Welcome to part two of this article.  We hope you enjoyed part one (click here if you missed it).  Here we will discuss the last two most common threats, as well as some other methods hackers use to trick people into infecting their machines.

Threat Category 3:  The Trojan-Horse

These programs are extremely common and popular.  They are a delivery method that works by fooling people into allowing some form of sinister program onto their PC’s.  They often come to you looking like something that is completely safe, or even desirable (hence the name).

Most of them just sneak onto your PC without your even knowing it.  The creators of these programs will hack a legitimate website and plant the Trojan on it.  Then when you visit that site, it downloads onto your computer.

The varieties are endless, so we’ll just mention one example.  Years ago, there was a program that used animated fireworks to display “Happy New Year 2000” on the PC screen.  Every time you ran the program, all it seemed to do was display this nifty animation in the form of a screen saver.  Another form of this technique was a cute program called “Bonzi Buddy”, where a cute purple gorilla danced around your screen.  What people didn’t know was that in the background, lots of nasty things were happening, such as logging your keystrokes, searching your PC for personal information, or launching pop-up ads.

A newer, more popular one these days is a Toolbar or other program that finds you coupons or great shopping deals.  Most of these “Shopping Assistants” are just crap used to launch pop-ups and send you spam.  There are a couple of “legitimate” coupon programs out there (like the “Coupon Printer” program).  If you come across such a program, avoid it.  There are other ways to find deals on the internet.  Being lazy and relying on a “shopping assistant” can get you in trouble and cost you hundreds in virus repairs, offsetting any “savings” they might find you.

Threat Category 4:  Back Doors

The sole purpose of these programs is to allow an authorized user to access or control the infected computer.  A popular one called Back Orifice, was one of the most complex and nasty programs ever made.  It allowed a remote user (ie hacker) to take “pictures” of what was being displayed on a PC screen, watch what was being typed, record sound from a microphone, create files, read data files and even delete files on the affected computer.  Back Orifice was a major problem worldwide and caused internet providers to institute major new security practices that still used to this day.

Methods Used for Distribution – How They Trick You Into Getting Infected

Method 1: Misspelled or Slightly Modified Web Address (URL’s)

The easiest way to get people to infect their computers is by tricking the eye.  Who would think that you can get a virus from popular sites such as Google, Amazon or Yahoo?  Or worse still, from your bank’s website?

The chances someone hacking these sites and setting them up to spread Malware is VERY small.  Even if someone does get lucky and hacks these sites, their 24/7 security staff, whose sole job is to monitor the sites’ traffic and watch for any irregularities, will fix the hacks in mere moments.

Yet this happens all the time.  The hackers spread emails and links to  infected web pages that appear like the real thing.  However if you look closely at the URL, or web address they took you to, you’ll find a slight typo or variation of the name.  Let’s take Bank of America for example:

Real URL    =bankofamerica.com

Fake URL1 =bankoofamerica.com

Fake URL2 =bankofamerica.js.com

Did you catch the differences?  How can you see these before you click?

When you hover you mouse over a link on a web page, the URL to the page will appear in your browser’s “Status Bar”, located at the bottom of your browser window.  Note that there is an option to turn this bar on or off in your browser’s “View” settings.  Make sure it’s on.  This is the most effective way to analyze a link before you click on it.

Method 2: Links Posted on Chat Rooms and Instant Messages

If you like to do instant messaging, or get on online chat rooms, be careful.  Never click on a link from someone you don’t know.  They may post a link to a “cool website”, some great pictures, or a good program you should download.  These links can bring you to a site that hosts malicious software and you could end up with any of the infections we mentioned above.

I know lots of folks like to meet new people this way.  That’s fine, but don’t trust people until at least you’ve interacted with them for a while.  Hackers and other nasty people tend not to be regulars on chat rooms.  Get to “know” people first.  Of course some nasty people, like stalkers, can stick around for a while trying to get peoples’ confidence, but that’s rare and is just a risk you take in the online world.

Method 3: Misleading People on a File’s True Nature by Hiding Part of the File Name

All malicious threats are programs. Programs can be written to do anything, from word processing, to photo editing, browsing the web, or just about anything else you can think of.  There are nasty ones out there too, that can do things like steal your passwords, launch pop-ups, or even delete files.  All programs have an identifying feature that they all share.  That feature is the “file type”, which is signified by the file extension.

Note:  A Lesson on File Types & Extensions:

When we talk about a file type, what we mean is “what kind of file is it?  Is it a picture, a document, a spreadsheet, a video, a music file or a program?  How do we know what type of file it is?  By what’s called a “file extension”.  This is the series of 3-4 letters that come after the “dot” in the file name, for example:

File1.jpg is a picture, signified by the “jpg”.

File2.mp3 is a music file, signified by the “mp3”.

File3.docx is a Word document, signified by the “docx”.

File4.exe is a program, signified by the “exe’.

File5.bin is also a program.

The main takeaway here is to recognize programs, as these are the only things that can be a virus or spyware threat.  The file extension for most programs is exe, which stands for “executable file”.  They can also be bin or bat files, but these are far less common.  Now you have a good understanding of the subject..

Okay so now you know this.  Are you safe yet?  No!  Why?  Because by default, Windows is configured not to show the file extensions.  This was a very stupid move by Microsoft.  They argue that this make things less confusing for the end users.  We highly recommend that you turn this feature on.  How do you do this?

Go to the “Control Panel” and look for an item called “Folder Options”.  Open this and you’ll see a tabbed window open up.  Click on the “View” tab and find an item called “Hide extensions for known file types”.  Uncheck the box next to it, and click OK.  If it’s already unchecked, leave it that way.  Now you’re a little safer.

So how do you use this knowledge to protect yourself?  When you see a file attached to an email, or are led to one by hitting a link to download something, you can now see if the file is truly what you were led to believe it is.  If you were led to think it was a cool picture, or a nice song, make sure the file extension is not exe, bin or bat.  If it is, you’ll know you were being misled and get out of there fast!

What the hackers do is fool you by naming a music file for example, as “CoolSong.mp3.exe”.  If you had the file extensions turned off, you’d only see the name “CoolSong.mp3”, and you’d think it was a song.  Launch it and whack, the program runs and you’re infected!  Sneaky, eh?  This trick was very common with the free music download programs, like Lime Wire.  I can’t tell you how many customers of ours got infected this way.

That’s it for this post.  We’ll be posting more good articles on computer issues soon, so stay tuned.

As always, we welcome you to learn more about our company.  Please visit our Website or Facebook page.  Thanks!