3.5 SECURITY. How can you reduce the risk of getting a virus?

Size: px

Start display at page:

Download "3.5 SECURITY. How can you reduce the risk of getting a virus?"

Logan Holt
5 years ago
Views:

1 3.5 SECURITY MALWARE WHAT IS MALWARE? Malware, short for malicious software, is any software used to disrupt the computer s operation, gather sensitive information without your knowledge, or gain access to a private computer. It includes any software that gets installed on your machine and performs unwanted tasks, often for some third party s benefit. Malware programs can range from being simple annoyances (pop-up advertising) to causing serious computer invasion and damage (stealing passwords and data or infecting other machines on the network). Additionally, some malware programs are designed to transmit information about your Web-browsing habits to advertisers or other concerned parties without your knowledge. It is unfortunate that there are people out there with malicious intent, but it is good to be aware of the fact. You can install several utilities that will seek and destroy the malicious programs they find on your computer. TYPES OF MALWARE VIRUS Software that can replicate itself and spread to other computers or are programmed to damage a computer by deleting files, reformatting the hard disk, or using up the computer memory. All computer viruses are man-made. Even a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. A virus requires the user to run an infected program in order for the virus to spread. How can you reduce the risk of getting a virus? Use up to date anti-virus software. Do not open an attachment unless you are expecting it and know the source. Be cautious when letting other users insert their USB into your computer. Only download files from trusted web sites. It is a good practice to back up your data regularly. If a virus does damage to your data, you can restore the damaged files from backup. WORM A computer worm is a self-replicating program that penetrates an operating system with the intent of spreading malicious code. Worms utilize networks to send copies of the original code to other computers, causing harm by consuming bandwidth or by deleting files. Worms are often confused with viruses; the difference lies in how they spread. Worms selfreplicate and spread across networks causing damage. They cannot be latched onto a computer program. Worms often infect computers by exploiting bugs in legitimate software. Typically, a high-profile, trusted web page may be tampered with so it transmits (often invisibly) a carefully corrupted document file to the user when the page is viewed. The corrupted file causes the viewer program to crash, opening a door for the injection of a malicious program. To help hide the infection, the malicious program is usually a downloader a very small program that later SECURITY 1

2 connects to a remote computer over the internet to download a more substantial piece of malicious software. How to prevent worm infections? A good anti-virus program can protect you to some extent, but it s not enough on its own as it is hard to keep it up to date. Many modern worms change hourly and it can take a day or more to create and distribute an anti-virus update. You also need a firewall to help block the worm s communications, but the most effective way to prevent worm infection is to turn off JavaScript for normal web browsing. JavaScript is a powerful tool that makes websites interactive, and is increasingly relied on by web designers. But it is also the most common entry point that worms use to infect your computer. So there is a trade-off. Turning off JavaScript for normal web browsing will limit your access to many websites, but is the best form of protection against worm infection. An interesting fact about worms: In the 1980s, researchers were seeking ways of managing the growing internet remotely, using programs that could distribute themselves automatically across it. In the US, on 2 November 1988, a Cornell University student called Robert Morris released an experimental self-replicating program onto the internet to find out how many computers were currently connected to it. The program spread rapidly, installing itself on an estimated 10% of the computers then connected. Morris had no malicious intent, but a bug in his program caused many of the computers the worm landed on to crash. He was prosecuted and expelled from Cornell, but worms had come of age and have since evolved into an effective way of attacking systems connected to the internet! SPAM It is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for fake products, get-rich-schemes, etc... Some people define spam as unsolicited and you do not know who the sender is. Real spam is generally advertising for some product sent to a mailing list or a newsgroup. In addition to wasting people s time with unwanted , spam also eats up a lot of bandwidth. Organizations are trying to fight spam, but because the Internet is public, there is really little that can be done to prevent spam. How to prevent spams? There are however, a few precautions the user can take to reduce the amount of spam he/she gets on his/her . Use firewall software on your computer to stop attacks from people attempting to compromise your system and possible use it to send spam. Always check the sender and recipient information of suspicious messages. Spam will typically be sent from falsified addresses to conceal the real sender, with a number of recipients in the BCC field of the message to hide the large number of recipients. SECURITY 2

Do not use real email addresses for signing up for (free) downloads of any kind online. Do not make purchases based on spam messages you receive, thus eliminating the spammers economic foundation.

3 Do not use real addresses for signing up for (free) downloads of any kind online. Do not make purchases based on spam messages you receive, thus eliminating the spammers economic foundation. PHISHING The act of sending an to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. Phishing will direct the user to visit a website where they are asked to update personal information such as password, credit card, social security, or bank account numbers, that the legitimate organization already has. The website, however, is bogus and set up only to steal the information the users enter on the page. Below is an example of what a phishing may look like: SECURITY 3

4 for CAMBRIDGE COMPUTING 9608 GCE A2 To a user who frequently uses ebay or any online service, these s may appear as if they have come from the company described in the . However, phishing s are designed to deceive the user and trick them into visiting the links in the that are designed to steal personal information and use it for against the user s will. Below are some helpful tips on identifying these s and how to handle them. How to identify a phishing ? Spelling and grammar Improper spelling and grammar is an obvious sign of phishing. Look for errors. Company These s are sent out to thousands of different addresses and often the person sending these s has no idea who you are. If you have no affiliation with the company the s address is coming from, it is fake. For example, if the s are coming from Faysal Bank but you have an account somewhere else, it is a clear sign of a phishing scam. To prevent a phishing attack, never send any personal information through . If a company is requesting you to send them personal information about your account or is saying your account is invalid, visit the web page and log into the account as you normally would. PHARMING is a form of online fraud very similar to phishing as pharmers also rely upon the same fake websites and theft of confidential information. However, where phishing must entice a user to the website through bait in the form of a fake or link, pharming re-directs victims to the fake site even if the victim has typed the correct web address. This is often applied to the banking sites or e-commerce sites. While a typical website uses a 30TUdomain nameu30t its address, its actual location is determined by an 30TUIP addressu30t. When a user types a domain name into his or her Web browser's address field and hits enter, the domain name is translated into an IP address via a 30TUDNSU30T server. The Web browser then connects to the server at this IP address and loads the Web page data. After a user visits a certain website, the DNS entry for that site is often stored on the user's computer in a DNS 30TUcacheU30T. This way, the computer does not have to keep accessing a DNS server whenever the user visits the website. One way that pharming takes place is via an virus that "poisons" a user's local DNS cache. It does this by modifying the DNS entries, or host files. For example, instead of having the IP address direct to it may direct to another website determined by the hacker. Pharmers can also poison entire DNS servers, which means any user that uses the affected DNS server will be redirected to the wrong website. Fortunately, most DNS servers have security features to protect them against such attacks. Still, they are not necessarily immune, since hackers continue to find ways to gain access to them. While pharming is not as common as phishing scams are, it can affect many more people at once. This is especially true if a large DNS server is modified. So, if you visit a certain website and it appears to be significantly different than what you expected, you may be the victim of pharming. Restart your computer to reset your DNS entries, run an antivirus program, and then try connecting to the website again. If the website still looks strange, contact your 30TUISPU30T and let them know their DNS server may have been pharmed. SECURITY 4

How to protect against pharming? The primary battle against pharming is being fought by ISPs, as they filter out as many of the fake redirects as possible.

5 How to protect against pharming? The primary battle against pharming is being fought by ISPs, as they filter out as many of the fake redirects as possible. However, it is possible to increase your protection against pharming scams. The most important step comes from using a trustworthy Internet service provider in your country. The URL is also a great place to check. Always ensure that, once the page has loaded, the URL is spelt correctly and hasn t redirected to a slightly different spelling, perhaps with additional letters or with the letters swapped around. One of the biggest fears is that pharmers will attack major banking services or e-commerce sites. When you reach the payment point or the point wherein you are asked to type in banking passwords and usernames, make sure that the http has changed to https as the s stands for secure. Antivirus software can also help to protect against pharming instances, especially when you enter an unsecured site without realizing. Keeping your anti-virus software up to date, along with installing any updates required for the ISP, will surely help to fight against pharming. SECURITY 5

Webomania Solutions Pvt. Ltd. 2017

Webomania Solutions Pvt. Ltd. 2017 The other name for link manipulation is Phishing or you can say link manipulation is type of phishing attack done generally to mislead the user to a replica website or a looka-like of some well-known site.