You don't have to be a sophisticated cybercriminal to hack someone's webcam these days. New research unveiled simple software that allows almost anyone to peek into your personal space.
According to security experts, new software called AdWind only costs a mere $70 per month and allows even those with basic computer skills to peep in on unsuspecting victims.
It all starts as a spear-phishing attack, in which victims are tricked into clicking on malicious links which will install malware on a computer without notice or any inclination.
That malware, for this particular instance, can grab photos, take video and record audio sound bites, which not only is creepy, but can be used in a number of shady ways like blackmail or extortion.
On top of that, the AdWind software can also snag passwords, monitor everything you do on your computer and transfer files to steal your hard-earned money.
The software was first brought to light when it was used in an attack on a bank in Singapore. Since then, an estimated 443,000 people and businesses have been targeted around the entire world.
Even scarier is that the hackers using this software don't even need brains. According to security researcher, David Emm, "The people using AdWind weren’t cyberwarriors. They just had a low skill level, but were able to buy the code from people who developed it."
As always, if you're worried about becoming a victim, know that spear phishing is a more sophisticated version of phishing. It targets select groups of people that have something in common. They might work at the same company, for example.
In spear-phishing attacks, scammers will do research or steal information to send out legitimate-sounding emails. They might impersonate a person or organization from which you regularly receive emails.
Because spear-phishing emails often sound and look like the real thing, it's easy to become a victim.
Again, remember that most companies will never request personal information in an email. If you have any doubts, call the company to confirm. Just don't use any phone numbers provided in the email and don't reply or click on any links. Don't download any attachments or call any numbers in the message, either.
I recommend deleting suspicious messages right away. Never follow a link to a secure site like your bank or credit card company. Instead, manually type in the address into your browser if you need to get in touch.