Computer security threats are no longer limited to big companies with hundreds of employees. In fact, they're not limited to companies at all. Even if all you have is one PC and a dial-up connection to AOL you're vulnerable to attacks that range from viruses to trojan horses to a new style of con game called "Phishing".
Computer security attacks come in a variety of ways. There are Internet-based attacks, file-based attacks, and low-tech human engineered attacks. Each type is as potentially dangerous as the other, but they each require their own type of protection.
At the end of the day all the Internet really consists of is an unbelievably large number of computers all strung together by a common thread known as TCP/IP or "Transmission Control Protocol/Internet Protocol". This is a set of rules which define how computers communicate with each other on the Internet. Your computer, be it the one in your den, or every Internet-connected computer at work, the public library, or the Internet Cafe, uses TCP/IP to communicate with the web sites that you visit every day as well as the e-mail servers which deliver the latest joke or other e-mail that ends up on your screen.
As amazing and powerful as the Internet is, it's an open door to unscrupulous people who want to exploit you or damage your computer in some way. Why do people do this? Why do people rob houses and gas stations, steal cars, or spray graffiti on walls? There are a lot of sick people in the world and, left unprotected, your computer is a bright neon "Welcome" sign.
Internet-based security concerns generally show up as either computer viruses, trojan horses, or spyware. Let's take a look at each type more closely:
A computer virus is a small bit of software which is designed to enter your computer by stealth and self-install. Once in place the virus will begin multiplying to other PCs which can be reached through yours as it starts unleashing whatever havoc it was designed to create. A computer virus can either be destructive in that it erases selected files, or entire hard drives, or less destructive in that all it does is send thousands of email messages from your computer to everyone in your address book. In between those two levels are virus types which will look for specific files, such as word processing files, and send those to everyone that you know.
Computer viruses can get delivered in many ways. The method of choice these days is to attach the virus to an email message. When you open the message the virus installs and begins doing its dirty work. A virus can also be delivered from a floppy disk that came from a friend with an infected computer, by downloading certain files from unfriendly web sites, and even from some hardware which has a virus hidden in one of its chips.
Your first line of defense against a virus is to install and USE a quality virus checking software. Reading e-mail, or surfing the Internet without virus protection, is like playing Russian Roulette. Eventually you'll hit a live round and the game's over.
Many people confuse Trojan Horses with viruses and understandably so. Although Trojan horses are not the same type of computer security threat they often end up creating similar problems. The primary difference between a trojan horse and a virus is the way that you become infected. A trojan horse (which gets its name from the wooden Trojan Horse that was used in the Trojan War as immortalized by Homer in his book the 'Iliad and the Odyssey') hides inside of what is usually a beneficial software program and then installs itself when its host software is run. Once installed the Trojan Horse is capable of doing anything that a virus can do, and worse, including letting the Trojan Horse's creator watch whatever you are typing on your computer screen including sensitive password information, bank and credit card account numbers, and more.
Like a virus, there are several delivery methods for trojan horses. They can be received via email as an attached file containing software and they can be downloaded from web sites, especially sites which offer free software or free music as well as many gambling and pornography sites.
Although most quality virus protection software programs provide some degree of trojan horse protection, your best bet is to install a special-purpose Trojan Horse and Spyware Scanner.
Just as viruses and trojan horses get lumped together into the same category by mistake, Spyware is regularly confused with trojan horses. Again, there are subtle yet significant differences.
Spyware is a class of software (and sometimes hardware) which gets installed on your computer either without you knowing about it (Stealthware) or with your full knowledge that it is being installed but, usually, without your full understanding of what it's going to do once it gets installed.
Spyware comes in two basic categories: Legal and Illegal. Legal spyware is that which is generally installed with your permission but without you realizing that it is going to cause ads to pop up whenever you go online, track the web sites that you visit and report it to some advertising agency or other "big brother", and generally keep a diary on what you like to buy online and what kinds of sites you visit.
Illegal spyware may do all of that as well as try to obtain information about your banking accounts, passwords, home address, Social Security or other Tax ID numbers, etc. Now you understand why so many people have difficulties differentiating between Spyware and Trojan Horses.
"Legal" spyware usually gets installed as part of many "free" software programs that people download from the Internet. Buried in the fine print of the user Agreement, which no one ever reads but are forced to click on a box which says "I agree" before you can use it, is a clause which states that something is going to spy on you and that you give them permission to do so.
Programs such as KaZaa, Toptext, Comet Cursor, Gator, BargainBuddy, BonzaiBuddy, ClickTillUWin and PurityScan are notarious spyware programs.
Illegal spyware finds its way onto your hard drive through infected hardware and software such as MP3 players, computer games, "freeware" as well as porn site and gambling site "dialers" which you must download in order to access the site. The dialers usually have an additional built-in scam in that they can be programmed to dial numbers which may end up getting billed to your telephone account for hundreds of dollars an hour.
It is difficult to protect yourself 100% against spyware. Your first line of defense is to install a quality Spyware protection program. After that comes conditioning yourself not to download special file viewing software that you are not familiar with, customized tool bars from unknown suppliers, custom cursors, email icons or "emoticons", or anything else that does not come from a 100% trusted source.
This is only the tip of the iceberg. In our next article we will explain the dangers of hacking and the newest threat called "phishing" which is a clever ploy that makes you your own worst enemy.
See also: Hacking & Phishing