aluria Software, a division of Earthlink Inc., has published a list of the top sites that could turn Valentine's Day into a malware massacre. They include acez.com, fredscorner.ezthemes.com, freevalentinesscreensavers.com, hellasmultimedia.com, iconcave.com, links2love.com, scenicreflections.com, and screensavers.com. A trip to any of them is likely to result in a drive-by adware or spyware download.
Several of these sites employ "drive-by" spyware downloads that use JavaScript or ActiveX to install the spyware when a user visits a Web site acting as a carrier. Some browsers allow system administrators to block ActiveX downloads or at least warn users that a download is being attempted, says Hiep Dang, director of threat research and engineering for Aluria, which EarthLink purchased in September. "Whenever you find something for free on the Web, chances are, it'll come bundled with spyware, whether these free programs are screen savers, smiley faces, or wallpaper," he adds.
Facebook
Twitter