The nasties of the net
As users of technology, we're constantly bombarded with warnings about the malicious things malicious people try to do to our computers. The malicious software they use to do this has a name: malware.
Malware comes in many forms, with names meaning subtly different things. What they do, how they can affect you and how they can be avoided need not be complicated. Along with malware, there are different types of attacks for different gains.
On the theory that a little bit of knowledge can make a big difference, here's just a few of the more important terms to know.
Often used as a catch-all term to mean any malicious software, a virus is quite specific. A virus must be able to replicate itself without user intervention. This is often achieved using macros, which are automatic commands that run when you open an email or an attachment. Viruses can attach themselves to other files in your system and spread, say, when you send emails. Viruses often have specific functions, such as damaging files, installing other malware or infecting other people's computers.
From the term ''Trojan horse'', this is malicious computer code that arrives on your system disguised as something else - a photo or movie file, for instance. The actual malware carried by the trojan could be a virus, worm, spyware, bot or virtually anything.
A worm is a type of virus that doesn't operate in the same visibly destructive way; rather, it replicates itself until it consumes system resources and slows your computer down. One type replicates itself across instant-messaging networks, slowing down the system for all users, even computers that aren't infected.
This is software installed on your computer without your knowledge to send information back to its programmer. It can be used to track what websites you look at and what applications you use. In its most malicious form, termed a keylogger, it keeps track of your details such as login, passwords and even credit card numbers as you enter them on websites. It can spread via email attachments, links, online ads and even drive-by download, which is when you go to an infected website and a program file is downloaded to your computer in the background without you noticing it.
Adware is software that pops advertising on your screen without notice. A lot of adware, however, also sends information back to advertisers about what you're up to, so it's a form of spyware.
This is software that behaves like a human being on the internet but at automated speeds. Bots can be used legitimately to, say, gather volumes of information from websites, as Google does for search results (also know as spidering). But the automation software can also be used to infect computers so as to turn them into bots, or zombies, that do as they are told. These can then be ordered to perform certain tasks, such as access one particular website and cause it to trip, albeit temporarily, as happens with Distributed Denial of Service (DDoS) attacks. A botnet is a network of zombie computers controlled by one or more attackers.
A technique to gather some of the information that keyloggers also gather. Phishing involves sending people links in emails or instant messages purporting to be legitimate communication from banks, eBay or other reputable organisations. The links in these emails, however, do not lead to the legitimate sites but to fake sites that look remarkably like the real ones. When users enter usernames, passwords and other information, the ''phisher'' receives them. The attacker now has the credentials to impersonate users and access their account.
Like phishing, social engineering is an attack technique designed to tempt people to fall for scammers' tricks. It takes advantage of the fact you're human, thus likely to be curious and open a photo a friend has sent or a link that offers ''proof'' people have been talking about you. Once opened, the file or the link allows a piece of any of the malware types to install on your computer in the background.
In short, there's no shame in falling victim to these scams, but the better informed you are, the better the chance you will see through the tricks and protect your assets.
Antivirus and security software also helps, but the final decision to click rests with you.
-Sydney Morning Herald