UNCC-HRL ::: HTS ::: Secure My PC

Malware

Malware is the term in the Internet lexicon that refers to a whole host of programs that can infect your computer and do it, and you, harm. The word's origins are Malicious (Mal) and Software (ware): Malware. Typically, malware includes:

Viruses;
Worms;
Trojans;
Keystroke Loggers;
Ad-ware and Freeware.

Some ad-ware programs, (the origin on this word is: Advertising [Ad] and Software [ware]: Adware), like Gator/GAIN and some free-ware programs, like weather programs, web based music software, or search toolbars, can also contain malware or flaws that could create security weak points. Most adware is harmless, but you should always think twice before installing "free" software off of the Internet.

Viruses & Worms

A virus is a program or programming code that runs on your computer without your knowledge. It spreads by copying itself to other documents and programs. It can damage your computer with its payload. For example, payloads may delete files, monitor your computer or steal your personal information. However, a virus or worm that does not have a payload can still be bad as the copying action can slow down computers and networks.

A worm is similar to a virus but has one main difference. For a worm to run on your computer it only needs to be able to connect to it across the Internet or a network. This is different to a virus which needs you to perform an action such as click a button or open an email.

How can I prevent myself from being infected by a virus?

Anti-virus software is your best defense against viruses and worms. This software contains virus signatures or definitions which tell the anti-virus program what to look for while scanning your computer for viral or worm-based threats. Because hackers and scammers are constantly creating and releasing new viruses and worms onto the Internet, these definition files need to be updated on a regular basis. If you are using Symantec's Anti-Virus program (provided by the University) or Norton Anti-Virus (its sister product) all you need to do is run Live-Update (click here to see how). Other anti-virus programs have similar functionality; refer to your user guide or online help tool to learn how to use it.

You can also take proactive measures to prevent your computer from becoming infected. Only visit websites where you know who is providing the content or operates the site. Don't open e-mail messages from people or organizations you don't know or messages you weren't expecting from those you do. Don't accept attachments from people you don't know in instant messenger programs or chat rooms. And use common sense when installing freeware from online sites.

Trojans

Trojans take their name from the term 'Trojan Horse' and are a type of malware which contains a payload. The payload is what is installed on your computer without you realizing it. Payloads sometimes cause your computer to get hijacked and used to store porn, illegal music or movies, or send out spam to other people. Some payloads contain keystroke loggers (see below) which capture everything you type. Some payloads contain programs that scan your computer to look for information to steal (such as credit card numbers, Social Security numbers, or other personal information) and use for identity theft.

Typically Trojan authors will send out e-mail at random to get people to click on a link in the e-mail that takes them to a malicious website where vulnerabilities in the web browser are exploited to install the Trojan.

How can I prevent myself from being infected by a Trojan?

Firewalls, up to date anti-virus software and anti-spyware programs all provide the best defense from Trojans, so it is important that you use these to protect your computer.

Currently, most Trojans take advantage of vulnerabilities in Microsoft's Internet Explorer browser. To protect against these vulnerabilities, if you use Internet Explorer, you should ensure that you are using the latest version of the software and it is essential that you download all of the Internet Explorer Critical Updates (also known as "security updates" or "patches") from the Windows Update site. You may also wish to consider using a different kind of web browser (such as Firefox).

Just as you protect your Residence Hall room by locking the doors and windows every time you go out, it is essential that you protect your computer by using up-to-date anti-virus software, doing regular scans of your computer to check for viruses, installing a personal firewall and also the latest security updates for your web browser and operating system.

Some Trojan emails contain code to download the Trojan when the message is previewed or opened using the 'HTML view' in your e-mail program. It is always safer not to open messages from unknown sources and to read all messages in 'plain text' only.

How to spot suspicious emails.

Trojan e-mail can masquerade as almost any kind of message, so you need to be treat all unsolicited e-mail you receive with caution. The main similarity is that they try and get you to click on a link by alarming you (e.g. "Your credit card will be charged") or by tempting you with some dramatic information (e.g. "Osama Bin Laden captured", "Terrorists target Olympic Games", "Someone sent you a private message").

How to spot malicious websites.

A malicious website contains code which automatically downloads the Trojan, computer virus or ad-ware onto your computer. If visited, the website may appear to be completely ordinary, but behind the scenes it will be installing the malicious code and this may not be apparent, although sometimes a program will launch unexpectedly, or you may notice a lot of activity on your Internet connection as the files are downloaded. The malicious code may be disguised within the page, so cannot be easily be identified. Even the plainest looking page can conceal malicious code behind the scenes and users of adult entertainment, gaming, gambling, or file sharing sites should be particularly careful as these sites are often targeted the most by Trojan authors.

Keystroke Loggers

Keystroke loggers capture all of the keystrokes entered on a computer keyboard. Keystroke loggers can also be more sophisticated and can take "pictures" (screen-shots) of what is on your monitor as well. Keystroke loggers are often "installed" on your computer as a result of getting a Trojan. Some specifically seek to capture passwords entered at certain web sites like banks, credit cards, online stores or payment sites (like PayPal). This information is then sent to the fraudsters over the Internet who then use it to commit identity theft.

How can I prevent myself from being infected by a keystroke logger?

The best way to keep from getting infected by a keystroke logger is to make sure that you have a firewall, up to date anti-virus software and anti-spyware software installed on your computer. Further, be wary of unrequested e-mail messages in your in-box (don't open, forward, or reply to them) and don't visit links or websites where you aren't sure who the owner is. If you visit targeted sites, like adult entertainment, gaming, gambling, or file sharing sites, consider installing a professional-grade pop-up blocker if your web browser doesn't have one built in.

Ad-Ware & Freeware

Adware is software which displays adverts while it is being used. Adware is generally safe and does not harm your computer. This should not be confused with spyware (malware), which is generally bad. Adware, however, can contain programs that can run on your computer and record what you do (like a keystroke logger). These programs range from relatively harmless ones, such as programs that monitor how often you visit a specific site, to those that track everything you do on your computer and send the results to someone else, who can then use this information for whatever they want. Often, advertisers use this information to tailor the ads that pop-up on your computer or appear on websites with advertising.

Freeware is software that is free. You can normally download it from the Internet. Examples of freeware include: Adobe Acrobat Reader, Adobe Flash Player, Shockwave, Real Media Player, and Apple's Quicktime. Freeware is generally safe to use, when obtained from widely known sources (like Apple or Adobe) or from sources that verify the software on their site is free of threats (like CNet.com). Freeware from specialist providers in a specific field (like ColdFusion tags from CF Tag Store) is also generally safe. When deciding whether or not to download and install freeware on your computer consider the source of the software and whether or not you can afford to rebuild your entire PC if it becomes compromised as a result of the freeware. Before installing ANY freeware or ad-ware, you should back up your computer and create a restore point. And, you should always make sure you are following University guidelines and Federal and State laws that govern file sharing.


Secure My PC Home PC Readiness Checklist Routine Maintenance Log Mobile Device Users Test Your Knowledge Anti-Virus Software Anti-Spyware Software Firewall Software Windows Updates Macintosh Updates Office Software Internet Browsers Music Software Instant Messengers SPAM - SPIT - SPIM Phishing & Spoofing Identity Theft Malware E-Mail Security File Sharing System Back-Up	Malware Malware is the term in the Internet lexicon that refers to a whole host of programs that can infect your computer and do it, and you, harm. The word's origins are Malicious (Mal) and Software (ware): Malware. Typically, malware includes: Viruses; Worms; Trojans; Keystroke Loggers; Ad-ware and Freeware. Some ad-ware programs, (the origin on this word is: Advertising [Ad] and Software [ware]: Adware), like Gator/GAIN and some free-ware programs, like weather programs, web based music software, or search toolbars, can also contain malware or flaws that could create security weak points. Most adware is harmless, but you should always think twice before installing "free" software off of the Internet. Viruses & Worms A virus is a program or programming code that runs on your computer without your knowledge. It spreads by copying itself to other documents and programs. It can damage your computer with its payload. For example, payloads may delete files, monitor your computer or steal your personal information. However, a virus or worm that does not have a payload can still be bad as the copying action can slow down computers and networks. A worm is similar to a virus but has one main difference. For a worm to run on your computer it only needs to be able to connect to it across the Internet or a network. This is different to a virus which needs you to perform an action such as click a button or open an email. How can I prevent myself from being infected by a virus? Anti-virus software is your best defense against viruses and worms. This software contains virus signatures or definitions which tell the anti-virus program what to look for while scanning your computer for viral or worm-based threats. Because hackers and scammers are constantly creating and releasing new viruses and worms onto the Internet, these definition files need to be updated on a regular basis. If you are using Symantec's Anti-Virus program (provided by the University) or Norton Anti-Virus (its sister product) all you need to do is run Live-Update (click here to see how). Other anti-virus programs have similar functionality; refer to your user guide or online help tool to learn how to use it. You can also take proactive measures to prevent your computer from becoming infected. Only visit websites where you know who is providing the content or operates the site. Don't open e-mail messages from people or organizations you don't know or messages you weren't expecting from those you do. Don't accept attachments from people you don't know in instant messenger programs or chat rooms. And use common sense when installing freeware from online sites. Trojans Trojans take their name from the term 'Trojan Horse' and are a type of malware which contains a payload. The payload is what is installed on your computer without you realizing it. Payloads sometimes cause your computer to get hijacked and used to store porn, illegal music or movies, or send out spam to other people. Some payloads contain keystroke loggers (see below) which capture everything you type. Some payloads contain programs that scan your computer to look for information to steal (such as credit card numbers, Social Security numbers, or other personal information) and use for identity theft. Typically Trojan authors will send out e-mail at random to get people to click on a link in the e-mail that takes them to a malicious website where vulnerabilities in the web browser are exploited to install the Trojan. How can I prevent myself from being infected by a Trojan? Firewalls, up to date anti-virus software and anti-spyware programs all provide the best defense from Trojans, so it is important that you use these to protect your computer. Currently, most Trojans take advantage of vulnerabilities in Microsoft's Internet Explorer browser. To protect against these vulnerabilities, if you use Internet Explorer, you should ensure that you are using the latest version of the software and it is essential that you download all of the Internet Explorer Critical Updates (also known as "security updates" or "patches") from the Windows Update site. You may also wish to consider using a different kind of web browser (such as Firefox). Just as you protect your Residence Hall room by locking the doors and windows every time you go out, it is essential that you protect your computer by using up-to-date anti-virus software, doing regular scans of your computer to check for viruses, installing a personal firewall and also the latest security updates for your web browser and operating system. Some Trojan emails contain code to download the Trojan when the message is previewed or opened using the 'HTML view' in your e-mail program. It is always safer not to open messages from unknown sources and to read all messages in 'plain text' only. How to spot suspicious emails. Trojan e-mail can masquerade as almost any kind of message, so you need to be treat all unsolicited e-mail you receive with caution. The main similarity is that they try and get you to click on a link by alarming you (e.g. "Your credit card will be charged") or by tempting you with some dramatic information (e.g. "Osama Bin Laden captured", "Terrorists target Olympic Games", "Someone sent you a private message"). How to spot malicious websites. A malicious website contains code which automatically downloads the Trojan, computer virus or ad-ware onto your computer. If visited, the website may appear to be completely ordinary, but behind the scenes it will be installing the malicious code and this may not be apparent, although sometimes a program will launch unexpectedly, or you may notice a lot of activity on your Internet connection as the files are downloaded. The malicious code may be disguised within the page, so cannot be easily be identified. Even the plainest looking page can conceal malicious code behind the scenes and users of adult entertainment, gaming, gambling, or file sharing sites should be particularly careful as these sites are often targeted the most by Trojan authors. Keystroke Loggers Keystroke loggers capture all of the keystrokes entered on a computer keyboard. Keystroke loggers can also be more sophisticated and can take "pictures" (screen-shots) of what is on your monitor as well. Keystroke loggers are often "installed" on your computer as a result of getting a Trojan. Some specifically seek to capture passwords entered at certain web sites like banks, credit cards, online stores or payment sites (like PayPal). This information is then sent to the fraudsters over the Internet who then use it to commit identity theft. How can I prevent myself from being infected by a keystroke logger? The best way to keep from getting infected by a keystroke logger is to make sure that you have a firewall, up to date anti-virus software and anti-spyware software installed on your computer. Further, be wary of unrequested e-mail messages in your in-box (don't open, forward, or reply to them) and don't visit links or websites where you aren't sure who the owner is. If you visit targeted sites, like adult entertainment, gaming, gambling, or file sharing sites, consider installing a professional-grade pop-up blocker if your web browser doesn't have one built in. Ad-Ware & Freeware Adware is software which displays adverts while it is being used. Adware is generally safe and does not harm your computer. This should not be confused with spyware (malware), which is generally bad. Adware, however, can contain programs that can run on your computer and record what you do (like a keystroke logger). These programs range from relatively harmless ones, such as programs that monitor how often you visit a specific site, to those that track everything you do on your computer and send the results to someone else, who can then use this information for whatever they want. Often, advertisers use this information to tailor the ads that pop-up on your computer or appear on websites with advertising. Freeware is software that is free. You can normally download it from the Internet. Examples of freeware include: Adobe Acrobat Reader, Adobe Flash Player, Shockwave, Real Media Player, and Apple's Quicktime. Freeware is generally safe to use, when obtained from widely known sources (like Apple or Adobe) or from sources that verify the software on their site is free of threats (like CNet.com). Freeware from specialist providers in a specific field (like ColdFusion tags from CF Tag Store) is also generally safe. When deciding whether or not to download and install freeware on your computer consider the source of the software and whether or not you can afford to rebuild your entire PC if it becomes compromised as a result of the freeware. Before installing ANY freeware or ad-ware, you should back up your computer and create a restore point. And, you should always make sure you are following University guidelines and Federal and State laws that govern file sharing.