Zombie code on scammers Xmas vish-list

Moves by internet service providers to call users whose computers are infected with malware could signal a boom for phone scammers.
Written by Darren Pauli, Contributor

Moves by internet service providers to call users whose computers are infected with malware could be a boom for phone scammers.


(Hook, Line & Sinker image by Kenneth Lu, CC2.0)

Providers adhering to the voluntary zombie code, known formally as iCode, will phone users and direct them to a security website if their computers show symptoms of infection, such as spamming or communication of malicious network traffic.

The code comes into force in December and includes all but some of the smallest telcos.

Australians were recently stung through a series of vishing attacks, where scammers had called offering fake security services on behalf of Microsoft and other reputable IT companies.

Victims had acquiesced requests to visit a website where they were shown that their computers are infected and sold bogus security software.

iCode developer, the Internet Industry Association (IIA), said it would create a scenario ripe for vishing attacks.

"If someone can spoof the iCode and direct users to a fake site, it would be devastating," said IIA spokesperson John Hilvert.

"We are aware of these big issues and the high potential for it to be spoofed like the Microsoft attacks."

In response, the IIA has boosted the security of the zombie code landing website, which will be used by many providers to help secure infected users. It will be launched at the end of November.

Security companies including Sophos, Outpost24, PSARN and Revium among others are helping to strengthen the site against forgery or attack. The site users a flat-file database and has composed its site seal from JavaScript to make it harder to copy.

The site will offer a crash course on malware, a do-it-yourself process for removing infections and links to professional services such as Gizmo, GK and Tech2Home.

Customers who fail to address security problems should be placed into a "walled garden" that limits internet access. Providers may also throttle user access speed until they improve security and install antivirus.

Uses remain the weakest point in the chain of security. Billions of dollars in IT security investment can be mitigated if customers can be tricked into supplying account information to a malicious web page that mirrors an online banking system.

In June, the IIA took the iCode to the White House, where it met with Barack Obama's cyber-security coordinator, Howard Schmidt, to discuss it as a potential model for the US internet industry to adopt.

Earlier this year, a parliamentary report into cybercrime recommended making the iCode mandatory for all ISPs.

Editorial standards