HouseCall Computer Services
Dictionary of Internet Threats
Adware - Programs that secretly gather personal information through the Internet and relay it back to another computer, generally for advertising purposes. This is often accomplished by tracking information related to Internet browser usage or habits. Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. A user may unknowingly trigger adware by accepting an End User License Agreement (EULA) from a software program linked to the adware, therefore, technically no offence is committed. Pop-up advertisements however, can become an annoyance, and in some cases, degrade system performance. Additionally, the information that some of these applications collect may cause privacy concerns for users who were not fully aware of the terms in the license agreement. Note: Although the terms spyware and adware are often interchanged, it is only unauthorized adware that is at par with spyware. Adware that provides users appropriate notice, choice, and control is not deceptive and should not be classified as spyware. Additionally, a spyware application that claims to perform particular function, while it is in fact doing something else, is acting like a Trojan horse.
Boot Sector Virus - As virus creators got more sophisticated, they learned new tricks. One important trick was the ability to load viruses into memory so they could keep running in the background as long as the computer remained on. This gave viruses a much more effective way to replicate themselves. Another trick was the ability to infect the boot sector on floppy disks and hard disks. The boot sector is a small program that is the first part of the operating system that the computer loads. The boot sector contains a tiny program that tells the computer how to load the rest of the operating system. By putting its code in the boot sector, a virus can guarantee it gets executed. It can load itself into memory immediately, and it is able to run whenever the computer is on. Boot sector viruses can infect the boot sector of any floppy disk inserted in the machine, and in an environment where lots of people share machines they spread like wildfire.
Dialers - Programs that use a system, without your permission or knowledge, to dial out through the Internet to a 900 number or FTP site, typically to accrue charges.
Email Virus - An e-mail virus moves around in e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book.
Executable Virus - Early viruses were pieces of code attached to a common program like a popular game or a popular word processor. A person might download an infected game from a bulletin board and run it. A virus like this is a small piece of code embedded in a larger, legitimate program. Any virus is designed to run first when the legitimate program gets executed. The virus loads itself into memory and looks around to see if it can find any other programs on the disk. If it can find one, it modifies it to add the virus's code to the unsuspecting program. Then the virus launches the "real program." The user really has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programs are infected. The next time either of those programs gets executed, they infect other programs, and the cycle continues. If one of the infected programs is given to another person on a floppy disk, or if it is uploaded to a bulletin board, then other programs get infected. This is how the virus spreads. The spreading part is the infection phase of the virus. Viruses wouldn't be so violently despised if all they did was replicate themselves. Unfortunately, most viruses also have some sort of destructive attack phase where they do some damage. Some sort of trigger will activate the attack phase, and the virus will then "do something" -- anything from printing a silly message on the screen to erasing all of your data. The trigger might be a specific date, or the number of times the virus has been replicated, or something similar.
Hack Tools - Tools used by a hacker to gain unauthorized access to your computer. One example of a hack tool is a keystroke logger -- a program that tracks and records individual keystrokes and can send this information back to the hacker.
Hoaxes - Usually an email that gets mailed in chain letter fashion describing some devastating, highly unlikely type of virus. Hoaxes are detectable as having no file attachment, no reference to a third party who can validate the claim, and by the general tone of the message. A hoax uses social engineering to attempt to trick computer users into performing some act. However, in the case of a hoax, there is no code to execute; the hoaxer is usually simply trying to trick the victim. Generally, it is easier to trick someone into doing something for you than it is to write software that does it without their knowledge, therefore, the IT community has seen a large number of hoaxes. Hoaxes waste peoples time, take up email server resources, and consume network bandwidth.
Internet Cookies - Internet cookies are text files that are placed on a user's computer by web sites that the user visits. Cookies contain and provide identifying information about the user to the web sites that place them on the user computer, along with whatever information the sites want to retain about the user's visit. Cookies are legitimate tools that many web sites use to track visitors information. For example a user might shop for an item in an online store, but once he or she has placed the item in their online shopping cart, they may want to move to another web site for some reason. The store can choose to save the information about what products were in the shopping cart in a cookie on the user's computer so that when the user returns to the site, the item is still in the shopping cart and ready for the user to buy if he or she wishes to complete the transaction. Web site developers are only supposed to be able to retrieve information stored in the cookies they created. This approach should ensure user privacy by preventing anyone other than the developers of these sites form accessing the cookies left on the user's computers. Unfortunately, some web site developers have been known to use cookies to gather information without the user's knowledge. Some may deceive users or omit their policies. For example, they may track web surfing habits across many different web sites without information the user. Site developers can use this information to customize the advertisements the user sees on a web site, which is considered an invasion of privacy. It is difficult to identify this form of targeted advertising and other forms of "cookie abuse", which makes it difficult to decide it, when, and how to block them from your system. In addition, the acceptable level of shared information varies among computer users, making it difficult to create an "anti-cookie" program that will meet the needs of all the computer users.
Joke Software - Programs that change or interrupt the normal behaviour of your computer, creating a general distraction or nuisance. Harmless programs that cause various benign activities to display on your computer (for example, an unexpected screen saver). Generally designed to produce a smile, or at worst, a waste of someone's time. These programs have existed for as long as people have been using computers. Because they were not developed with malicious intent and are clearly identified as jokes, they are not considered malware. These joke applications have produced everything from interesting screen effects, to amusing animations or games.
Malware - Is typically used as a catch-all term to refer to any software designed to cause malicious tasks on a computer system, whether it's a virus, worm, spyware, Trojan horse et al.
Phishing (Scams) - Virtually every form of communication has been used, at one time or another, by criminals in an attempt to trick people into acts that will provide the criminal some financial gain. The internet, web sites, and email are no exception. An email message that attempts to trick the recipient into revealing personal information that can be used for unlawful purposes (such as bank account information) is a common example. One particular type of scan has been known as phishing. Examples of phishing include cases in which senders mimic well-known companies, such as eBay to try and gain access to user account information. Phishing scams often use a web site that copies the look of a company's official web site. Email is used to redirect the user to the fake site, and trick them into entering their user account information, which is saved, and used for unlawful purposes. These types of cases should be handled seriously and reported to local law enforcement authorities.
Remote Access Trojans - Programs that allow another computer to gain information or to attack or alter your computer, usually over the Internet. Remote access programs detected in virus scans may be recognizable commercial software, which are brought to the user's attention during the scan. Examples include Back Office, Cafeene, and SubSeven.
Rootkits - These are collections of software programs that a hacker can use to gain unauthorized remote access to a computer and launch additional attacks. These programs may use a number of techniques, including monitoring keystrokes, changing system log files or existing system applications, creating a backdoor into the system, and starting attacks against other computers on the network. Rootkits are generally organized into a set of tools that are tuned to specifically target a particular operating system.
Scumware - Software, scripts or programs that are specifically designed to circumvent or steal revenue and traffic from legitimate web sites. Most scumware is also considered to be spyware since it usually includes programs which transmit your personal information. Scumware is usually installed without consent and bundled with other programs such as popular file sharing programs or Adware.
Spam - Spam is un-solicited email generated to advertise some service or product. This phenomenon is generally considered a nuisance, but spam is not malware. However, the dramatic growth in the number of spam messages being sent is a problem for the infrastructure of the internet that results in lost productivity for employees whoa re forced to wade through and delete such messages every day. The source for the term spam is disputed, but regardless of its origin there is no doubt that spam has become one of the most persistent irritations in internet-based communications. Many consider spam to be so significant an issue that it now threatens the health of email communications around the world. It should be noted that except for the load ensured by email servers, and anti-spam software, spam is not actually capable of replicating or threatening the health and operation of an organization's IT systems. Malware has often been used by spam originators (so called spammers), to install a small SMTP email server service on a host computer, which is then used to forward spam messages to other email recipients.
Spyware - This type of software is often referred to as tracking software. Spyware uses other forms of deceptive software, and programs that conduct certain activities on a compute without obtaining appropriate consent from the user. These activities may detect passwords, change internet browser configuration settings, or other confidential information and transmit them to another computer. Apart from being annoying, spyware results in a variety of issues that range from degrading the overall performance of your computer, to violating your personal privacy. Spyware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. A user may unknowingly trigger spyware by accepting an End User License Agreement from a software program linked to the spyware.
Trojan Horse - A Trojan horse is simply a computer program that neither replicates nor copies itself, but causes damage or compromises the security of the computer. It appears to be useful or harmless, but contains hidden code designed to exploit or damage the system on which it is run. Typically, an individual emails a Trojan Horse to you-it does not email itself-and it may arrive in the form of a joke program or software of some sort.
Virus - A virus uses code written with the express intention of replicating itself. A virus attempts to spread from computer to computer by attaching itself to a host program. It may damage hardware, software, or data. When the host is executed, the virus code also runs, infecting new hosts and sometimes delivering additional malicious attacks.
Worm - A worm uses self-propagating malicious code that can automatically distribute itself from one computer to another through network connections. A worm can take harmful action, such as consuming network, or local system resources, possibly causing a denial-of-service (DOS) attack. Some worms can execute and spread without user intervention, while others require users to execute the worm code directly in order to spread. It may arrive in the form of a joke program or software of some sort.