Press release July 15, 2002
85 percent of all computers not protected against dialers
Evaluation of security tests on safersurf.com showed alarming result
Parallel to the introduction of the new dialer protection by SaferSurf all visitors and more than 1200 customers got the chance to test their internet browser and eMail program online for security vulnerabilities. The test simulated the most common security gaps that are used by criminal dialers to call expensive phone numbers without user knowledge.
But not only SaferSurf customers could benefit from the security test. The online services against computer fraud, dialerhilfe.de and computerbetrug.de, provided by Heiko Rittelmeier, also offer the security test to interested users. The evaluation of the log files and the feedback forms showed an alarming result.
The biggest security gap was the automatic installation of dangerous dialers via signed ActiveX controls. More than 85 percent of the users leave the default settings in the Internet Explorer untouched. This enables dialers to install and execute programs automatically and without confirmation.
"Due to this fact it is easily possible to install a dialer by means of a normal eMail with embedded HTML code, because the security settings of the Internet Explorer also apply to MS Outlook", says René Holzer, CEO of Nutzwerk and inventor of the real-time data filter SaferSurf.
More than 70 percent of the users did not have an active protection against viruses and Trojans. This means that 70 percent of the users are surfing the internet unprotectedly. About the same percentage of users is not protected against so-called exploits. Exploits are security gaps in the browser that permit to read data in the clipboard or to start any files on the user computer.
"Especially unsuspecting users frequently fall victim to unwanted dialers. The installation, configuration and updates of dialer alerts is simply too much for them. The protection has to set in before the dialer is loaded", says Heiko Rittelmeier about the current security problems. This statement is supported by the latest AOL survey that showed that 45 percent of the users do not have the technical knowledge to protect themselves effectively.
Security test on the internet:
Internet browser: http://www.safersurf.com/english/computerbetrug/test_browser.html
eMail program: http://www.safersurf.com/english/computerbetrug/test_email.html
|
|
|
 It is possible to install a dialer by means of a normal eMail with embedded HTML code.   |
