One click on the wrong thing can open your life to crooks. This is how to protect yourself

Clark Howard, WSB-TV

May 1, 2024 at 6:02 PM·3 min read

From phishing, spear phishing, job scams, to romance scams, hackers attempt trillions of cyberattacks every day.

While most of us are aware of the havoc clicking on a malicious link can cause, we wanted to know how it works!

Channel 2 consumer adviser Clark Howard sat down with a cyber expert to show us just how easy it is for hackers to create and spread malware.

It’s not one person sitting in a dark room trying to attack you. It’s millions of people sending billions of attacks trying to get in your life.

Retailers, governments, hospital systems, banks -- our personal information is up for grabs.

“We’re talking billions, trillions of scans of attempts on a daily basis,” cyber threat researcher Willis McDonald said. “The last couple of years, it’s multiple billions of dollars that we’ve lost, and that’s just the US.”

[HAVE A STORY FOR 2 INVESTIGATES? Submit a tip here]

McDonald has been fighting the hackers for over a decade.

“I research malware authors, criminal marketplaces and who is using them, what they’re selling and how they operate,” McDonald said.

Those criminal marketplaces are big business.

“They have employees they have benefits, they have health insurance,” McDonald said.

Crooks can choose to buy malware that collects usernames and passwords or ransomware to extort money.

“A lot of times those are sold as a service and the subscription services have many different ways. They monetize it. Sometimes it’s by how many infections that you would like to carry out,” McDonald said.

McDonald demonstrated two attacks criminals use to gain access to our info and it was not hard.

MORE STORIES FROM 2 INVESTIGATES:

“It’s really just answering a bunch of prompts as long as you have all the information. It’s a fairly simple process,” McDonald said.

Using open-source tools available online McDonald was able to create and send a phishing email to multiple addresses.

Then he waits.

“If I don’t get a connection back, I try a different template until eventually I’m successful and I can gain access to this person’s computer,” McDonald said.

Once they have access …

“In most cases, the whole purpose of the malware is to not make itself known, to collect data in the background silently and send that back to the attacker,” McDonald said.

Using another template, he was able to take control of the user’s computer by setting up a malicious link.

“In this case, it’s actually warning me that I should not download this,” McDonald said. “What I’m going to tell it is, I want to keep it. So I’m just going to ignore it. Which a lot of times this happens as well.”

Within seconds he was able to remotely take over.

“As you can see it, mirrors on my attacker laptop,” McDonald showed Howard. “Someone could do this in a matter of seconds, gathering credentials, gathering personal information.”

McDonald said people looking for pirated versions of software like Microsoft or Adobe products are asking for trouble.

“Plenty of those have malware attached for free on pirated versions,” McDonald said.

There are ways to protect yourself.

“Pay attention to what you’re clicking on,” McDonald said.

He said to also look at the URL and make sure a site is legit before you login in.

If you think you are a victim, McDonald said to change your passwords and enable two-factor authentication.

Howard said one last thing you can do is freeze your credit. It’s free to do it’s a key thing for you to set up defenses around your identity and your wallet.

IN OTHER NEWS:

TechCrunch
FBI seizes hacking forum BreachForums — again
The FBI along with a coalition of international law enforcement agencies seized the notorious cybercrime forum BreachForums on Wednesday. For years, BreachForums has been a popular English-language forum for hackers and cybercriminals who wanted to advertise, sell, and trade stolen data. BreachForums has proven resilient.
TechCrunch
Google's call-scanning AI could dial up censorship by default, privacy experts warn
A feature Google demoed at its I/O confab yesterday, using its generative AI technology to scan voice calls in real time for conversational patterns associated with financial scams, has sent a collective shiver down the spines of privacy and security experts who are warning the feature represents the thin end of the wedge. Google's demo of the call scam-detection feature, which the tech giant said would be built into a future version of its Android OS — estimated to run on some three-quarters of the world's smartphones — is powered by Gemini Nano, the smallest of its current generation of AI models meant to run entirely on-device. This is essentially client-side scanning: A nascent technology that's generated huge controversy in recent years in relation to efforts to detect child sexual abuse material (CSAM) or even grooming activity on messaging platforms.
Yahoo Finance
Stock market today: S&P 500 breaches 5,300 as stocks rally to records after CPI
Stocks edged higher on Wednesday as investors digested fresh readings on inflation and consumer spending.
Yahoo Finance
Car insurance costs are surging — but it's not because of price gouging
Auto insurer costs have exceeded revenue from premiums for three years straight. Blame fancy cars and reckless drivers.
Yahoo Personal Finance
Modular homes: What they are and how to finance them
A modular home is built in a factory and assembled on-site. Learn how much it costs and how to finance it.
TechCrunch
Google adds live threat detection and screen-sharing protection to Android
On the second day of the Google I/O 2024 conference, Google said on Wednesday that it is adding new security and privacy protections to Android, including on-device live threat detection to catch malicious apps, new safeguards for screen sharing, and better security against cell site simulators. The company said it is increasing the on-device capability of its Google Play Protect system to detect fraudulent apps trying to breach sensitive permissions. Google said if the system is certain about malicious behavior, it disables the app automatically.
Yahoo Sports
Jokic takes over, Knicks bully Pacers & LeBron shows up in Cleveland | Good Word with Goodwill
Vincent Goodwill checks in from Denver after watching the Nuggets take game 5 from the Timberwolves to break down the NBA Playoffs and the Lakers coaching search.
Yahoo Life Shopping
'Way better than the oven': This Betty Crocker countertop pizza maker cooks pies in a snap — nab it on sale
If 'za is your love language, this little gadget will make you swoon.
TechCrunch
Matt Garman taking over as CEO with AWS at crossroads
It’s tough to say that a $100 billion business finds itself at a critical juncture, but that's the case with Amazon Web Services, the cloud arm of Amazon, and the clear market leader in the cloud infrastructure market. On Tuesday, the company announced that CEO Adam Selipsky was stepping down to spend more time with his family and recharge a bit, according to his statement. During Selipsky’s tenure, growth for the cloud division has slowed pretty dramatically falling from 33% in Q2 2022 to 12% in Q2 and Q3 2023 before ticking up to 13% and 17% in its two most recent reports -- although to be fair, growth has slowed across the industry, as the space has settled into a more mature state.
TechCrunch
Google I/O 2024: Here's everything Google just announced
It’s that moment you’ve been waiting for all year: Google I/O keynote day! Google kicked off its developer conference each year with a rapid-fire stream of announcements, including many unveilings of recent things it's been working on. On Wednesday, Google announced it is adding new security and privacy protections to Android, including on-device live threat detection to catch malicious apps, new safeguards for screen sharing, and better security against cell site simulators.
Yahoo Sports
Former Augusta National Golf Club employee pleads guilty to stealing millions in Masters memorabilia
Richard Globensky will be sentenced in October and faces a maximum of 10 years in prison.
The Yodel
Senators propose AI safeguards, NTSB reports ship failures before Key Bridge crash and Caitlin Clark’s WNBA debut
Get caught up on this morning’s news: Senators propose AI safeguards, Cohen’s testimony continues and more in today’s edition of The Yodel newsletter
Yahoo TV
Kevin Costner shares his side of 'Yellowstone' drama: Where he stands on the future of the series
Part one of "Yellowstone" Season 5 ended in January 2023. Since then, its star Kevin Costner walked away from his starring role — and there's been a very public back-and-forth over why that happened.
Yahoo Personal Finance
AmeriSave Mortgage review 2024
AmeriSave Mortgage offers a 1% mortgage rate discount for your first year. It’s also a strong FHA lender. Find out whether AmeriSave is the right fit for you.
Yahoo Finance
New inflation reading offers hope for Fed rate cuts
Inflation pressures eased in April, an encouraging sign for the Fed. But the progress was likely not enough to justify rate cuts yet.
TechCrunch
Google TV to launch AI-generated movie descriptions
As anticipated, numerous AI-related announcements were made at this year's Google I/O 2024 conference, including the unveiling of a new feature for Google TV. Gemini, the company's family of generative AI models, will enhance the smart TV operating system so it can generate descriptions for movies and TV shows. When a description is missing on the home screen, the AI will fill it in automatically to ensure that viewers never have to wonder what a title is about, Google explains.
Yahoo Finance
Housing costs still push inflation higher but rise at slowest annual rate in two years
Shelter costs continued to pressure inflation in April, but a moderation continues and economists expect these pressure to ease in the months ahead.
Engadget
Blink Outdoor 4 security cameras are up to half off right now
As part of a larger sale on Blink devices, bundles of the Outdoor 4 camera system are up to half off.
Engadget
The first Dune: Prophecy teaser takes the action back by 10,000 years
Warner Bros. Discovery has reveled the first teaser trailer for Dune prequel series Dune: Prophecy and the first official images from The Last of Us season two.
Yahoo Sports
'Hard Knocks' extending to offseason access and will feature the Giants
The Giants' offseason will be on full display for "Hard Knocks."

News

Life

Entertainment

Finance

Sports

New on Yahoo

One click on the wrong thing can open your life to crooks. This is how to protect yourself

Recommended Stories

FBI seizes hacking forum BreachForums — again

Google's call-scanning AI could dial up censorship by default, privacy experts warn

Stock market today: S&P 500 breaches 5,300 as stocks rally to records after CPI

Car insurance costs are surging — but it's not because of price gouging

Modular homes: What they are and how to finance them

Google adds live threat detection and screen-sharing protection to Android

Jokic takes over, Knicks bully Pacers & LeBron shows up in Cleveland | Good Word with Goodwill

'Way better than the oven': This Betty Crocker countertop pizza maker cooks pies in a snap — nab it on sale

Matt Garman taking over as CEO with AWS at crossroads

Google I/O 2024: Here's everything Google just announced

Former Augusta National Golf Club employee pleads guilty to stealing millions in Masters memorabilia

Senators propose AI safeguards, NTSB reports ship failures before Key Bridge crash and Caitlin Clark’s WNBA debut

Kevin Costner shares his side of 'Yellowstone' drama: Where he stands on the future of the series

AmeriSave Mortgage review 2024

New inflation reading offers hope for Fed rate cuts

Google TV to launch AI-generated movie descriptions

Housing costs still push inflation higher but rise at slowest annual rate in two years

Blink Outdoor 4 security cameras are up to half off right now

The first Dune: Prophecy teaser takes the action back by 10,000 years

'Hard Knocks' extending to offseason access and will feature the Giants