Traps on the Internet: executive summary

24 Sep 2009
Virus News

This article, written by the security researcher Christian Funk, provides an overview of the pitfalls that new Internet users may encounter. The article aims to describe some typical threats and scams in order to help users protect themselves, their data and their money.

Classic email threats include spam, which may have files attached that contain malware or include links to sites hosting malicious programs. No matter how tempting it may be to open such emails because of their intriguing subjects, the safest thing to do is simply delete them unread.

Other scams include the now-familiar phishing, which targets banks, financial institutions, e-payment systems and auction sites. Again, the advice is simple: never enter your data on sites where the link has been sent to you by email, and even if the email looks legitimate, verify it with the organisation concerned.

The section on money laundering provides an overview of how those new to the Internet can get sucked into transferring money to cybercriminal accounts. The scareware section looks at fake security software which demands money from the user in order to disinfect malware supposedly found on the computer; however, there is no infection present and the consequences can result in more than spending money unnecessarily – such programs can themselves be linked to malware.

Those new to the Internet can also fall victim to social networking scams, where they're asked to transfer money to a 'friend' who is in danger. They may click on URLs in Twitter messages which are modified using a URL shortening service, and which actually lead to malicious sites. Or they may unwittingly download malware from peer-to-peer networks while trying to download music, games, films, and other entertainment media without actually having to purchase it.

All of these examples are given, with further details and screenshots, in the full version of Traps on the Internet, which is available on

The material can be reproduced provided the author; company name and original source are cited. Reproduction of this material in re-written form requires the express consent of the Kaspersky Lab PR department.