Spyware, Trojans, and Worms, Oh My….

The people trying to infect your computer with trash are getting smarter and smarter every day. You have to be constantly vigilant about what you click on, and you absolutely must keep your antispyware and antivirus software up to date.

First let me take a minute to make sure you know what I am talking about. You see back in the day the rule was, never open a file that came from some one you didn’t know. This rule along with an antivirus program would keep your computer relatively safe, back in 1995. Flash forward to 2007, and the rule doesn’t even apply. You see, your worst problem these days isn’t really getting infected by a virus. A virus is a small program that may or may not cause damage to your computer. They usually cause some program to run without your authorization. The program it runs varies from the one that opened up a window once a year and told you about the authors former girlfriend, to the I Love You virus that converted tens of thousands of your image files into viruses and then emailed them to everyone you know, then to the klez virus that would seek out your home/office network, spread itself to every system in the network, and then caused your system to reboot when ever you accessed the internet.

These kinds of viruses are pretty rare these days. Today we see Trojans, Worms, and Spyware, and Phishing attacks. These are individual types of software that is commonly called malware. It is not really important to know the intricacies of each type of malware, it is just important to understand that all these varieties exist, they are much more dangerous then the old type viruses mentioned and NO antivirus program can handle all of them. To protect yourself you need antivirus software as well as antispyware software, and a firewall is a big help. Programs that monitor the websites you visit are helpful too, you can check out the article we wrote about McAfee’s Site Advisor elsewhere on this site.

One thing that we see more and more are combination attacks. Similar to the Trojan, these attacks seem to be harmless on the surface, while serious damage is being done behind the scenes. Today’s malware will cause problems that no computer shop can repair; most of it is directed towards identity theft.

An example of a combination attack may be that you may get an email with a link to a bogus website, commonly known as Phishing. These type of attacks try to trick you into giving up personal information. But now we see attacks where the bogus website immediately downloads Trojan software to your system. The Trojan appears to be a standard cookie or other website feature that you see all the time. If your antivirus and antispyware software is not up to date, the Trojan will install spyware on your system that attempts to steal your personal information. So in this case, you might know better then to give them the info they ask for, but just having clicked on the link installs the software that steals your data.

The user controls in Windows Vista are aimed at preventing this by asking you every time something tries to install, but people get so used to those types of pop-ups in Windows that they usually “click them away” or turn off the controls (I know I did!)

Here is an example of a combination attack that one of our employees ran into just today.

He received an email from a My Space user asking him to check out their site. These requests are common on My Space. To check out the user’s site, you just click on the image or a link provided. When you click on the link a window pops up (screen shot) that appears to be your Windows Update software telling you it is time to install an update. The update is one we all get every month from Microsoft, so you are quite familiar with it. The truth is the window is an imitation of the real Windows Update window you’ve seen over and over again. When you tell the software to install the update, it actually installs a Trojan virus.

So the point of this article is that you really must have a suite of software that protects you. Antivirus, antispyware, and anti-phishing, are mandatory. If you’ve read our site for long you know we don’t really approve of the software firewalls, and we recommend a hardware firewall instead. Still a software firewall is better then nothing, and you need all the help you can get!

Most major ISPs are providing software suites at no charge to their customers now, and if you have multiple computers, this software saves you enough money to offset much of the cost of broadband internet service, so there is no excuse to be unprotected.