Many people have recently received a message from Google informing them that an attempt was made to enter their Google account with their username and password, but from an unusual location in the world. This indicates that information on hosting accounts was leaked from people’s computers to a cyber-criminal.
The culprit is a new kind of spyware named “Fareit”.
This spyware is very dangerous. It steals usernames and passwords, allowing hackers to access private accounts. This could be any kind of account, from Facebook to bank accounts.
The virus is extremely sneaky. It runs itself inside a computer, finds passwords and then deletes itself — you never notice that it was there. When the cyber-criminal obtains your passwords he can get into your accounts and steal whatever he finds — from private photos to money. He can even enter your Facebook page, like a phantom, to upload posts that appear to come from you.
The way this spyware gets into your computer is through an email that has a provocative or alarming message, convincing you to click on an attachment. The attachment is actually the spyware program, and clicking on it activates it.
Here is an example:
Clicking on the attached zip file opens it, and another click runs the spyware. Once the spyware is activated, it scans the browsers and hard drive to locate account URLs, usernames and passwords. The data is then transmitted over the internet to be accessed and analyzed by the criminal operation. The whole process takes less than 5 minutes and the spyware deletes itself when it is finished, so that no evidence is left behind that the computer has been hacked.
This type of spyware is very stealthy and cannot be detected by regular antivirus programs because it does not remain in the victimized computer.
How to Protect Yourself
Second, keep your passwords list off of your computer, so criminals won’t be able to reach it. (Read more about password safety in our articles). If you suspect that your computer has been hacked by this spyware you should go to all of your online accounts and change the passwords. To make sure you covered all accounts that might have been breached, you can look at your browser’s password list:
● Firefox: Click on the menu, then, Tools → Options → Security → Saved password.
● Chrome: Click on the menu, then, Wrench→Options→Personal Stuff→Show Saved Passwords
● IE- Start: Control panel→User Accounts and Family Safety→User Accounts→Manage your credentials→Add a Windows credential
● Safari: Keychain Access in your utilities folder: http://forums.macworld.com/index.php?/topic/34112-retrieve-saved-password-in-safari/