Information Security 101: Malware

Posted by Security

One of the most troublesome facets of the information age is the prevalence of cyber crime. While a dauntingly technical subject matter for many, defending yourself from these threats requires only a basic understanding of how they work, as well as a healthy dose of skepticism and common sense.

In this multipart series, I will begin with a brief tutorial on the two most common malware tactics I’ve personally seen in my career as an IT specialist, and how you can protect yourself from them. Later in this series, I will cover other kinds of threats, and ways you can protect your personal information, your privacy, and your peace of mind from them as well.

Malware (short for malicious software) is an umbrella term for all sorts of troublesome programs or apps. The majority of such infections I’ve seen are trojans. The ancient Greeks won the Trojan war by fooling the city of Troy with a large wooden “gift” horse secretly filled with soldiers to breach the city’s defenses and allow the rest of the Greek army to sneak in and conquer. Similarly, malware trojans are designed to trick you into compromising your own system and enable the theft of your information and money.

Trojans accomplish this by pretending to be something legitimate and useful, such as (ironically) an antivirus program or cleanup utility. It will attempt to alarm you with a fake claim that your computer is infected (ha!) or has other kinds of problems in need of immediate remedy. It then pleads for you to buy the full version of this “helpful” utility in order to remove these phantom issues. But if you click to buy it, typically one of two things actually occurs. It may download and install spyware to steal information from you. Or, it may provide a form for you to enter your name, address, and credit card info under the guise of purchasing the “helpful” utility, but really uses that info to steal from you.

Spyware is another form of malware that often goes hand-in-hand with trojans. Spyware tries to remain under the radar in order to collect information about you, such as by monitoring your keystrokes, or collecting data from your files. Spyware can also take the form of hijacking your web browser (Internet Explorer, Safari, etc.), changing your search functionality and your home page to something unsolicited. The information it collects can include credit card numbers, bank routing numbers, and social security numbers. It can also include data about your web browsing habits, what you like and dislike, in order to target you more effectively for advertising purposes.

Which leads me to the primary reason why cyber crime exists: financial and identity theft.

Back to Blog