What is ANTIVIRUS?
A computer virus is code that when executed is designed to enter a computer and replicate itself. Viruses that are designed to harm a computer are classified as a type of "malware". The nefarious aims of different types of malware are wide-ranging, including but not limited to:
1. Ransomware that encrypts sensitive files, photos and documents and your computer, requiring you to make a payment to receive a password to decrypt and unlock these files
2. Trojan horses that enable a hacker to completely take over your computer and execute programs as if they were actually using your keyboard and mouse
3. Spyware that "mines" personal information from your computer, selling it off to the highest bidder
4. Adware that generates unintended pop-ups from shady advertisers
Avoiding fake antivirus software
Fake antivirus software is one of the most persistent threats on the internet today. Masquerading as legitimate antivirus software, fake antivirus software is in fact a malicious program that extorts money from you to "fix" your computer. And often, this new "antivirus" program disables legitimate security software that you already have, exposing you to real threats.
These rogue programs try to hook you while you're browsing the web by displaying a popup window that warns you that your computer may be infected, and that you need to download (fake) security software to fix the problem. This type of software is often referred to as "scareware" since the pop-ups use messages like "You have a virus," as a way to get you to click.
Most of us are eager to get rid of any potential problems as quickly as possible, which in turn has made the bad guys who make fake antivirus software so successful. Once you agree to the purchase, the cybercriminals end up with your credit card details and other personal information, and you get nothing but malware in return.
What is the Difference Between Malware and a Virus?
Malware is a term for any type of malicious software, regardless of how it works, its intent or how it’s distributed. A virus is a specific type of malware that self-replicates by inserting its code into other programs.
What is Fileless Malware?
Fileless malware is a type of malicious software that uses legitimate programs to infect a computer. It does not rely on files and leaves no footprint, making it challenging to detect and remove. Modern adversaries know the strategies organizations use to try to block their attacks, and they’re crafting increasingly sophisticated, targeted malware to evade defenses. It’s a race against time, as the most effective hacking techniques are usually the newest ones. Fileless malware has been effective in evading all but the most sophisticated security solutions.
What is Ransomware?
Ransomware is a type of malware that infects a device in order to encrypt its data, locking it so that it can only be freed if the owner of the device pays the cybercriminal a ransom, typically demanded in Bitcoin. It can prevent you from using your computer or mobile device, opening your files or running certain applications. Or, it could lock down personal data like photos, documents and videos, holding them hostage until you pay up.
What is Scareware?
Scareware is a trick to scare us into thinking that our computers or smartphones have become infected with malware to get us to purchase a fake application. The programs and unethical advertising practices hackers use to frighten users into purchasing rogue applications are called scareware.
In a typical scareware scam, you might see an alarming popup message while browsing the Web that says “Warning: Your computer is infected!” or “You have a virus!” You would typically see these messages if you accidentally clicked on a dangerous banner ad or link or visited a compromised website. The cybercriminals are hoping that you click on the link in the popup message to “run a free scan” and then purchase their phony antivirus software to get rid of the nonexistent problems.
What is Browser Hijacking?
Browser hijacking is when your Internet browser (eg. Chrome, FireFox, Internet Explorer) settings are modified. Your default home or search page might get changed or you might get a lot of advertisements popping up on your computer. This is done through malicious software (malware) called hijackware. A browser hijacker is usually installed as a part of freeware, but it can also be installed on your computer if you click on an attachment in an email, visit an infected site (also known as a drive-by download) or download something from a file-sharing site.
Once your browser has been hijacked, the cybercriminal can do a lot of damage. The program can change your home page to a malicious website, crash your browser or install spyware. Browser hijackers impede your ability to surf the web as you please.
What is a Trojan Horse?
A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.
There are a variety of types of Trojans, many of which can launch sophisticated and clever attacks. some types to be aware of are Password-stealing Trojans, Remote access Trojans, Destructive Trojans, and Antivirus killers.
A Trojan can have one or multiple destructive uses—that is what makes them so dangerous. It’s also important to realize that unlike viruses, Trojans are not self-replicating and are only spread by users who mistakenly download them, usually from an email attachment or by visiting an infected site.
What is the difference between phishing and pharming?
The word pharming is actually a mash-up of the words phishing and farming. Phishing is when a hacker uses an email, text or social media post asking for your personal and financial information. On the other hand, pharming doesn’t require a lure. Instead of fishing for users, the hacker just sets up a fake website, similar to farming a little plot of land, and users willingly and unknowingly come to them and give them information.
How does it work? Most hackers use a method called DNS cache poisoning. A DNS, or domain name system, is an Internet naming service that translates meaningful website names you enter in (like twitter.com) into strings of numbers for your computer to read (like 184.108.40.206). The computer then takes you to the website you want to go to. In a pharming attack, the hacker poisons the DNS cache by changing the string of numbers for different websites to ones for the hacker’s fake website(s). This means that even if you type in the correct web address, you will be redirected to the fake website.
Now, you go to the site and thinking that it is a legitimate site, you enter your credit card information or passwords. Now, the hacker has that information and you are at risk for identity theft and financial loss.
What is a Keylogger?
A keylogger (short for keystroke logger) is software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don’t know that your actions are being monitored. This is usually done with malicious intent to collect your account information, credit card numbers, user names, passwords and other private data.
What is Typosquatting?
Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.
What is a Botnet?
A botnet is a collection of connected devices, or “bots” (short for robots), that are infected and controlled by malware. These devices could include your PC, webcam or any number of connected appliances in your home. The cybercriminals who distribute malware to create botnets are generally looking to use the combined computing power of all the infected devices to launch much larger attacks.
What is Cryptojacking?
By now, you’ve probably heard of cryptocurrency, but you may not know exactly what it is. To put it simply, cryptocurrencies are virtual currencies that have actual monetary value in today’s world. They are limited entries of transactions into a single database, or public ledger, that can’t be changed without fulfilling certain conditions. These transactions are verified and added to the public ledger through cryptocurrency mining. Cryptocurrency miners try to make money by compiling these transactions into blocks and solving complicated mathematical problems to compete with other miners for the cryptocurrency. While this process of mining for cryptocurrencies can be lucrative, it requires large amounts of computing power.
Unfortunately, the need for massive amounts of hardware has provoked cybercriminals to participate in cryptojacking, a method of using malware to exploit victims’ computers to mine for cryptocurrencies. Cybercrooks spread cryptojacking malware through sketchy mobile apps, flawed software, and malware-infected ads. They can even cryptojack your device during a browsing session while you’re perusing a website that appears completely harmless. Once a user’s device becomes infected, the malware drains the device’s CPU, causing the user’s computer fan to be loud while the malware mines for cryptocurrencies in the background. Unfortunately, symptoms of cryptojacking are usually pretty subtle, with poor device performance being one of the few signs of its presence.