The Internet is a great place; you can read about any subject you want to (and many you wish you’d never heard of). You can buy anything online and have it delivered to your door. You’ve got immediate access to your bank, credit cards, investments, and other financial information. Heck, you don’t have to leave the house if you don’t want to.
With all these new ways of doing business on the Internet come people trying to make a dishonest buck. On the Internet, some people are trying to part you from your hard-earned money without leaving their keyboard.
Not to scare you, but a whole lot of bad stuff is on the Internet. Fortunately, knowing about it goes a long way to avoiding it.
Finding Out about Bad Software
Software is the stuff you load on your computer to do work and have fun. Your word processor, Web browser, and spreadsheet are all software. Someone (or a group of people) sat down and wrote the software with the goal of trying to solve a problem you had in exchange for you buying the software.
What if those people didn’t care about helping you, but thought they could write software that stole your online bank account number and password? Or what if they just thought it would be fun to delete all the files on your hard drive?
Software like this is called malware, which is short for malicious software. (Have you ever noticed how computer people like to make up words?) Malware is any software that intentionally does harm to a computer, without the computer owner’s consent.
There are many different types of malware out there, and I cover these in the following sections.
Understanding viruses
In the physical world, someone gets sick, coughs on you, and the next thing you know, you’re in bed for a couple of days. Computer viruses are much the same, just without the bonus of time off work.
When you happen to run a piece of infected software, the virus tries to replicate itself. Maybe it infects a few other programs on your system, maybe it hijacks your e-mail client and e-mails itself to 100 of your closest friends. Either way, the virus tries to make its way onto other machines.
Before the Internet, viruses traveled pretty slowly because you’d have to share the program over a floppy disk to move the virus around. With the advent of the Internet, viruses started incorporating network functionality.
Viruses aren’t limited to programs, such as games and word processors. They can be hidden in e-mail attachments that look normal, or inside documents themselves. Newer viruses don’t even need to be run; they spread by taking advantage of network services built into your machine.
One day in 1999 people started to get e-mails from friends containing a Microsoft Word document as an attachment. As soon as the document was opened, special code called a macro was run that made the user’s e-mail software send the virus to the first 50 people in the user’s address book.
This virus was very effective for several reasons:
♦ The e-mail came from the victim, so people were inclined to trust it.
♦ People weren’t careful in what they opened because nothing like this had ever happened before.
♦ It took very little effort on the user’s behalf to propagate the virus because the macros were an integrated part of the word processor.
Viruses don’t necessarily do damage by themselves; what matters is the pay-load. If the virus’ objective in life is to replicate, it’s merely annoying. If the payload deletes your computer’s files on April Fool’s Day, that would be bad.
Getting protection from viruses
Software called anti-virus software runs on your computer and is constantly on the lookout for virus activity. Most anti-virus (AV) software inspect all the files on your hard drive periodically and also give a quick scan to any programs you run, at the time that you run them.
I cover AV software later in this topic. Not only do you need it, but you need to keep it up to date. AV software works by looking for signatures, or patterns, of viruses. To update your AV software means to get the latest set of signatures. Fortunately for you, any decent AV package will automate this.
The second way to keep virus-free is to keep on top of your operating system patches. In late 2008 and early 2009, a virus called Conficker was running around the Internet. Conficker spread by many different means, but one of the most effective was by exploiting a problem with Windows that had been patched several months prior. Because most people didn’t install the latest operating system updates, they were vulnerable. We look at patching in the next topic.
Finally, the first line of defense against virus infection is to use your head. If you receive a random e-mail with an attachment, don’t open the attachment. Only get software from reputable sources, or friends. And use your anti-virus software to scan things after you download them.
Spyware and adware
Spyware and adware are two types of malware that hide in the background and try to make money for the creator. Spyware tracks the Web sites you go to and uses that data to make money. The author might be interested in the data themselves, or they might be able to sell the information to someone who is.
Adware is software that displays advertising inside it. This initially wasn’t bad — some instant messaging services originally displayed small ads to keep their service running. As usual, though, people started writing code that would force itself upon the machine and change the ads that a user saw. For example, an ad for jewelry on a Web site might be replaced with an ad for something else, with the owner of the adware getting a cut if you buy anything.
This last scenario might seem like it’s not a problem; but even so, adware takes up resources on your computer and makes it slower. Adware also cheats Internet businesses out of their money.
Other types of spyware, called keyloggers, take your keystrokes and send them to the creator. This includes anything you typed into your online banking site.
The lines between adware and spyware have blurred to the point where it’s all generally called spyware now. Whatever it’s called, you don’t want it on your computer.
Most of the lesser forms of spyware come from toolbars that you randomly happen across on your Internet travels. Anything offering free smileys, "free screensavers, or something that enhances your Web browsing experience with a free deal finder toolbar probably contains some hidden nastiness. The program may work as advertised, but it will probably leave spyware that will be around long after you get bored with the software you downloaded.
These spyware packages are often distributed through a technology called ActiveX that is only supported by Microsoft Internet Explorer. There are few ActiveX components that are worth using, and a good part of the rest is spyware.
Spyware is often found in illegal downloads, especially software that purports to crack the copy protection on various legitimate pieces of software. Say what you will about the legal aspects of copyright protection, but the level of malware out there is atrocious.
Somewhat tied to the illegal downloads of software is downloads of illegal movies. The movies themselves don’t contain anything bad because they’re just data. However, trying to view the movie prompts you to download some software to properly decode it in the form of a piece of software called a codec. Guess what’s in that software? Figure 1-1 shows a user being prompted to download a new codec in order to watch a copy of a new movie that was downloaded over the Internet.
Figure 1-1:
A prompt to download a codec.
Does the codec contain malware? To find out, you should enter some of the details into your favorite search engine and see what other people have to say. Or, just stay away from media files like that.
Be selective about what you download and run. No matter what the ad says, you can’t download a current version of Microsoft Office for only $4. Even if it does contain an illegal version of Office, it’s bound to contain a bunch of nasty malware that you don’t want.
Try to find an anti-virus package that includes anti-spyware functionality, too. This software tries to block the installation of the spyware and also prevents spyware from calling home to transmit the sensitive data that was stolen.
Don’t download any extensions to Internet Explorer. In fact, don’t run Internet Explorer at all. Firefox is a much faster browser and does not suffer from as many attacks as Internet Explorer. Whichever browser you choose, make sure you’re up to date.
Be careful when installing software that has been suggested from a recent download. When you are prompted to download anything, take a moment to research what is being offered to make sure it’s not malware.
Zombies and botnets
The final stop in our whirlwind tour of bad software brings us to zombies and botnets. In the movies, zombies are dead people that have been reanimated and spend their time looking for tasty human brains to eat. They’re especially fond of groups of people who decided to split up so that they could find a way out of the abandoned building faster. I’ve never understood why people do that.
Anyway, a zombie computer is one that has been infected with some sort of malware that allows it to be controlled remotely. The infection is such that the owner of the computer doesn’t know what’s going on because the computer operates normally (but maybe slower).
Take a few thousand (or a few hundred thousand) of these zombified computers and you have yourself a botnet. The people who run these botnets make their zombie computers send e-mail spam, try to defraud advertisers, and even try to take down major Web sites. They may do this for their own uses or rent out their botnet to people who are in need of such services.
Needless to say, you don’t want your computer to be a zombie! There’s no upside, and you don’t want to be giving out system resources for sending spam and taking down Web sites.
Zombie software gets on your computer the same way that other malware gets there, such as through strange e-mail attachments or in infected files taken from unscrupulous Web sites.
Avoiding Bad People
The last section talked about bad software. Bad people made that software, but there’s another class of bad guys that are out to scam you directly.
Most of these schemes aren’t new; they’re just some old classics that have been adapted for the Internet. People have been writing bad checks for decades: the Internet just allows them to expand their reach.
Spam
If you’ve had an e-mail address for more than 10 minutes, then you’ve seen some spam. Spam is an unsolicited commercial e-mail, which is a fancy way of saying that someone you don’t know sent you an e-mail trying to sell you something.
The nature of e-mail means that it costs about the same to send out a million e-mails as it does a handful. There are no stamps to buy, no envelopes to stuff, and no address labels to print. A single computer can generate thousands of spam e-mails per hour, and if you use the services of a botnet, you can blast out a few million e-mails in no time at all.
Spam is sometimes hard to differentiate from regular commercial e-mail. Sometimes you get added to a mailing list from a company that you dealt with, and you start getting a monthly newsletter. As inconvenient as it is, spam is a much bigger problem.
The idea behind spamming is that the spammer sends out an offer for a product. The types of products usually associated with spam are
♦ Pharmaceuticals, especially male performance enhancing pills
♦ Knockoff watches or clothing
♦ Illegal software
♦ Financial products such as loans
♦ University degrees
All good stuff, right?
Spam is bad for several reasons, including
♦ The sheer volume of spam makes your ISP do extra work to process the e-mail, and you do more work to find the e-mails you’re really looking for. This makes e-mail less efficient as a communications medium.
♦ The way that spammers send the e-mails out is often destructive to mail servers.
♦ The products being sold are usually a scam, illegal, or just plain low quality.
As tempting as it may be to be able to lose weight with only a small pill being sold at a ridiculously low rate, stay away.
Also be careful about how you give out your e-mail address. Posting to public forms sometimes exposes your address, which spammers harvest for their lists. Free Web-based e-mail providers are plentiful; it helps to have a separate account for posting to public forums.
Spam is often the vehicle for phishing attacks, which I look at next.
Phishing
Ever received an e-mail from your bank telling you that it was important that you go to their Web site and fill in some missing personal information? Ever received the same information from a different bank, one that you don’t deal with?
These e-mails were probably part of a phishing scam. Phishing is a play on fishing, as in "fishing for suckers who will give me their bank information" (and another made up word!) With this personal information the bad guy can get into your bank account or can get credit cards in your name (also called identity theft).
Here’s a step-by-step look at a scam:
1. Bad guy sets up a Web page that looks a lot like a particular bank’s Web site, with a form asking for your credit card number, social security number, mother’s maiden name, bank PIN, and anything else he can think of.
2. The bad guy sends out millions of e-mails that look official and that ask you to visit your bank’s Web page using the link in the e-mail.
3. You just happen to use that bank, so you click on the link and fill in the form.
4. The bad guy cleans out your bank account from the safety of an Internet cafe in a foreign land.
That e-mail from the bank may look authentic, but here’s what you might not know:
♦ Making an e-mail look like it came from whoever you want, including your bank, is easy.
♦ Making an e-mail look official and important is easy.
♦ Making the link shown on the screen take you to a different site is easy.
♦ Scammers can use many ways to trick people into thinking they’re on their bank’s Web site, when in fact they’re on the bad guy’s site.
Figure 1-2 is an e-mail that looks like it came from an auction site I use. It looks a lot like other e-mails that come from the site, but if you look where my mouse is hovering on the link, and the link that shows up in the status bar, they’re different!
Figure 1-2:
An e-mail from an online auction site. Or is it?
What’s happening here is that the phisher is trying to trick me into going to his site, where he’ll try to get me to log in using my real username and password, at which point he can do bad stuff.
That hover trick is not always reliable, though. The only way to be certain is to copy and paste the URL that shows on the screen instead of clicking.
If you are presented with such an e-mail, it pays to view it with some skepticism. Keep the following in mind:
♦ Some sites that are especially prone to phishing attacks will include your username in the subject or e-mail to show you it’s not a phishing scheme. If you don’t see this, beware.
♦ Banks will not request personal information over an e-mail or on a random Internet page. When in doubt, call your bank and ask.
♦ Most Web sites that deal with sensitive information post a policy on their Web page describing whether or not they do send such e-mails out and what sort of protections they use.
When in doubt, pick up the phone or just delete the e-mail.
If you use the Firefox Web browser, or Internet Explorer version 7 or later, it adds some additional phishing protection. Clicking on the link in the previous figure brings you to Figure 1-3.
Figure 1-3:
Trying to view a phishing site.
This screen is presented by your Web browser, and it indicates that the site in question is known to be a phishing site. It’s not perfect, but it’s an additional layer of protection.
Be very careful about what private information you give over the Internet, no matter what format. Scammers are getting cleverer. Identity theft is serious and can cause you a lot of trouble.
