Kaspersky Lab US: Learn about and compare the home computer security products that Kaspersky Lab offers, like Kaspersky Internet Security 2014 and Kaspersky Anti-Virus 2014.
Internet Security FAQPCs, Mac computers, laptops, smartphones, and tablets are all subject to an ever growing variety of malicious software programs and other security threats. As a first step towards securing your devices and protecting yourself online, it’s worth ensuring you have a good understanding of the major categories of malware and other threats.
What is Malware?The name malware is short for ‘malicious software’. Malware includes any software program that has been created to perform an unauthorized – and often harmful – action on a user’s device. Examples of malware include:
- Computer viruses
- Word and Excel macro viruses
- Boot sector viruses
- Script viruses – including batch, Windows shell, Java, and others
- Password stealers
- Backdoor Trojan viruses
- Other Trojan viruses
- Adware… and many other types of malicious software programs
What is the difference between a computer virus and a worm?
- Computer virus
This is a type of malicious program that can replicate itself – so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions – such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.
Worms are generally considered to be a subset of computer viruses – but with some specific differences:
- A worm is a computer program that replicates, but does not infect other files.
- The worm will install itself once on a computer – and then look for a way to spread to other computers.
- Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.
What is a Trojan virus?A Trojan is effectively a program that pretends to be legitimate software – but, when launched,
it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.
Cybercriminals use many different types of Trojans – and each has been designed to perform a specific malicious function. The most common are:
- Backdoor Trojans (these often include a keylogger)
- Trojan Spies
- Password stealing Trojans
- Trojan Proxies – that convert your computer into a spam distribution machine
Why are Trojan viruses called Trojans?In Greek mythology – during the Trojan war – the Greeks used subterfuge to enter the city of
Troy. The Greeks constructed a massive wooden horse – and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into
the city. At night, the Greek soldiers escaped from the horse and openedthe city gates – for the Greek army to enter Troy.
Today, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.
For more information about Trojans, see the following article – ‘What is a Trojan?’
What is a Keylogger?A keylogger is a program that can record what you type on your computer keyboard. Criminals use
keyloggers to obtain confidential data – such as login details, passwords, credit card numbers, PINs, and other items. Backdoor Trojans typically include an integrated keylogger.
What is Phishing?Phishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information – such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site – such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site – typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data – such as your login, password, or PIN.
For more information about Phishing, see the following page – ‘Spam and Phishing’.
What is Spyware?Spyware is software that is designed to collect your data and send it to a third party – without your knowledge or consent. Spyware programs will often:
- Monitor the keys you press on your keyboard – using a keylogger
- Collect confidential information – such as your passwords, credit card numbers, PIN numbers, and more
- Gather – or ‘harvest’ – email addresses from your computer
- Track your Internet browsing habits
What is a ‘Drive-by Download’?In a drive-by download, your computer becomes infected just because you visit a website that happens to contain malicious code.
Cybercriminals search the Internet – looking for vulnerable web servers that can be hacked. When a vulnerable server is found, the cybercriminals can inject their malicious code onto the server’s web
pages. If your computer’s operating system – or one of the applications running on your computer – has an unpatched vulnerability, a malicious program will be automatically downloaded onto your computer when you visit the infected web page.
What is a Rootkit?Rootkits are programs that hackers use in order to evade detection while trying to gain unauthorized access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.
The fact that many people log into their computers with administrator rights – rather than creating a separate account with restricted access – makes it easier for cybercriminals to install a rootkit.
What is ADWARE?Adware programs either launch advertisements – such as pop-up banners – on your computer or
they can redirect search results to promotional websites.
- Adware is often built into freeware or shareware programs. If you
download a freeware / shareware program, adware may be installed on your
system without your knowledge or consent.
- Sometimes a Trojan virus will secretly download an adware program from a website and install it on your computer.
For more information about Adware, see the following article – ‘Adware, Pornware, and Riskware’.
What is a Botnet?A botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.
For more information about botnets, see the following article – ‘What is a Botnet?’.
What is a DoS attack?Denial-of-Service (DoS) attacks are designed to hinder or stop the normal functioning of a website, server, or other network resource. Hackers can achieve this in several different ways – such as sending a server many more requests than the server is able to cope with. This will make the server run slowly – so that web pages will take much longer to open – and can make the server crash completely, so that all websites on the server are unavailable.
What is a DDoS attack?A Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer – to install a Trojan or other piece of malicious code.
For more information about DDoS attacks, see the following article – ‘Distributed Network Attacks / DDoS’.
I have used Kaspersky security on my computers for over fifteen years. I find Kaspersky to be the best there is out there. Its well worth checking it out next time you need good security. MEPImages @ Eminpee Fotography