Today technology threats come in many forms, it’s not just about viruses – even though you can never drop your guard on them either. A lot of threats are now developed with malicious intent, which can be to cause technical problems with computers and networks or to steal information. They are generally termed ‘malware’.
What is Malware?
Malware simply means malicious software. It can refer to any piece of software that finds it’s way onto your computer and causes harm. Malware can be distributed through several means such as Viruses, Worms and Trojans.
The first distribution method for Malware was the computer virus. This is a program that self replicates on your computer without permission. A worm is similar to a virus, except it does not need a host to replicate itself. It uses a computer network to spread and send copies of itself to any location it can reach, such as the various computers attached. As the Internet is one large computer network, worms have a large scope to spread!
Spyware is malware installed on your computer that watches your usage. This may be in the form of logging key strokes to find passwords or banking details, monitoring websites you visit to target advertising at you or redirecting your browser to sites containing Malware. A similar form of Spyware is Adware, which constantly displays ads on your computer.
A Trojan or Trojan Horse is a seemingly harmless computer application that when ran, performs another action entirely. This is almost always harmful. A common Trojan Horse will ask you if you want to install a file needed to playback a video or listen to an audio file and upon you saying yes, will install some form of malware, spyware or backdoor program.
A Drive-by Download is perhaps the most dangerous threat here. It is also the threat that is increasing the most currently. A Drive-by Download is a program that is installed on your computer without your knowledge, simply by viewing a website or opening an email. You may see a pop up whilst viewing a website which tells you that your computer needs to be checked or cleaned, unfortunately clicking on this link could soon lead to a piece of malware being loaded onto your computer.
What is phishing?
Phishing is an attempt to extract private information, such as passwords and banking details, from a computer user. This is generally through the form of a website masquerading as a bank or on-line transaction site such as eBay or PayPal. The most common Phishing attacks are when an email is received purporting to be from a bank asking for the user to reconfirm their Internet banking username and password. The user will think they are following a link to their banks website, however they will instead be redirected to another website which has the same look as the bank. When the user fills out their details they are recorded by the website and are now in the hands of the person running the scam.
What is Pharming?
Pharming is a hacker’s attack aiming to redirect a website’s traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses – they are the “signposts” of the Internet. Compromised DNS servers are sometimes referred to as “poisoned”. Pharming has become of major concern to businesses hosting ecommerce and online banking websites. Sophisticated measures known as anti-pharming are required to protect against this serious threat. Antivirus software and spyware removal software cannot protect against pharming.
What is Crimeware?
While spyware has occupied centre for some time, it is but one of the tools behind today’s rash of cybercrime. Deceptive Trojan horses, multi-purpose bots, and spyware programs form the crimeware arsenal of today’s hackers and are regularly bought and traded on the black market. The price tag of crimeware is often based on their ability to steal sensitive data such as bank and credit cards while remaining undetected by the victim.
What is a Bot?
“Bot” is actually short for robot – not the kind found in science fiction movies or on the production line in a manufacturing business. Bots are one of the most sophisticated types of crimeware facing the Internet today. Bots are similar to worms and Trojans, but earn their unique name by performing a wide variety of automated tasks on behalf of their master (the cybercriminals) who are often safely located somewhere far across the Internet. Tasks that bots can perform run the gamut from sending spam to blasting Web sites off the Internet as part of a coordinated “denial-of-service” attack. Since a bot infected computer does the bidding of its master, many people refer to these victim machines as “zombies.”
Bots sneak onto a person’s computer in many ways. Bots oftentimes spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are awoken by their master to perform a task. Bots are so quiet that sometimes the victims first learn of them when their Internet Service Provider tells them that their computer has been spamming other Internet users. Sometimes a bot will even clean up the infected machine to make sure it does not get bumped off of the victim’s computer by another cybercriminal’s bot. Other ways in which a bot infects a machine include being downloaded by a Trojan, installed by a malicious Web site or being emailed directly to a person from an already infected machine.
Bots do not work alone, but are part of a network of infected machines called a “botnet.” Botnets are created by attackers repeatedly infecting victim computers using one or several of the techniques mentioned above. Each one of the zombie machines is controlled by a master computer called the command and control server. From the command and control server, the cybercriminals manage their botnets and instructs the army of zombie computers to work on their behalf. A botnet is typically composed of large number victim machines that stretch across the globe, from the Far East to the United States. Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal.
What is spam?
Spam refers to any form of unsolicited electronic communication. Spam is most commonly sent via email, however it also is used through other communication channels, such as Instant Messaging, website comments and search engines. Email spam is the most common and currently comprises over 96% of all emails sent! Therefore, on average less than one in 20 emails that are sent to you are legitimate!