THREATS TO YOUR COMPUTERS
SPYWARE
* Gathers information from a consumer's computer without permission
* Reports the information to the creator of the software or to one or more third parties
* Is installed on a consumer's computer without having given adequate notice to consumers
* Provides the consumer with little or no control over removing the software
This type of nefarious software often is designed to do one or more of the following activities:
* Change system settings
* Install unauthorized dialers
* Install keystroke loggers
* Collect and report consumer's personal information to the developer of the software or to
one or more third parties
* Use computer processing capacity without permission
* Deliver spam or ads without consumer's notice and consent
Many real-life examples
VIRUSES
(Broadband users more vulnerable than dialup) A computer virus attaches itself to a program
or file so it can spread from one computer to another, leaving infections as it travels. Much like
human viruses, computer viruses can range in severity; some viruses cause only mildly annoying
effects while others can damage your hardware, software, or files. Almost all viruses are attached
to an executable file, which means the virus may exist on your computer but it cannot infect your
computer unless you run or open the malicious program. It is important to note that a virus cannot
be spread without a human action, (such as running an infected program) to keep it going. People
continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending
e-mails with viruses as attachments in the e-mail.
WORMS
A worm is similar to a virus by its design, and is considered to be a sub-class of a virus. Worms
spread from computer to computer, but unlike a virus, it has the ability to travel without any help
from a person. A worm takes advantage of file or information transport features on your system,
which allows it to travel unaided. The biggest danger with a worm is its ability to replicate itself on
your system, so rather than your computer sending out a single worm, it could send out hundreds
or thousands of copies of itself, creating a huge devastating effect. One example would be for a
worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm
replicates and sends itself out to everyone listed in each of the receiver's address book, and the
manifest continues on down the line. Due to the copying nature of a worm and its ability to travel
across networks the end result in most cases is that the worm consumes too much system
memory (or network bandwidth), causing Web servers, network servers, and individual computers
to stop responding. In more recent worm attacks such as the much talked about .Blaster
Worm,
the worm has been designed to tunnel into your system and allow malicious users to control your
computer remotely.
TROJAN HORSES
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The
Trojan Horse, at first glance will appear to be useful software but will actually do damage once
installed or run on your computer. Those on the receiving end of a Trojan Horse are usually tricked
into opening them because they appear to be receiving legitimate software or files from a
legitimate source. When a Trojan is activated on your computer, the results can vary. Some
Trojans are designed to be more annoying than malicious (like changing your desktop, adding
silly active desktop icons) or they can cause serious damage by deleting files and destroying
information on your system. Trojans are also known to create a backdoor on your computer that
gives malicious users access to your system, possibly allowing confidential or personal
information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting
other files nor do they self-replicate.
HACKERS:
A
hacker (sometimes called cracker) tries to connect to your computer
using sophisticated programs to discover your password with malicious
intent. They might want to store illegal files on your computer or even try
to get information to steal your identity and access your accounts.
PHISHING AND PHARMING
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate
enterprise in an attempt to scam the user into surrendering private information that will be used for
identity theft. The e-mail directs the user to visit a Web site where they are asked to update
personal information, such as passwords and credit card, social security, and bank account
numbers, that the legitimate organization already has. The Web site, however, is bogus and set
up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing
scam in which users received e-mails supposedly from eBay claiming that the user’s account was
about to be suspended unless he clicked on the provided link and updated the credit card
information that the genuine eBay already had. Because it is relatively simple to make a Web site
look like a legitimate organizations site by mimicking the HTML code, the scam counted on
people being tricked into thinking they were actually being contacted by eBay and were
subsequently going to eBay’s site to update their account information. By spamming large groups
of people, the “phisher” counted on the e-mail being read by a percentage of people who actually
had listed credit card numbers with eBay legitimately.
Phishing attacks have been on the rise.
Research firm Gartner estimates that 73 million U.S. Internet users received phishing e-mails
during the 12 months ending in May 2005, up 28 percent from the previous year.
Try this: click on this valid looking link to the Whitehouse www.whitehouse.gov
Pharming is similar in nature to e-mail phishing, pharming seeks to obtain personal or private
(usually financial related) information through domain spoofing. Rather than being spammed with
malicious and mischievous e-mail requests for you to visit spoof Web sites which appear
legitimate, pharming 'poisons' a DNS server by infusing false information into the DNS server,
resulting in a user's request being redirected elsewhere. Your browser, however will show you are
at the correct Web site, which makes pharming a bit more serious and more difficult to detect.
Phishing attempts to scam people one at a time with an e-mail while pharming allows the
scammers to target large groups of people at one time through domain spoofing.
