It’s hard now to imagine our lives without the Internet. Emails, WhatsApp, shopping on Amazon, and even making an online transfer. In other words, many people can no longer do without home banking and all those other little ways that the Internet gives a helping hand. What would it be like then to go for two weeks without using a smartphone and the Internet?
Unfortunately, nowadays, it can be quite a risky business surfing on the Internet. This is because the Internet is rife with online criminals, rip-off and misleading offers that many users are quickly taken in by.
Fortunately, computers run faster nowadays than before, and protection software doesn’t slow down a computer so much anymore. But, if that isn’t enough, the German consumer organization Stiftung Warentest has described many antivirus programs in an article in a German magazine as having “as many holes as Swiss cheese”. But it also comments that protection software is absolutely essential, if it is properly configured and used.
There are currently more than 600 million malicious software applications known about, with up to 300,000 new variations allegedly appearing every day!
People as a security risk
So, the only thing that helps is to be familiar with the real dangers. If you’re not aware of the risks, you won’t know where the dangers are lurking. This means that you can’t then protect yourself either against computer fraud, spyware, spam, Trojans, ransom demands, and rip-off schemes. So, what kinds of dangers are present on the Internet?
Viruses, malware, Trojans, and worms
In the best-case scenario, all you will get is unwanted ads constantly displayed on your screen. If things go bad, everything that you do on your computer will be transferred to external parties. Your computer will turn into a spam “catapult” without you noticing or, in the worst-case scenario, your system will be completely blocked, and you will be asked to pay a ransom…
Viruses are mostly sent as email attachments, are present in files that you download or are sneaked into your computer in other ways, such as via a USB stick. The term “virus” suggests this already. They are small programs that spontaneously multiply and are also concealed. Viruses are also often described as Trojans or worms. The transitions between them are very fluid
In most cases, viruses cause huge damage, with total data loss being the end result. Viruses are designed to destroy systems.
Worms are actually the successor to viruses. They spread damage and are even smarter. For instance, worms go through address books and are looking for ways to actively spread. Worms are also very prevalent on file-sharing sites. Some of the well-known worms include Sasser, Sober, Blaster, MyDome or Loveletter.
Trojans pretend to do one thing, but then do something totally different. For instance, if you’re looking for a particular software application on the Internet, you will quickly find it somewhere. But you should make sure that you download the programs only from the manufacturer’s site or major download portals. Otherwise, you can quickly end up downloading software that you really didn’t want to have. An application that will be out instead to attack your computer.
There is hardly any real distinction nowadays between viruses, worms, and Trojans, with these terms being used interchangeably most of the time.
Spyware, keyloggers, and botnet clients
Spyware are small spies on your computer. Spyware are programs that, for instance, monitor every move you make on the Internet, enabling them to explore your complete usage behavior. Occasionally, these programs can also activate microphones or cameras without you noticing, so that they can create video and audio recordings that you are oblivious to. The purpose of this action is to exploit your accounts, including passwords, or also to blackmail you.
If you have become part of a bot network, someone else has complete control of your computer. Your computer will then perform certain actions in the background that you will not notice, such as sending out spam emails.
What is phishing? Phishing involves fraud being committed with your data, especially fraud using your bank details. This means confidential data such as passwords, bank or credit card details (PIN number, transaction number or other passwords). The data previously obtained using spyware or a keylogger (see above) are actively used to redirect transfers from you to other accounts, debit money from your accounts or to ask acquaintances of yours for money. You might be familiar with the “grandson/nephew” scam? This involves attempts being made under false pretenses to obtain money from you or your acquaintances/friends – except that it is done online, and often without you noticing it.
Another widespread form of phishing is to send emails that look exactly like the original emails with pretend bills attached, etc. But, you are then taken to another bogus website and asked there to input your access details. The well-known examples are pretend bills from Vodafone and other telecom companies, messages from various banking institutions or even messages supposedly from Amazon. They are all sent with the purpose of obtaining your access details.
Ransomware and ransom Trojans
There is an ever-growing popularity at the moment in the use of blackmail software. WannaCry, Petya or Lock are examples of this. Once they take hold on your computer, they encrypt your files, which means that you can no longer access any of your data. Often any data in the network are also encrypted immediately, which immobilizes whole networks belonging to companies or public institutions. As of early 2018, there are already more than 350 of these ransomware applications around. The installed software demands a ransom to allow you to access everything again. In most cases, the ransom must be paid in the bitcoin digital currency. And if you’re lucky, you’ll get your data back again. But in most cases, you just pay and the data remain encrypted…
How do all these viruses and Trojans (and whatever else there is) end up on your computer?
There are different ways in which you can be attacked. It could happen through drive-by downloads, actively downloading infected data, brute-force attacks, and using previously infected hardware.
Drive-by downloads involve malware being inadvertently downloaded onto your computer. If you surf a website that has been tampered with, malware can be planted on your computer by it in passing. For instance, through the ads on the site. Just accessing a site like this can therefore result in you falling victim to malware.
This also leads to the phishing attacks mentioned earlier on. They are emails that have been tampered with, containing bills, requests for passwords or for you to change the access details to your accounts with eBay, Amazon, PayPal, etc. The thing is: these services would never actually ask you for your passwords or complete accounts.
The brute-force method involves simply guessing usernames and passwords completely automatically. With ”hello“, “password”, “qwerty”, “12345678” or “honey” still being among the most popular passwords used, any tool can find the password in a couple of seconds. And not to mention one password being used for different services…
Then, we have man-in-the-middle (MITM) attacks. Nowadays, with open Wi-Fi networks operating at railway stations, airports or in cafés around the corner, it is often very easy to scan data traffic for user data.
And last but not least, there is also the careless handling of external hard disks or USB sticks, which still provide another means of access. Viruses and Trojans spread very easily via these media.
Some actions that you should definitely take…
- Always make sure that you’re running the latest version of your operating system. Operating systems like Vista or XP are obsolete and should really not be used any more. It’s no different to you leaving the door of your house wide open at night. Install all the available updates as soon as possible so that you can also protect yourself against global security loopholes such as Meltdown and Spectre.
- You should also install all the updates for the programs and tools that you use. Above all, for Adobe Flash, Java, etc.
- Always install the latest drivers. You can also easily find security loopholes in drivers. Use a Driver Updater!
- An up-to-date antivirus program should also be running on your computer, which can be updated several times every day. And also, you should really just run one antivirus program. Having a lot of programs doesn’t help a lot. If you’re running several security programs, they are likely to block each other and then your computer won’t be able to operate any more.
- Only install programs from trustworthy sources.
- Only surf, as far as possible, on websites that you’re familiar with.