Cyber criminals uses Instant Messaging to distribute worms, viruses and Trojans. Hackers likes to use Instant Messaging because of the following reasons.
Network ports of IM client are opened, so no need to open suspicious ports to commit fraud.
IM networks support transfer files and use peer-to-peer (P2P) file sharing, by taking advantage of this they penetrates malware into files.
A Cyber criminal can easily hide Trojans into files, these Trojans modifies computer’s configuration settings, user IDs and passwords, credit reports, emails, tax and medical records. This can be great risk to client.
A hacker uses Denial of Service (Dos) on the IM client and through this hacker sends a large number of messages to a particular client which causes IM client to crash their system or slow down.
How to Defend Against IM Threats:
- Don’t choose your real name, email address, or other personally identifiable information as a screen name. Only share your screen name with people you trust, and ask them to keep it private.
- Use settings to block messages from unknown persons to prevent from “spim“ (IM spam).
- Don’t display your screen name or email address in public places such as Internet directories.
- Never provide private information like account numbers or passwords in an IM.
- Turn off your computer and disconnect the DSL or modem line when you’re not using it.
- Enable automatic Windows updates to keep your operating system patched against known vulnerabilities.
- Configure your anti-virus software to automatically scan all email and IM attachments and downloaded files.
- Be careful when using P2P file sharing with IM. Trojans may sit in these files.
