Trojan Horses, Worms, Viruses, Scams and Hackers, Spyware and so much more

virus detected

What is a pop-ups, pop under, trojan-horse, worm, adware malware and spyware? Do you know the difference between a virus and a worm? We will endeavour describe these things in some detail; help you to learn how to prevent them, and even how to remove them!

Malware

Short for "malicious software," malware is used to describe software programs designed to damage or do other unwanted actions on a computer system.
Common examples of malware include viruses, worms, Trojan horses, and spyware. Viruses, for example, can cause havoc on a computer's hard drive by deleting files or directory information. Spyware can gather data from a user's system without the user even knowing it. This can include anything from the Web pages a user visits to personal information, such as credit card numbers and your all your personal banking details.
It is indeed unfortunate that there are software programmers out there with malicious intent, but it is good to be aware of this fact. It is vital that you install anti-virus and anti-spyware utilities on your computer that will seek and destroy the malicious programs they find on your computer.

Viruses:

A virus is simply a computer program that someone created often just for the fun of it Computer virus’s have the incredible capacity to spread like wildfire and infect many other computers along the way. A virus is usually always destructive in some way. An example whereby a virus may search an infected host computer for all your saved email addresses, it then emails itself to all your collected email addresses.It may then on some predetermined day, erase the entire contents of these infected computers that it has been transmitted to.
Quite often the recipients that received this apparently harmless email that was automatically sent from your PC may then open that email, infect their computer, and the virus then repeats the process over and over again.
Although a virus is able to spread on its own, it generally needs some sort of human involvement to spread itself in order to infect other computers. Usually this means someone has to 'open' (double-click) the virus program. Virus writers usually use some kind of trick to encourage people into opening their virus programs. This is why it is important to never open an email attachment that you were not expecting - EVEN if it appears to be from someone you know.

Memory Resident Viruses:

Memory Resident Viruses reside in a computers volatile memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after its initiating program closes.

Rootkit Virus:

A rootkit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term rootkit comes from the linux administrator root user. These viruses are usually installed by trojans and are normally disguised as operating system files.

Polymorphic Viruses:

A polymorphic virus not only replicates itself by creating multiple copies of itself, but it also changes its digital signature every time it replicates. This makes it difficult for less effective antivirus software to detect.

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit. Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Logic Bombs/Time Bombs:

These are viruses which are programmed to initiate at a specific date or when a specific event occurs. Some examples are a virus which deletes your photos on Christmas Day.

The Worm:

The worm is somewhat similar to the virus except in one detail. The worm requires absolutely no human help or involvement to spread itself! The Worm relies totally on security 'holes' or “gaps” in Microsoft Windows, Microsoft Internet Explorer, or other systems/programs that allow them to automatically spread themselves over the internet. A security hole is quite simply an error or oversight in a program that when manipulated in just the right way, can be made to take control of the computer.

The Trojan horse:

A trojan-horse is program that can do damage like a Virus or a Worm, but it does not have the ability to spread to other computers. Instead, the Trojan is disguised as something that it isn't - such as a game, an image or picture-file. The user is then led to believe he or she is getting something for free, in reality they are getting much more than they expected. If it is too good to be true then chances are it is dangerous.

Spyware:

Spyware is software that is installed on your computer without your knowledge, remains hidden, and is often difficult to remove. The purpose of spy-ware is usually to gather information about your web-surfing habits, your email addresses, or other personal information, and then transmits the information back to its creator often to be sold for marketing purposes.
Although spyware usually does not intentionally cause damage to your PC, it often slows it down or causes it to crash. If you are using Microsoft Windows or Microsoft Internet Explorer, and you are an average user, and if you have not taken steps to prevent it
Be very cautious downloading Anti-Spyware software, many users have been totally locked out of their system by Software claiming to be anti Spyware. Always research software before downloading or have your I.T professional install and run Anti Spyware software for you. Often a reputable software solution can be misrepresented and offered for sale by opportunists. There are several very good and yet free Anti Spyware solutions that are offered for money from web sites that are not in any way connected to the original products developers.

The Pop-Up and the Pop-Under:

“Pop-ups and Pop-unders” are advertising windows that literally appear out of nowhere on your screen (a pop up). Or appear below your open windows, so that when you close your programs you see the remaining 'pop-under' advertisement.
We have two types of these. There are the innocent and the not-so-innocent.
The innocent popup (or pop-under) appears when going to a website as a opportunity for them to advertise something that you most probably don't want. Most web-browser programs have built-in pop up blockers that can prevent this type of popup. Check to see if your “Pop-UP” blocker is activated in your Web Browser?
The Not-so-Innocent Pop Up is actually a form of spy-ware (see above). The purpose of this spyware is to generate advertisements that are always on your PC - no matter what you do, they will even “Pop-Up” when you are not even connected on the internet! This type of popup (or pop-under) will almost always advertise a websites for pornography or gambling. This can be very annoying and embarrassing if an inappropriate “Pop-Up” occurs.

Adware

Generically, adware is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers these advertisements, which can be viewed through pop-up windows or through a bar that appears on a computer screen. The justification for adware is that it helps recover programming development cost and helps to hold down the cost for the user.
Adware has been generally heavily criticised because it usually includes code that tracks a user's personal information and passes it on to third parties, without the user's authorisation or knowledge. This practice has been dubbed spyware and has prompted an outcry from computer security and privacy advocates.

Hacker

A hacker is a person who writes programs in assembly language or in system-level languages. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes.

Hackers Have a Bad Name and during the 1990s; the term "hacker" became synonymous with "cracker," which is a person who performs some form of computer sabotage. Sometimes, hackers are not even worthy of the original meaning of the term. Today, a lot of malicious acts are performed by people with limited knowledge who gain unauthorised access into computers to steal data or simply just perform sabotage or disruption.

What is Phishing?

Phishing is a form of theft where the intent is to steal your valuable personal data, such as credit card numbers, bank account details, passwords, account data, or other information.

Why is it dangerous?

Regardless of what story the phishers use, if you fall prey to a phishing email, the end result may be unauthorised purchases using your credit card or an empty bank account or other financial account. Identity theft is also a very common result of phising scams.

How does it work?

A phisher will send you an email, an instant message or sometimes call you on the phone. The message may appear to come from a friend, a business (your bank), a government agency, or some other entity. Common phishing scams typically claim to be credit card companies, banks, and major online retailers such as eBay, PayPal, and Amazon, as well as social networking sites like MySpace. Some phishing attempts are easy to identify because they claim to come from businesses or companies that you have never dealt with; others may be more difficult to identify, since they appear to originate from entities with which you do business.

A phishing message may indicate that the sender had problems with their computers or data and they simply need to verify your account information so you won't be inconvenienced next time you try to use their services or pay your bill online. The email message might even suggest that a suspicious purchase was made using your credit card details and if you did not make this purchase, you need to contact them by using the link included in the email. Another example is a message claiming that you have just won Lotto and that you should go to the secure web link provided, enter your bank account information and they will deposit your winnings into your account. Another variation might be an email claiming to be from the Tax office claiming that due to an accounting error, you are owed a refund. They ask that you go to a website and enter your banking information so that they can process the refund.
Always contact the service provider mentioned in the email, never submit your personal details as requested in these emails. Scams purporting to be your Mobile Phone carrier or Internet service providores are always popular. They create a fear that your account is about to be suspended as your last credit card bill payment was not successfully processed. We all know how long and how hard it is to deal with our Telco’s with lengthy on hold situations and the occasional hard to understand off shore call center.

What is identity theft?

Identity theft is a type of fraud which involves stealing money or gaining other financial benefits by pretending to be someone else. Having your identity stolen can be both financially and emotionally devastating.
Identity theft can occur in many ways—from somebody using your credit card details illegally to make purchases to having your entire identity assumed by another person to open bank accounts, take out loans and conducting illegal business whilst using your name.

How does identity theft work?

Identity theft works in a number of ways—from careless and very amateur methods to large well organised international scams.
Most of us have a wealth of personal information readily available, personal details in our wallet, mail, public records, information stored on our computers and especially information we have posted on the social networking sites.
Identity theft can happen easily and very quickly. By leaving your personal information readily available, scammers will have easy access to this information. For example, scammers will rummage through rubbish tips and steal letters often known as ‘dumpster diving’ just to collect personal information.
However, despite your best efforts, a determined scammer can also create elaborate and elaborate plan to trick you into providing your personal details. For example:

  • By sending an email that looks like it comes from your bank, financial institution or telecommunications provider. Known as phishing scams, these emails are all about tricking you into handing over your personal and banking details to a scammer. Most of these work by including web page links in the email to take you to a combination of genuine and spoofed (fake) websites.
  • Phoney fraud alerts are similar to phishing scams where scammers trick you into handing over your personal details. A common fraud alert involves the scammer pretending to be from your bank informing you that your credit card or account has been cancelled because of suspicious criminal activity (just one reason). They will then trick you to provide account full personal details to ‘confirm’ your identity.
  • Fake job opportunities are usually posted on genuine job websites. The scammer may use or then sell your personal information you provided in the online ob application.

‘Nigerian 419’ scams?

A ‘Nigerian’ scam is generally requires some type of upfront payment or money transfer. They are called Nigerian scams simply because the country they first originated from Nigeria, but now they can come from just about anywhere in the world. The ‘4 1 9’ is a name is taken from the section of Nigeria’s Criminal Law Code which outlaws this very practice.
The scammers will usually contact you by email, fax or a letter and offer you a share in a large sum of money that they urgently need to transfer out of their country. They may tell you very creative and detailed stories about this money being locked in their banks during a civil war or when a government was overthrow. They may also tell you about massive inheritances that are also difficult to access because of the local government restrictions or taxes in the scammer’s country.

Scammers will always ask you to pay money or give them your bank account details to help them transfer the money. You will then be then asked to pay some form of fees, charges or taxes to assist in the release or transfer the money out of their country through your bank. These ‘fees’ may even start out as quite small amounts. If paid, the scammer will then continually makes up new fees that require additional payments. They will keep making up these required payments until they believe they have got all the money they can out of you.

Warning signs

  • You receive an offer asking to ‘help’ someone from another country transfer their money out of their country (e.g. Nigeria or Iraq).
  • The offer sets out a long and often very sad story about why the money cannot be transferred by the scammer. This usually involves an inheritance or profits from natural resources venture that the scammer might say they are trying to protect from high taxes or a their corrupt government.
  • You are offered a percentage of the total amount transferred in return for your assistance in getting the funds transferred out of the country.
  • The amount of money to be transferred, and the payment that the scammer promises to you if you help, is usually extremely large.
  • The email or letter is in very polite, but often broken English.
  • The letter may also appear to have originated from a Lawyer or law firm.

Inheritance frauds

Run by criminals who obtained a lengthy email lists which include recipients' names - although many of the lazier criminals will even bother trying to match names between the decedents and the recipients of their spam? They then create mass mailings based upon those lists, describing how a fictional individual with the same last name died without heirs, usually in a remote part of the world. If a recipient replies to the email, the criminal will engage in what is called an "advance fee" fraud, and attempt to convince that person to send money to pay for legal fees, bribes, or other expenses. (The term "advance fee" refers to the money they get from you - and despite their promises of riches, you never get a cent in return.) The criminal may also attempt to get copies of the person's identification cards, bank account information, and other information which can be used to forge bank drafts or commit identity theft.

In a recent article in one of Australia’s largest Newspapers the amount being scammed every month from unsuspecting Australians is around Ten Million dollars.

Email Spam

Also known as junk email orEmail Spam unsolicited bulk email is an electronic spam involving nearly identical messages sent to many recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. Email spam has steadily grown since the early 1990s. Botnets, networks of virus-infected computers, are used to send about 80% of spam.
Many countries have made spamming illegal. Further in depth details can be found at your countries official government web site.

Keyboard sniffers

A program which reads the keystrokes made by a user and transmits them to someone else. Such programs are usually used by intruders into computer systems in order to capture important information such as passwords or other sensitive information such as internet banking log ID’s. With the recent introduction by most banks use of floating keyboards activated by mouse clicks this method is no longer a favourite method for cyber criminals.

Top tips for avoiding internet viruses

Install a competent and trusted anti-virus program:
An efficient anti-virus program will regularly scan your computer’s hard-drive for viruses from malware to spyware. You can also set your anti-virus software to scan incoming e-mails and website URLs before they have contact with your system. The best anti-virus programs always work well in the background without impeding or slowing your day-to-day computer usage and only alerting you when a virus is found.

Back up sensitive data on a regular basis:
In the event that an internet virus does attack your system and its sensitive information it is always advised that you immediately back up your data. This will enable you to recover your files more easily if you have to follow through with a fresh install of your operating system in order to rid your system of the virus.

Avoid downloading software and attachments from unknown sources:
There is a great temptation to download software from retailers when is priced considerably lower than the manufacturers’ rates. The chances are that these are not legitimate, authorised or licensed copies – this could very well pose a serious threat to your operating system when downloaded and installed. Frequenbtlty emails also spread the threat of viruses as they are often disguised in the attachments that may appear genuine on the surface but can unleash mayhem should they be opened. Generally most anti-virus systems will scan emails upon their arrival in your inbox. A reliable antivirus program should indentify quarantine or even delete outright any threat that attempts to sneak into your system attached to an email.

Beware of unexpected file extensions:
If a website or e-mail prompts you to download a file attachment that carries an unexpected file extension you should immediately contact the sender before opening or simply delete it if you suspect it contains harmful executable code. It is important to note that data files do not carry viruses as these file extensions do not allow for executable code. Files ending in extensions such as .txt, .jpg, .mp3 and .wav are regarded as 'safe' common data files.
Activate your operating system’s firewall:
Generally most operating systems provide their very own firewall protection which acts as an additional barrier alongside your anti-virus software. A firewall simply screens your incoming internet traffic preventing unauthorised access to sensitive files on your computer. With a firewall working in together with your anti-virus software you can certainly be more comfortable and safer with your web browsing.
Be prepared for major virus outbreaks:
Now that you have firewall and anti-virus protection does not however mean you can completely ignore the threat of internet viruses. When you are informed of a virus spreading across the internet you must remain extra careful and vigilant when opening emails and downloading information onto your system. Always ensure your virus software is set to automatically update your Virus detection software. Check to see that regular full scans are scheduled and completed.

Always:

  • Filter spam.
  • Don’t trust unsolicited email
  • Treat email attachments with caution
  • Don’t click links in email messages
  • Install antivirus software and keep it up to date
  • Install a personal firewall and keep it up to date
  • Configure your email client for security
  • Keep your computer operating system up to date

“I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image.”

Stephen Hawking
English cosmologist and physicist (1942 - )

If after all of this if you are still confused (and frankly who wouldn’t be) perhaps you should consider speaking with your local I.T Professional. Discuss your concerns and have a strategy and software installed to maintain and protect your system. Prevention is better than the cure.

Enquiries:

Call 07 5530 7806

International Phone: +61 7 5530 7806

QSR Media Web News

Support

Abcom Support


Remote Support
It is recommended that you use Microsoft Internet Explorer to launch remote support.