Computer Threats – Cybercrimes
Cybercrimes are those instances when criminals, known as hackers or attackers, access your computer for malicious reasons. You can fall victim any time you are on an unprotected computer, receive a deceptive email claiming there is an “urgent matter” regarding your CareerOne account or just surfing the Web. They might be seeking sensitive, personal identification information stored on your computer, like credit card numbers or private account logins they use for financial gain or to access your online services for criminal purposes. Or they could want your computer’s resources, including your Internet connection, to increase their bandwidth for infecting other computers. This also allows them to hide their true location as they launch attacks. The more computers a criminal hides behind, the harder it becomes for law enforcement to figure out where the criminal is. If the criminal can’t be found, he can’t be stopped and prosecuted.
There are many different threats to your computer’s safety, as well as many different ways a hacker could try to steal your data or infect your computer. Once on a computer, the threat will tend to show little to no symptoms so it can survive for a prolonged period undetected. Your online security and cybercrime prevention can be straightforward. In general, online criminals are trying to make their money as quickly and easily as possible. The more difficult you make their job, the more likely they are to leave you alone and move on to an easier target.
We’ve compiled a list of the different types of threats that are out there along with some recommended steps you can take to reduce your susceptibility to these threats, using information from Symantec, a global leader in infrastructure software that helps consumers to protect their infrastructure, information and interactions.
Computer Threat #1: Vulnerabilities
How they attack: Vulnerabilities are flaws in computer software that create weaknesses in your computer or network’s overall security. Vulnerabilities can also be created by improper computer or security configurations. Threats exploit the weaknesses of vulnerabilities, resulting in potential damage to the computer or its data.
- How do you know? Companies announce vulnerabilities as they are discovered and quickly work to fix them with software and security “patches.”
What to Do
- Keep software and security patches up to date.
- Configure security settings for your operating system, Internet browser and security software.
- Companies should develop personal security policies for online behaviour, and individuals should be sure to adopt their own policies to promote online safety.
- Install a proactive security solution like Norton Internet Security to block threats targeting vulnerabilities.
Computer Threat #2: Spyware
How it attacks: Spyware can be downloaded from Web sites, email messages, instant messages and direct file-sharing connections. Additionally, a user may unknowingly receive spyware by accepting an End User License Agreement from a software program.
How do you know? Spyware frequently attempts to remain unnoticed, either by actively hiding or simply not making its presence on a system known to the user.
What to Do
- Use a reputable Internet security program to proactively protect from spyware and other security risks.
- Configure the firewall in the reputable Internet security program to block unsolicited requests for outbound communication.
- Do not accept or open suspicious error dialogs from within the browser.
- Spyware may come as part of a “free deal” offer — do not accept free deals.
- Always carefully read the End User License agreement at Install time and cancel if other “programs” are being installed as part of the desired program.
- Keep software and security patches up to date.
Computer Threat #3: Spam
How it attacks: Email spam is the electronic version of junk mail. It involves sending unwanted messages, often unsolicited advertising, to a large number of recipients. Spam is a serious security concern, as it can be used to deliver email that could contain Trojan horses, viruses, worms, spyware and targeted attacks aimed at obtaining sensitive, personal identification information.
How do you know? Messages that do not include your email address in the TO or CC fields are common forms of spam. Some spam can contain offensive language or links to Web sites with inappropriate content. Also, some spam may include hidden text that only becomes visible if you highlight the content — a common trick spammers use to get their email to pass through spam filters without detection.
What to Do
- Install Spam filtering/blocking software.
- If you suspect an email is spam, do not respond — just delete it.
- Consider disabling your email’s preview pane and reading emails in plain text.
- Reject all Instant Messages from people who are not on your Buddy list.
- Do not click on URL links within IM unless they are from a known source and expected.
- Keep software and security patches up to date.
Computer Threat #4: Malware
How it attacks: Malware is a category of malicious code that includes viruses, worms and Trojan horses. Destructive malware will use popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from Web sites and virus-infected files downloaded from peer-to-peer connections. Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy.
How do you know? Malware works to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. You might notice your system is processing at a slower rate than what you are used to.
What to Do
- Only open email or IM attachments that come from trusted sources and are expected.
- Have email attachments scanned by a reputable Internet security program prior to opening.
- Delete all unwanted messages without opening.
- Do not click on Web links sent by someone you do not know.
- If a person on your Buddy list is sending strange messages, files or Web site links, terminate your IM session.
- Scan all files with a reputable Internet security program before transferring them to your system.
- Only transfer files from well-known sources.
- Use a reputable Internet security program to block all unsolicited outbound communication.
- Keep security patches up to date.
Computer Threat #5: Phishing
How it attacks: Phishing is essentially an online con game, and phishers are nothing more than tech-savvy con artists and identity thieves. They use spam, malicious Web sites, email messages and instant messages to trick people into divulging sensitive information, such as bank and credit card information or access to personal accounts. For more detail on what phishing is as well as to review examples of phishing email, please visit the Email Scam section of CareerOne’s Security Center.
How do you know? Here are four ways to identify phishing scams:
- Phishers, pretending to be legitimate companies, may use email to request personal information and instruct recipients to respond through malicious Web sites. They may also claim that an urgent action is needed to lure recipients into downloading malicious programs onto their computers.
- Phishers tend to use emotional language like scare tactics or urgent requests to entice recipients to respond.
- Phish sites can look remarkably like legitimate sites, because the criminals tend to use the copyrighted images from genuine sites.
- Requests for confidential information via email or Instant Message tend to not be legitimate.
After you open and run an infected program or attachment, you might not notice the impacts to your computer right away. Here are a few indicators that might indicate your computer has been infected:
- Your computer runs more slowly than normal.
- Your computer stops responding or locks up often.
- Your computer crashes and restarts every few minutes.
- Your computer restarts on its own and then fails to run normally.
- You see unusual error messages.
- You see distorted menus and dialog boxes.
What to Do
If you believe you received a phishing email, were lured to click on the link or download a program and are concerned you may have some type of malicious program installed on your computer, here are some things you may want to check:
- Is your virus scan running?
- Are your virus definitions up to date (less than a week old)?
- Did you perform full disk/memory virus scan.
- Are you running anti-spyware programs such as Adaware and/or SpybotSD?
- Once you run your scans and have positive results or remove programs, ensure your online accounts are secure — modify your account passwords.
- Make sure that you have enabled your Phishing Filter, a feature of Windows Internet Explorer 7.
- Contact your anti-spyware/virus vendor to find out other steps you can take.