Warning: Your Browser Extensions Are Spying On You
http://www.howtogeek.com/180175/warning-your-browser-extensions-are-spying-o
n-you/
The internet exploded Friday with the news that Google Chrome extensions are
being sold and injected with adware.
Related article:
Not All “Viruses” Are Viruses: 10 Malware Terms Explained
http://www.howtogeek.com/174985/not-all-viruses-are-viruses-10-malware-terms
-explained/
Most people seem to call every type of malware a “virus”, but that isn’t
technically accurate. You’ve
*Early Malware
If you used computers in the 90s, you remember the first mainstream computer
viruses. They were often practical jokes of just proofs of
concepts, created to mess with your computer and cause damage by people with
too much time on their hands. Getting infected by a piece of malware meant
that your desktop might be taken over by a pop-up proudly proclaiming that
you’ve been infected. Your computer’s performance might deteriorate as a
worm tried to send as many copies of itself out onto the Internet as
possible. A particularly vicious piece of malware might try to delete
everything from your hard drive and make your computer unbootable until you
reinstalled Windows.
For example, the Happy99 worm, considered the first virus to spread itself
via email, existed only to spread itself. It emailed itself to other
computers, caused errors on your computer while doing so, and displayed a
“Happy New Year 1999 !!” window with fireworks. This worm didn’t do anything
beyond spreading itself.
*Keyloggers and Trojans
Malware creators are almost purely motivated by profit these days. Malware
doesn’t want to inform you that you’ve been compromised, degrade your system
performance, or damage your system. Why would a piece of malware want to
destroy your software and force you to reinstall Windows? That would only be
inconveniencing you and the malware’s creator would have one less infected
computer.
RELATED ARTICLE
Keyloggers Explained: What You Need to Know
http://www.howtogeek.com/180615/keyloggers-explained-what-you-need-to-know/
A keylogger is a piece of software – or, even scarier, a hardware device –
that logs every key you enter.
Instead, the malware wants to infect your system and hide quietly in the
background. Often, malware will function as a
keylogger and intercept your credit card numbers, online banking
passwords, and other sensitive personal data when you type it into your
computer. The malware will send this data back to its creator. The malware’s
creator may not even use these stolen credit card numbers and other personal
information. Instead, they may sell it cheaply on a virtual black market to
someone else who will take the risk of using the stolen data.
Malware may also function as a Trojan, connecting to a remote server and
waiting for instructions. The Trojan will then download whatever other
malware the creator wants it to. This allows a malware’s creator to keep
using those infected computers for other purposes and update them with new
versions of malware.
*Botnets and Ransomware
Many types of malware also create a “botnet.” In effect, the malware turns
your computer into a remotely-controlled “bot” that joins with other bots in
a large network. The malware’s creator can then use this botnet for whatever
purpose it likes – or, more likely, the botnet’s creator may rent access to
the botnet to other criminal enterprises. For example, a botnet could be
used to perform a distributed denial-of-service (DDoS) attack on a website,
bombarding it with traffic from a huge amount of computers and causing the
servers to become unresponsive under the load. Someone could pay for access
to a botnet to perform a DDoS attack, perhaps of a competitor’s website.
A botnet could also be used to load web pages in the background and click on
advertising links on a huge number of different PCs. Many websites make
money each time a page loads or an advertising link is clicked, so these
page loads and advertising link clicks – designed to look like real traffic
from many different computers – can make the website money. This is known as
“click fraud.”
RELATED ARTICLE
Ransomware: Why This New Malware is So
Dangerous and How to Protect Yourself
http://www.howtogeek.com/174343/ransomware-why-this-new-malware-is-so-danger
ous-and-how-to-protect-yourself/
Ransomware is a type of malware that tries to extort money from you. One of
the nastiest examples, CryptoLocker, takes…
[Read Article]
Ransomware like CryptoLocker is an
extreme example of this trend taken to its logical extreme. When it infects
you, CryptoLocker will encrypt the personal files it finds on your computer
with a secret encryption key and delete the originals. It will then pop up a
polite, professional wizard asking you to spend money to get your files
back. If you don’t pay, you’ll lose your files – but, don’t worry, they’ll
accept several different methods of payment to make it convenient for you.
You apparently will get your files back when you pay them – of course,
because otherwise word would spread and no one would pay them. Performing
regular backups can defeat CryptoLocker and we don’t recommend paying
criminals their ransom, but this is a clear example of malware being
for-profit. They want to cause just enough trouble for you that you’ll pay
up to get them to go away.
cryptolocker[4]
*Phishing and Social Engineering Attacks
Online threats aren’t just about malware, either.
Phishing and other
social-engineering attacks are now also a huge
threat. For example, you might get an email claiming to be from your bank
that might take you to an imposter website designed to look like your
bank’s. If you enter your banking information, the attacker will be able to
gain access to your bank account on your bank’s website.
These attacks are profit-driven in the same way malware is. The attacker
isn’t performing a phishing attack just to mess with you – they’re doing it
to gain access to your sensitive financial information so they can make a
profit.
RELATED ARTICLES
Online Security: Breaking Down the Anatomy of a Phishing
Email
http://www.howtogeek.com/58642/online-security-breaking-down-the-anatomy-of-
a-phishing-email/
In today’s world where everyone’s information is online, phishing is one of
the most popular and devastating online attacks,
Another related article that will give more answers to social engineering
is:
HTG Explains: What is Social Engineering and How Can
You Avoid It?
http://www.howtogeek.com/180186/htg-explains-what-is-social-engineering-and-
how-can-you-avoid-it/
Malware isn’t the only online threat to worry about. Social engineering is a
huge threat, and it can hit
Malware isn’t the only online threat to worry about. Social engineering is a
huge threat, and it can hit you. The article mentioned above (
HTG Explains: What is Social Engineering and How Can
You Avoid It?
) can also help you understand other obnoxious types of software, like
adware that displays advertisements on your computer and spyware that spies
on your browsing information and sends it over the Internet. These obnoxious
types of software are made for the same reason – profit. Their creators make
money by serving you advertisements and tailoring them to you.]]>
Related