Working in a tech support role, one of the most recurring issues I come across are malware attacks. Viruses, Trojans, Spyware, etc. are all types of malware designed to attack your PC and cause everyone a headache and downtime. At best, malware merely hurts your computer’s performance… at worst; it is a gateway for identity theft and data loss.
One recent piece of malware (the Aldi Bot) attacks computers in a myriad of ways, including:
- Creating a network of bots called a netbot which all work together to perform the hacker’s bidding.
- Carrying out DDoS (distributed denial-of-service attack) attacks. The Sony network was infamously brought down for weeks this past summer with a DDoS attack.
- Using the victim’s PC as a proxy, which allows the hacker to surf the web through your computer carrying out illegal activities under your identity.
- Stealing saved passwords in the victim’s web browser (including passwords for e-commerce and financial sites).
- Remote execution of files on the victim’s PC, to allow the hacker full control of your computer and launch attacks from your PC.
One common question I receive regarding malware is pretty straightforward… why would someone take the time to make such software to do these things? Although there are many answers to this – from the love of chaos to finding a way to profit, it is clear that malware is expanding… and here to stay.
Much of malware comes in the form of a “bot,” a small piece of software that automatically installs and attacks your machine. They are distributed a variety of ways, including via email, websites, or a download. The unwitting user opens the bot by clicking a link or visiting a site and it installs itself on your PC – most times without the user’s knowledge.
There are many ways you might receive ‘invitations’ to become infected, these include:
If you receive an email from a friend or family member which seems uncharacteristic of them or is a chain email which contains an attachment or web-link inside; do not open the attachment or blindly click the link. A good general rule of thumb is to never click a web-link embedded in the body of an email.
Fake Anti-Virus Warnings
If you are surfing the web and a window pops up claiming your PC is infected with viruses and to click the pop up to correct, do not click the pop up. Clicking on the pop up warning will only install the malware on your computer.
Since malware is so easily distributed, the onslaught will only increase. The best steps to avoid becoming a victim is to make sure you have up-to-date antivirus software and use caution when you surf the Internet, open emails, and download files. Next time you receive a fishy email, think twice about clicking the link inside, chances are you did not win the lottery in South Africa anyway. Let us know if you need help with antivirus software in your environment.