COMPUTER  VIRUSES  AND  OTHER  MALWARE  ATTACKS  EXPLAINED


This category will explain some of the well known forms of attack (Virus, Worm, SpyWare and so on) aimed at computer devices in general as well as teach you how to protect your computer so it can avoid being attacked in the first place. Note well that this category does not suggest in any way, shape or form that your computer will be fully protected against an attack. Nor does it suggest in any way, shape or form that your computer will be cured of an existing attack. This category is here purely to make you aware that attacks do exist and what you can do to help prevent them and treat them.


Apple Mac Users - Although Apple's market share of the overall computer market is currently less than 10% and therefore means Hackers and Virus Programmers are not too interested in attacking Apple Mac devices.....at the moment, this doesn't mean Apple Mac devices are fully protected against online scams; such as e-mail scams and online banking scams. Furthermore, it doesn't mean that Hackers and Virus Programmers are never going to be interested in attacking Apple Mac devices. One day they will begin attacking, but hopefully not. Either way, isn't it better to prepared with knowledge and protection beforehand, just in case.....

If you have not read this page before continue reading it, from top to bottom, as normal. Otherwise you can click on a subject below to get near/on the subject you was reading before.

Worm         Trojan         Spyware         Phishing         Hacker         Spam / Junk Mail         Dialer         Key Logger         Malware         Cookies         Symptoms

With the fact that more than 65,000 known Viruses and Worms have been programmed so far, mainly for the PC of course, and the fact that new ones are being programmed every day, are you protected? Use this section to educate yourself and become more security aware of computer dangers in general.

THE  VIRUS

A virus is a file that is programmed to cause a lot of damage to the computer and the files stored on it. It gains access to the computer by either storing itself onto a floppy disk, as an e-mail attachment, as a file, inside another application or via a computer network (computers that are connected together, with/without an internet connection). Once on the computer the virus spreads itself by infecting other files on the computer.

A virus is activated when you use another application to open it. For example. If someone sends you an e-mail with an attachment that has a virus inside it the virus will activate (start spreading itself) as soon as you open the attachment using MAIL or Mozilla Thunderboird for example. If a virus infected file is on a flash drive it can be activated by the computer that is trying to open (read) the flash drive's contents and/or by the application that is going to open the file. You can also, unknowingly, send a virus infected file over the internet as an e-mail attachment or by giving someone a virus infected flash drive. I say unknowingly because of the sad fact that many people are usually unaware they have a virus in the first place. Especially when they have no Anti-Virus software installed or when it is not up-to-date.

Apple Mac Users - Although there have been low-level cases of attacks on the Apple Mac, that have done no serious damage, one thing to remember here is that an Anti-Virus software for the mac can also protect your Apple Mac from passing on Windows Viruses and other Windows Malwares (which don't actually attack the mac). So if you receive a virus infected e-mail from a Windows users, that you unknowingly forward (pass) onto another Windows user, normally the Apple Mac anti-virus software will clean that virus infected e-mail before allowing it to be forwarded if possible; in which case the e-mail message would exist (be forwarded) but without the attachment.

THE  WORM

The worm is more or less a Virus except that it can distribute itself as an e-mail by using e-mail addresses it finds on the computer. In other words; It can find your friend's e-mail address (on your computer) for example and then send them a virus infected e-mail when you are connected to the internet. On a PC a worm can also allow other people to remotely take control of your computer without you knowing about it.

THE  TROJAN  HORSE

A Trojan Horse is an application that masquerades as another common application in an attempt to receive information. An example of a Trojan Horse is an application that behaves like a Log-On application in order to retrieve your typed in User Name and Password information. You log-on as normal, because the Trojan Horse log-on screen looks the same as the real log-on screen, but later on the Trojan Horse sends your user name and password details down the internet to the trojan programmer's computer. They then break into your computer at a later date to steal your files/information.

SPYWARE

Spyware is software that is downloaded onto the computer without your knowledge, usually when you are downloading some software you want. For example, you may go to a website to download a music application and as you are downloading the music application the spyware application is also being downloaded (without your knowledge and agreement). The spyware may be part of the music application, come from the website separately or both - normally it comes from the application.

Spyware normally has permission to be on the computer because you either agreed to a license agreement before the download (i.e a website download agreement) or to the software installation (I Agree) license agreement. Spyware can be given permission in other ways though, depending on your security settings and so on. Once installed and activated spyware takes control of the computer, in order to collect information about you and your computer activities whilst being as disruptive as possible - It normally bombards you with pop-up advertisements and slows down the computer or changes the computer's behaviour in odd ways. So always read license agreements and so on carefully. If you do not understand something do not agree to it - do not download or install the software.

PHISHING

Phishing is basically various methods of online fraud, with the most common method being actioned via an email. It can start with an e-mail, which is fake, that is supposedly from your Bank for example "Due to a recent computer crash at Phisher Bank we have unfortunately lost your Records. We are asking all of our customers to complete a new Online Information Form. Please go to our sister company's Secure Banking website (link at the bottom of this email) and fill out the Online Information Form. Alternatively. Please contact Phisher Bank on this national number 0207 1234567 or contact your local branch.". This kind of wording might convince you to visit the website, if you are a vulnerable person, especially as the phisher (fraudster) has given out a bank contact number as reassurance.

As a vulnerable person you might be curious about the information on the online information form and/or think you will be helping the bank with their lost records problem. Curiosity and a willingness to help are some of the psychological methods used by phishers to draw you into their net. If you visit the fake website it will look more or less like the original (proper) bank website and the online information form might only be a Name and Address form. This is so you will not suspect any thing.


Once the form has been filled in the phisher will probably send you other cleverly disguised e-mails later, asking you for more information a little at a time Thank you for completing the Online Information Form. We will now process this information and e-mail you again if we need any further information. Your reference number is: R1D978J - Please quote this reference number in any future e-mails". This scenario goes on until the phisher has collected enough information to be able to impersonate you and apply for bank credit as you with your details (Name, Address, Age, Card Number and so on). All of which they have obtained from you by e-mail. So always ignore e-mails of this nature and go to your bank for confirmation that the e-mail is genuine and that the bank has indeed lost your records.

Below is a real example of a Phishing Scam. It first claims to be an e-mail from PayPal, even though the e-mail states a hotmail e-mail address; but they are hoping I don't notice that, especially if I am elderly. It then claims that PayPal has noticed 'unusual account activity' from my PayPal account whereby they have limited its access. Well as I don't have a PayPal account associated with my Yoingco e-mail address I find it impossible for me to have 'unusual account activity'. This just means the phisher (fraudster) has used a computer to e-mail any e-mail address at random whereby they are hoping those computer generated e-mail addresses do have a PayPal account associated with them. Finally, the e-mail is asking me to fill out and submit the attached Application Form (by clicking on the ProfileSummary.htm link). This whole e-mail has been designed to put me in a state of panic and knee-jerk reaction.



Fig 1.0  This fake PayPal e-mail is asking me to fill out my personal details in the attached Profile Summary form

If I click on the ProfileSummary.htm link (above), located at the bottom of the e-mail message, I am then confronted with the following Application Form.

It is important to remember here that a company such as PayPal will never send such an e-mail and will never ask you for personal details via an e-mail (or telephone call). So you should NEVER click on a link from within one of these phishing e-mails. And you should NEVER EVER fill out an Application Form that asks you for your personal details. If in doubt, telephone PayPal and/or your Bank directly by getting their phone number from Directory Inquiries or physically visiting their Office if possible.



Fig 1.1  NEVER EVER fill out an Application Form that is asking you for Personal details

Even though I have purposely clicked on the ProfileSummary.htm link at the bottom of the e-mail, filled out the Application Form and then clicked on its SUBMIT button (not shown here) my security software (Bitdefender) has successfully blocked off the website behind the phishing scam so that no personal information was sent. This particular phishing scam comes from Brasil, South America; denoted by .com.br at the end of the url (website address) mentioned in the Bitdefender window.



Fig 1.2  Security Software like Bitdefender can block off phishing scams as well as Viruses and other forms of Malware

Other things to look out for are spelling mistakes and where a link will take you. Normally if you hover over a link with the mouse pointer you are shown which website that link is taking you to.

Saying the above; The way great phishers set up their websites and e-mails, together with their con-artist abilities, can fool even the sharpest of people. So don't think "It will never happen to me" because it could. So ALWAYS Remember - Legitimate businesses never ask you for personal details online.

THE  HACKER

A hacker is someone who uses specialist computer hardware and software to break into someone else's computer or computer network. They usually break into big company computers in order to expose their security weaknesses or to get files from those computers for criminal gain. There is also the software hacker who breaks into a piece of software in order to get its serial number and/or to disable part of the software in order to use that software for free. Basically they are creating free/pirated software for the mass market. Hackers are always targeting Microsoft, for some reason or another, to bring Windows crashing down; and one day they might target Apple. Hence why you always need to keep your operating system (Windows and OS X Mountain Lion) up-to-date.

SPAM  /  JUNK E-MAIL

Spam is basically a bombardment, over a daily or weekly period for example, of the same type of unwanted e-mail. They range from genuine offers for goods to unsolicited adult material. Spam is normally sent by a company who has obtained your e-mail address through abnormal means. If you sign up to a forum, newsletter or dating site for example a company simply visits those same forums, dating sites and so on to get e-mail addresses submitted publicly. If your e-mail address was submitted publicly by you or with your permission the company will be able to see it.

Although a lot of forums, dating sites and so on give you a nickname to use, instead of publicly displaying your e-mail address, it can be likely that they sell your private e-mail address to interested companies anyway. It is usually a scenario of you not reading the small print in the sign-up agreement. Once your e-mail is known it gets spread like wild fire. Hence the bombardment of spam (Junk E-Mail).

Tip - Create and use a bogus e-mail address for yourself. A bogus e-mail address that you can use on forums, dating websites and other public websites. NEVER give out your proper e-mail address though - ALWAYS use that for Friends and Official Websites/Organizations only such as the Passport Office, Amazon, PayPal, Tescos, TV License, etc.

THE  DIALER

The Dialer is a piece of software that is downloaded on to the computer. Its job is to disconnect you from the internet, so that when you reconnect it uses its own software to reconnect you. You probably will not notice any change, as the dialer software does its best to emulate your real connection software, but you will notice when you get a big phone bill because The Dialer has been charging your reconnection (and any subsequent connections) at £1 a minute for example. Hence its name The Dialer - It dials (connects you to) the internet at a higher price. The Dialer normally affects P.A.Y.G (Pay As You Go) Dial-Up / Dongle users, as opposed to Broadband users who get there Broadband for FREE these days anyway.

THE  KEY  LOGGER

A Key Logger is an application that, once downloaded, starts logging (writing in to a log file) all the keyboard keys you are pressing. Once your keys have been logged the log file is sent to a computer for analyzing. Basically, the file is tested against your Personal Details with the hope of robbing you. The details could of been got earlier or are in the log file. For example. When you book a Flight you have to fill out a purchase form, stating Credit Card details, in order to buy the ticket. So suppose I put my Name, Address, Credit Card details and so on. The log file might look like this:

www.StupidFlightBookers.com
John Cairns
Address
VISA
1234567890123456
6789
ROMA
ITALY
2 Weeks

The analyzing computer would know how to digest my information based on the fact it knows the www.StupidFlightBookers.com purchase form always asks for information in the above order. In other words, it would know that line 4 contains my credit card type and line 5 contains my credit card number for example. It is not long before the person(s) behind the scam have all my personal details and credit card details. From which they can get a New Bank Account, Mobile Phone and so on in my name.

MALWARE

Malware stands for MALicious softWARE. It is a generic term used to describe software applications that are designed to attack, degrade or prevent the normal (intended) use of a network and its connected computers. Types of malware can include Viruses, Worms, Trojans as well as software that intrudes on your privacy (usually for fraudulent purposes - Identity Theft and Spyware).

COOKIES

What is a Cookie you might ask! You would be forgiven for saying A Biscuit! A cookie, in computer terminology, is in fact a computer text file that stores information about you, your account, your password and so on. Up until a few years ago the cookie was a good thing, as the following scenario demonstrates:

You go on the Internet and find a public forum you like, such as The Dogs And Cats public forum. It allows you to ask questions and answer questions about Dogs And Cats as long as you are a registered member. So you decide to become a register member by filling out their registration form, whereby they then e-mail you a Username and Password. Whenever you want to visit the forum you simply log-in with your username and password. When you have finished your visit you simply log-out. No problems with this scenario so far....is there? Well yes, there is.

The problem here is that you have to log-in each time by entering your username and password. Wouldn't it be better to be able to automatically log-in? Of course it would. And that is where the cookie comes into action. After registering and then logging-in for the first time a cookie file is created on your computer. It stores details like your username and password, so that when you visit the forum again it automatically checks your cookie for the username and password and then logs you in automatically.


What a great thing the cookie is....or should that be was. As time has gone by Spyware websites have been slowly abusing the cookie to extract information from you. For example. If you go to a travel agent website and buy a ticket to Rome, for example, the travel agent might create a cookie that stores your personal details and your travel details. And the next time you fly with them, say to Paris, they create a cookie called paris. And so on. The purpose of a cookie is to help.

So in this example the cookie might be fed into their website and then it either shows you a special offer to Rome or Paris (because it knows you went there before) or it suggests a different destination for you. That is a helpful cookie. However. Because the website is a spyware website it also sends your travelling habits to advertising companies, who in turn send you junk mail. Some to do with Holidays but others to do with Caravans, Tent Sales and so on. Other spyware websites can go further. They can fraud you. It doesn't take much for them to make a fake travel website, with cookies that store your credit card details. If you think about it, you normally pay for a holiday months in advance - Plenty of time for them to be using your credit card details for other purposes.

So what can you do about it? Well, quite a lot actually! You could start by not giving out too much of your personal information. For example. If you shop online, to buy a TV for example, does that company really have to know everything about you? And once you know the company has your order (i.e. they sent you a confirmation e-mail) you should delete their cookie from your computer straight away. See Clearing Browser History section for more information. Finally. Before filling out any kind of registration form, travel agent form and so on always ask that website owner and/or company about their cookie policy. The honest websites/companies will always inform you that cookies are being created. Some even put up a banner/notification stating you are visiting a website that stores Cookies.

SYMPTOMS

If every time you use the computer it starts to slow down, freeze, crash and/or restart, or completely stop every few minutes you might have a Virus, Worm, Spyware or all three. They will not always show themselves by displaying obvious pop-up advertisements. It depends who the programmers are. Amateurs, Show-Offs or Criminals. Show-Offs might purposely advertise their work to gain recognition whereas Criminals are the opposite. They try to disguise their work as not to leave a trace of it. The amateur on the other hand is trying to become either a Show-Off or a Criminal but has not got there yet. Their work tends to crash the computer and/or be a nuisance copier/deleter of files. Of course it could just be that the computer is naturally slow and/or does not have any adequate protection installed on it, but if the computer is not naturally slow and/or does have adequate protection installed on it then you must assume the computer has been attacked.

ONLINE  SAFETY  TIPS
  • ALWAYS keep your computer up-to-date with the latest Apple Software Updates.
  • Install Protection Software (such as Anti-Virus, Anti-Spyware and Internet Security software) and keep it up-to-date.
  • Create a Private e-mail address for Best Friends and websites that have security such as PayPal, Amazon, Supermarkets, Flight Websites, Online Shopping Websites and so on. Secure Online Shopping Websites will have a website address that begins with HTTPS: and not just HTTP: and will also show a Security Padlock icon and/or Rapport icon near the Address Bar edit box of the web browser application you are using. This e-mail address should be set up with proper About You details.
  • Create a Public e-mail address for public membership websites such as Forums, Dating Websites, Music Download Clubs, Messengers (i.e. Skype), Social Media websites (i.e. Facebook and LinkedIn) and so on. This e-mail address should be set up with fake About You details.
  • Always look for the Security icon/notification/colour system near a web browser's Address Bar when using a Credit Card and/or Payment web page for example. The PadLock means that website secures/encrypts your information during your online booking.

READ THE NEXT SECTIONS CAREFULLY - THEY GIVE INFORMATION ABOUT PROTECTION.