Major Online Threats
Header image  
Online Rogue Beware  
    Home   |   About Us   |   Support   |   Contact Us
 
 
  
Major Online Threats

Here is a rundown of the major online threats to which you need to respond, plus the latest news on the battle between Internet service providers and software makers and the spammers and scammers.

Viruses and worms. These are the most destructive online hazards, and they’ve plagued Internet users for nearly two decades. Typically, they infiltrate a PC via e-mail attachments or files downloaded from Web sites. Once they seize control of your computer, they can destroy critical files or disable your system. Some enable hackers to use your computer to send large volumes of spam or to attack specific Web sites. Viruses and worms spread by e-mailing copies of themselves to listings in your address book.

Broadband users in our survey were significantly more likely to catch a virus than those with dial-up service. Of those infected, 40 percent suffered noticeable operating problems or permanently lost files. Once the product of techno-geek malcontents, viruses are increasingly used for criminal purposes. More than half of the major viruses and other malicious programs active during the last six months of 2004 was designed to steal confidential information, according to Symantec, maker of Norton Antivirus.

Spyware. This is a fast-growing and complex threat. As the Federal Trade Commission defines it, spyware gathers data from your PC and may transmit that information or assert control over your PC without your knowledge or consent.

By that standard, adware--which interferes with Web browsing by popping up paid advertisements--is spyware if it was installed without proper consent. But often, consent is obtained deceptively or not at all. Companies that make or distribute such software often embrace the label “adware” to avoid the spyware stigma.

Whatever the name, it can infiltrate your computer through e-mail attachments, files downloaded from Web sites, and instant-messaging programs. A common way to unwittingly infect your PC with such software is to download free games, utilities, or ad-supported software; the spyware piggybacks on the freebie. Some sites alert you to the extras, but such notice isn’t always prominent or explicit.

Spyware can affect you in various ways. A rare form, called a keylogger, can record and transmit to others over the Internet everything you type, including user names and passwords. Other types can capture screen shots of, say, your electronically filed tax return, online checkbook, and household budget or assets inventory. Other variants can literally eavesdrop on you and your family via your PC’s webcam and microphone.

Spyware can track online activities, such as which sites you visit, and report them to marketers. Some of the most widespread pests generate pop-up ads and interfere with your browser. Should enough of this infest your computer, it can bring things to a halt. That’s probably why 5 percent of the survey respondents who had detected spyware recently had to replace some hardware, and 3 percent had to replace the entire computer. Microsoft estimates that spyware is responsible for up to half of all PC crashes.

Companies that use so-called adware make no apologies. “The bargain is, we’ll give you free software in exchange for your agreement to receive ads,” says D. Reed Freeman, chief privacy officer for Claria Corp. Until recently, Claria’s software had been bundled with Kazaa free file-sharing software; it no longer is.

But figuring out exactly what you’re agreeing to can be difficult. End-user license agreements contain thousands of words of legalese, and users often agree to the terms without even reading them. In some cases, the explanations are confusing. In others, there is little or no mention of how the adware can affect your computer. Then there is the issue of your 12-year-old agreeing to download software to your computer.

Companies are constantly creating new spyware variants. Computer Associates, maker of eTrust PestPatrol Anti-Spyware, says 350 new samples and 250 variations on existing samples turn up each week. “The mutation rate for spyware is high because companies are behind this, and they are actively working not to be detected by spyware programs,” says Sam Curry, a vice president at Computer Associates.

Much spyware operates under the cloak of legitimate business, complete with corporate headquarters, legal departments, publicists, Washington lobbyists, and millions in revenues to fund the assault on your computer. “Spyware is written by the very best teams of hackers and virus writers,” says Rick Carlson, president of Aluria Software, which publishes Spyware Eliminator software.

Big-name companies spend big money for space in those pop-up windows: Circuit City, Dell Computer, JPMorgan Chase, McAfee, and Vonage are a few of the many companies whose ads have popped up via adware this year. “Lots of big companies get involved in this mess,” says Ben Edelman, a spyware researcher who has served as an expert witness in lawsuits against spyware companies.

More threats, such as those combining virus technology with spyware, are appearing. “About 18 months ago, you could keep a new PC online for 45 to 55 minutes before it was attacked by something,” says Kraig Lane, group product manager at Symantec. “Now it takes just 4 to 5 minutes.”

Spam. This constitutes most Internet e-mail. Fifty-four percent of respondents in our survey said that at least half of their e-mail was spam, and 33 percent said they were getting much more junk e-mail than they did a year ago.

The biggest consequence of spam by far is time wasted sorting through it, deleting it, and for those with a slower, dial-up connection, downloading it. Eighty-two percent of spam recipients in our survey complained about wasted time. Nearly 20 percent said spam interfered with their browser, and 47 percent said they received pornographic or other objectionable spam. Based on our survey, we estimate that more than 2 million children nationwide inadvertently viewed pornographic spam.

Phishing scams. The criminal variant of spam, phishing e-mail, appears to come from a financial institution or company, requesting personal information such as a password or PIN code. You’re asked to click on a link, but when you do so you’re connected to a fraudulent look-alike Web site. Fifty-two percent of the Internet users we surveyed said they had received what looked like a fraudulent solicitation.

More than 2,800 active fraudulent Web sites were operating last March, a 64 percent jump from only three months earlier, according to the Anti-Phishing Working Group, an industry association. Symantec says its antifraud filters blocked an average of 33 million phishing e-mail messages per week late last year vs. 9 million per week nearly six months earlier.

The latest development in phishing is the use of blank e-mail--no text message and no suspicious link. When you open it on an unprotected PC, a silent script is released onto your computer that does nothing until the next time you try to bank online. Then it automatically redirects you to the fraudulent site. Even more insidious is a script that operates while you use the legitimate banking Web site, sending your personal information to identity thieves.

Back to Top

Copyright © 2006 Computer Systems Specialist. All rights reserved.