Online scams: Greed is still the target
I recently got sent a “funny” image purporting to be a way to get free Apps from the Apple App store for Macs by entering a few terminal commands. The person who sent it to me thought it was a hoot, because it had the hallmarks of looking genuine; a set of commands that explained themselves as they went, claiming to enable “Developer Mode” to allow you access to free applications.
It’s not quite explained why a “Developer Mode” would actually allow developers to peer into the works of other developers out there, but then you’re not really meant to think too hard about this particular scam.
Even online, there’s no such thing as a free lunch, but this particular scam would taste particularly sour, as the commands that you would be encouraged to enter would in fact wipe your entire hard drive without any further confirmation. It’s a destructive prank, and one that I didn’t exactly see the funny side of.
Similar recent prank images have suggested variously that iOS 7 would make iPhones waterproof, or that you could make an Xbox One backwards compatible with an Xbox 360, all with destructive intent.
They’re a little different from your ordinary online social scams — you’re not being told you’ve won billions of dollars in a lottery you don’t remember entering, for example, because the intent is more in the realms of malicious damage for the sake of amusing the perpetrator of the prank.
Still, they’re working off the same basis. There’s something you want — in this case, the lure of free apps — and you figure that “it can’t do any harm to type in a few gibberish commands”. The issue is, naturally enough, that it very much can.
In some ways, it’s reminiscent of many of the original computer viruses. Those were purely destructive critters that would (and did) corrupt files, wipe hard drives, and in some particularly nasty cases, corrupt the underlying software on board the system motherboard. Viruses of that type largely fell out of favour when the market emerged both for botnets — machines remotely controlled by virus code for malicious purposes — as well as straight financial gain viruses, whether by harvesting personal information or holding systems hostage. After all, from the malware writer’s perspective, why wipe a system once for no gain when you could make money out of it?
So what should you do?
It’s still eminently sensible to have both a decent backup strategy in mind — especially as the simplest level of backup, an external hard drive, will cost you under $100, while hard drive recovery services can easily run to the hundreds if not thousands — as well as regularly updated antivirus/anti-malware packages running. There are still purely software vectors out there for infection and through that all sorts of problems that you’re better off avoiding.
At the same time, social vectors, such as appealing to your desire for freebies — whether it’s software, movies or straight up free money — remain a constant target because it’s often easier for nefarious types to get you do to do the work compromising your system than working a way around AV software. As such, the most intelligent bit of system security you can employ remains your common sense.