Monday, December 12, 2005

NPR : Clever Worm Lures Victims with Chat-Slang:

Short-hand slang such as 'yt?' -- for 'You there?' -- is one reason software may be able to simulate a chat session. NPR

How the Worm Works
A message appears with a link to a site, and the note 'LOL, that's cool'
Questions often result in the response 'Nope, this isn't a virus. LOL'
Clicking the link releases the virus, which bypasses security
The virus replicates itself by contacting the user's IM buddies

How do you know when you're instant-messaging with a computer worm instead of one of your 'buddies?' Security experts say it's getting harder to tell the difference.

A malicious new computer worm initiates a chat with its victims through instant messaging and invites them to click on a link -- which allows it to spread to their IM buddies.

The worm, called IM.Myspace04.AIM, has been able to fool thousands of AOL users. Experts say that's because it copies human styles of communication, using shorthand phrases and slang. They say IM viruses spread faster than their e-mail counterparts.

To avoid the worm, Alan Paller, research director at the SANS Institute, which studies Internet security threats, says to double-check any messages with a link even if you think you know the sender.

He says one way to be careful is to start a new chat box with the same IM buddy and see if it's really them. One virus expert says to use the same caution on the Internet that you would use to avoid being mugged on a city street: Avoid strangers and make sure you're talking to a friend."