BUSINESS: Security & The Internet - Part 2: Installing Malevoent Software

Following on from "Security and the Internet Part 1: Phishing", this week we bring you part 2 of Susan Morrow's (Lynwood Jewellery) very useful series on Security and the Internet.

In part 2 Susan looks at Malevolent Software:

Everyone is aware of the danger of computer viruses. However, viruses have been joined in the ranks of malicious software by relative newcomers, worms, Trojans and bots, collectively known as malware. Let’s look a little at what each one is, as forewarned is forearmed.

A computer virus is named to describe its mode of operation. That is, once installed onto your computer it will use various methods to reproduce itself, i.e. to move onto other computers, for example, through the sharing of an infected file.

A worm is similar to a virus but is more sophisticated, due to its ability to replicate itself on your system without your intervention. It also has the ability to hijack your email account and send out email to all of your contacts with a copy of itself in that email. The nature of a worm is such that it can seriously damage your computer. In addition, some worms can be used to allow external parties to gain control of your PC.
Trojans are trickier still. Unlike a worm or a virus they do not replicate they are simply there to do damage to your pc, or to compromise it and allow external parties to gain access to sensitive information such as bank account details, etc. The biggest problem with Trojans is how they are distributed as they are purposely made to look like they had been sent from a legitimate source.

Trojans have also been known to be hidden in videos. You may find that a video will not run unless you ‘install the license’ first. If you click to continue, you will be re-directed to a malicious website that will download spyware or diallers – spyware being a software program that gathers personal information held on your computer and a dialler is a program that dial up high rate toll numbers – particularly pertinent to mobile device infection.

You can also get ‘blended’ mixes of all of the above and one of the most sinister outcomes of this type of threat is the advent of the ‘botnet’. A botnet is where a Trojan, or other malware, has been used to co-opt a large number of computers, which are then used to do a variety of jobs including, sending out mass spam emails or collecting your private data and sending it to the ‘bot herder’.

So what can you do to protect yourself from this type of threat? Modern operating systems tend to make the user aware that they are installing something and prompt the user to allow or deny the process to continue; if in doubt do not continue to install. The Mac operating system is less likely to suffer from malware attacks, but it is not immune.

It is very important that you keep your PC up to date with patches as they are released, as these patches are often a response to a known computer threat.

Mobile Devices: It is also important to remember that mobile devices and in particular, smart phones, are seeing increases in phishing attempts and malicious software attacks. Indeed, some of these attacks have new vectors such as via SMS messaging. The same sorts of precautions should be used with phones, as with computers: after all a smart phone works using a modified version of the same operating system that you use on your PC or Mac.

Some Guidelines to Being Safe Online
1. Stay up to date with patches, you may want to set auto update to on, just in case you forget to update.
2. Set your browser security settings to at least medium (see further reading for how to do this). Setting them to high might make your online experience less fluid. One thing you should prevent, however, is the use of add-ins or plug-ins.
3. If in doubt don’t click on a link in an email, a website or a social networking convo including chat rooms and forums.
4. If you don’t need to install it, don’t and be aware of spurious claims for license requirements to run a video.
5. Use anti-virus software and keep it updated, but do not become complacent about installing software because you are using an anti-virus.
6. Enable a firewall on your wireless router but do not become complacent about installing software because you are using this firewall.
7. Use a PIN code with your mobile device and follow all the above on your mobile device as well as your PC.

In the case of being secure online, caution is the key word!

Further reading: http://www.cert.org/tech_tips/securing_browser/