The internet has become an indispensable part of our lives. Emails, WhatsApp, shopping on Amazon, and quickly making an online bank transfer – many people can no longer imagine life without home banking and all these little helpers. What would it be like to go two weeks without a smartphone and the internet?
Unfortunately, carefree surfing is no longer possible today. The internet is infested with online criminals, scam and bait offers that many users quickly fall for.
Luckily, computers run faster today than they used to, and security software no longer slows down a computer as much. To make matters worse, Stiftung Warentest has even described many antivirus programs as being "as leaky as Swiss cheese." By the way: security software is indispensable if it is configured and used correctly!
Currently, more than 600 million malware programs are known, and allegedly up to 300,000 new variations appear every day!
Humans as a Security Risk
So, there's only one thing that helps: knowing about the real dangers. If you don't know the risks, if you don't know where the dangers lurk, then you can't protect yourself from computer fraud, spies, spam, Trojans, ransomware demands, and scams. So, what types of dangers are there on the internet?
Viruses, Malware, Trojans, and Worms
In the best-case scenario, you'll only constantly see unwanted ads. If things go wrong, everything you do on your computer will be transmitted to third parties. Your computer will unknowingly become a spam cannon, or in the worst case, your system will be completely blocked, and you'll be asked to pay a ransom... Viruses are usually sent as email attachments, are found in files you download, or are otherwise introduced to your computer, e.g., via a USB stick. The name "virus" already indicates it: they are small programs that replicate themselves and also disguise themselves.
Viruses are often also referred to as Trojans or worms – the transitions are quite fluid. Viruses usually cause enormous damage and often result in complete data loss. Viruses are designed to destroy a system. A worm is essentially the successor of a virus. These spread even more intelligently by, for example, scanning address books, thus actively ensuring their propagation. Worms are also very common in file-sharing networks. Known worms include Sasser, Sober, Blaster, MyDome, and Loveletter. Trojans pretend to have one function but then do something entirely different. If, for example, you search for specific software on the internet, you will quickly find it somewhere. However, you should only download programs from the manufacturers or large download portals. Otherwise, it can quickly happen that you download software that you didn't really want. And which instead has designs on your computer.
Nowadays, there is hardly any distinction between viruses, worms, and Trojans, and these words are mostly used synonymously.
Spyware, Keyloggers, and Botnet Clients
Spyware are little spies on your computer. Espionage programs that, for example, can track your every move on the internet and thus spy on your entire user behavior. In some cases, these programs can also secretly turn on microphones or cameras and thus create video and audio recordings of you unnoticed. The purpose of this action is to exploit your accounts, including passwords, or to blackmail you. If you have become part of a botnet, someone else has complete control over your computer. Your computer then performs certain actions unnoticed by you in the background – e.g., sending spam emails.
Phishing
What is phishing? The word phishing consists of the two words "password" and "fishing." Phishing is fraud with your data, especially fraud with your banking data: confidential data such as passwords, bank or credit card data (PIN, TAN, or other passwords). The data previously obtained via spyware or keyloggers (see above) is actively used to redirect your transfers to other accounts, debit money from your accounts, or even to ask your acquaintances for money. For example, are you familiar with the so-called grandparent scam or nephew scam? Under false pretenses, attempts are made to obtain money from you or your acquaintances/friends – only this time online and often without you noticing.
Another widespread type of phishing is emails that look exactly like original emails, with attached alleged invoices etc. – but you will be redirected to another fake website and asked to enter your access data there. Examples include alleged invoices from Vodafone, Telekom, messages from various banking institutions, or even messages supposedly coming from Amazon – all sent only for the purpose of obtaining your access data.
Ransomware and Ransom Trojans
So-called extortion software is currently becoming increasingly popular. For example, WannaCry, Petya, or Lock. Once active on your computer, they encrypt your files, and you no longer have access to all your data. Often, data on the network is immediately encrypted as well – thereby paralyzing entire networks of companies or social institutions.
As of early 2018, there are already more than 350 such ransomware extortion software programs. The installed software then demands a ransom so that you can access everything again. Usually, the ransom has to be paid in the digital currency Bitcoin. And if you're lucky, you'll get your data back. But usually, you just pay, and the data remains encrypted anyway...
How do all these viruses, Trojans (and whatever else there is) get onto your computer?
There are different ways you can be attacked: drive-by downloads, actively downloading infected data, brute-force attacks, and using previously infected hardware.
Drive-by downloads are the unintentional downloading of malware to your computer. If you visit a manipulated website, it can surreptitiously slip malware onto your system. For example, through advertising on the page. Simply visiting such a page can lead to you becoming a victim of malware!
Then, the phishing attacks mentioned above are also a possibility. These are manipulated emails with invoices, requests for passwords, or requests for changes to your account access data on eBay, Amazon, PayPal & Co. – however, these services would actually never ask for your passwords or entire accounts!
With the brute-force method, usernames and passwords are simply guessed fully automatically. With the still most popular passwords like "hello," "password," "qwertz," "12345678," or "sweetheart," any tool will find the password in a few seconds. And if a password is then used for different services...
Then there's the so-called man-in-the-middle attack. In times of open Wi-Fi networks on trains, at airports, or in the cafe around the corner, it is often very easy to scan data traffic for user data.
And last but not least, the overly careless handling of external hard drives or USB sticks is still a gateway – viruses and Trojans often spread through them.
What you should definitely do...
- Always keep your operating system up to date! Operating systems like Vista or XP are outdated and should really no longer be used! Or do you leave your front door wide open at night too? Install all updates as quickly as possible to also be protected against global security vulnerabilities like Meltdown and Spectre.
- Also install all updates for the programs and tools you use. First and foremost, Adobe Flash, Java, etc.
- Always install current drivers! Security vulnerabilities can also often be found in drivers! Use a Driver Updater!
- Your computer should have an up-to-date antivirus program running that can update itself several times a day. And really only one antivirus software. More is not always better – multiple security programs will likely block each other, and then your computer will no longer function.
- Only install programs from trustworthy sources.
- Surf only on sites you know, if possible.
