Threats & Challenges
Lions and tigers and bears, oh, my! Sometimes, lately, that’s how it feels when you’re using your computer. Viruses and worms and phishing attacks:oh, my, indeed. But, as movie directors know, the scariest thing is the unknown. So let’s get all this bad stuff into the light, so we can start dealing with it…
Viruses. Like the viruses that sicken human beings, viruses insert themselves into other programs (or completely replace those programs). Once they’ve done so, they can cause all sorts of symptoms – from ‘mild’ (displaying annoying messages) to ‘fatal’ (damaging your data or crashing your computer). Like ‘human’ viruses, computer viruses know how to spread from one computer to another. This typically occurs when the software or document they’re attached to is shared between computers.
Worms. These are much like viruses, but they operate on their own: they can spread even if nobody deliberately shares the files they’re in. Some worms exploit security flaws in the software you’re running; others simply trick users into letting them run.
Trojans. Like the giant horse ‘gift’ the Greeks gave the people of Troy, computer ‘Trojans’ are filled with trouble. But they look harmless: in fact, they look like software you’d want to run. Once you do, though, you’re in their grasp (or as some hackers like to put it, “pwned” powerfully owned.) Trojans might mess with your Web home page – or they might steal your social security number and give bad guys a ‘back door’ they can use to explore your computer whenever they feel like it.
Bots. Malicious bots infect your computer, and thousands (or sometimes even millions of other computers). Every infected computer is connected to a central connect to a central computer, and waits for instructions. What kind? Bots might be instructed to flood a Web site with more traffic than it can handle, and knock it out of service. Or they might be used to send thousands of Spam email messages that can’t easily be traced to their origin. Or they might capture and send your passwords and personal information.
How do you avoid being attacked by viruses, worms, Trojans, and bots? Get good anti-virus software which can scan not only your files but also incoming emails. Then, keep it up to date. And use common sense: never download and run software unless you’re sure it’s coming from a legitimate source.
We’re almost done, but there’s one more threat you need to pay especially close attention to:
Phishing. Phishing is fraud. It’s someone trying to convince you to hand over sensitive information (such as your credit card number or online banking password) by masquerading as the financial institution or some other ‘official’ entity. You might, for example, receive an email or an instant message that tells you your account’s been suspended, but they’ve provided an easy link to follow to reinstate your account. When you follow the link, you don’t go to the financial institution’s official site: you go to a cleverly designed fake site that captures your personal information. ‘Phishing’ attacks often pretend to come from banks, eBay, or PayPal, though they can come from anyone large numbers of people do business with. They’re getting smarter and more sophisticated, too, with fewer typos and better grammar.
Here’s how to avoid phishing attacks: #1. Never follow a link in an email that claims to come from your financial institution. If you think it might be real, close your email software, open your web browser, browse to your financial institution’s site, and log in the way you normally would. If by some unlikely chance there really is a problem with your account, you’ll find a message there telling you. #2: Get anti-phishing software or new web browsers that display a warning if you visit a site that appears not to be who it claims to be. Most recent browsers contain at least some anti-phishing capabilities.