Wednesday, June 08, 2005
Understanding techno-trouble terms
ARE you bewildered and confused by such terms as "malware" and "pharming"? We take a look at how spyware, scum- ware, malware, phishing and pharming work, and offer tips on how to avoid being conned.
Spyware is a program that hides on your computer, gathering as much information as it can. The sort of information it collects varies; it may check what Web sites you visit, who you send e-mail to, or even capture your every keystroke and mouse click.
Spyware is designed to report back to its owner without your knowledge and consent whenever you go online. The biggest telltale sign your computer is infected with spyware is that it slows down.
Solution: Good anti-virus programs can be programmed to prevent spyware from installing and removing those that have already made their home on your hard drive.
Scumware and malware (short for "malicious software") are pesky programs that often promise to do something useful, such as offer a special button on your toolbar that acts like a dictionary or translator, but have a tendency to mess up your program settings.
Scumware might reset your start page, alter your bookmarks, disable security settings, shower you with pop-ups, and much more. Malware is even worse than scumware. It typically resets your dial-up settings, reconfiguring your modem to call an overseas number instead of 1511 or 1515 and other cheap-rate local numbers.
Solution: You can avoid scumware and malware by downloading programs only when you are sure that you know exactly what they do. Also, good anti-virus software will deal with known scumware and malware.
Phishing (pronounced "fishing") is a scam that starts off with an e-mail that looks as though it comes from a bank or well-known business. The message is designed to frighten people into clicking on the link and to "confirm" details of sensitive information "in order to prevent the account from being closed".
Panicked at the thought of being banned from online banking or shopping, unsuspecting surfers click on the link, visit a Web site and hand over details of credit cards and other important information.
But although the link looks legitimate and the page it leads to also looks like the real thing, users are actually diverted to a hoax page that is set up to capture all volunteered information.
Solution: Never click on links within an e-mail and always distrust messages that ask you to confirm sensitive information. If banks or other legitimate agencies want you to confirm details of sensitive information, they'll phone or send a letter via snail mail!
Pharming (pronounced "farming") is very much like phishing, but without the lure of the e-mail. Pharmers are thieves who manage to redirect traffic to fake Web sites that appear to have the proper domain names.
This type of camouflage is the result of thieves hacking into the domain name system server, the machine that translates Internet domain names from easy-to-remember words like "lepak.com" into numerical addresses like "222.156.0.0" used by computers. An older term for such activity is domain spoofing.
When users visit the pharmed site, they don't feel in the slightest bit suspicious: everything looks fine. They are led into giving sensitive information such as passport numbers or credit card details in the ordinary course of business. That this is then stolen by the thieves is something they'll only find out later.
Solution: To thwart pharmers, some sites offer certificates. When you visit these, you see a dialogue box asking you if you want to trust the certificate. If the details of the certificate don't look right, leave!
Spyware is a program that hides on your computer, gathering as much information as it can. The sort of information it collects varies; it may check what Web sites you visit, who you send e-mail to, or even capture your every keystroke and mouse click.
Spyware is designed to report back to its owner without your knowledge and consent whenever you go online. The biggest telltale sign your computer is infected with spyware is that it slows down.
Solution: Good anti-virus programs can be programmed to prevent spyware from installing and removing those that have already made their home on your hard drive.
Scumware and malware (short for "malicious software") are pesky programs that often promise to do something useful, such as offer a special button on your toolbar that acts like a dictionary or translator, but have a tendency to mess up your program settings.
Scumware might reset your start page, alter your bookmarks, disable security settings, shower you with pop-ups, and much more. Malware is even worse than scumware. It typically resets your dial-up settings, reconfiguring your modem to call an overseas number instead of 1511 or 1515 and other cheap-rate local numbers.
Solution: You can avoid scumware and malware by downloading programs only when you are sure that you know exactly what they do. Also, good anti-virus software will deal with known scumware and malware.
Phishing (pronounced "fishing") is a scam that starts off with an e-mail that looks as though it comes from a bank or well-known business. The message is designed to frighten people into clicking on the link and to "confirm" details of sensitive information "in order to prevent the account from being closed".
Panicked at the thought of being banned from online banking or shopping, unsuspecting surfers click on the link, visit a Web site and hand over details of credit cards and other important information.
But although the link looks legitimate and the page it leads to also looks like the real thing, users are actually diverted to a hoax page that is set up to capture all volunteered information.
Solution: Never click on links within an e-mail and always distrust messages that ask you to confirm sensitive information. If banks or other legitimate agencies want you to confirm details of sensitive information, they'll phone or send a letter via snail mail!
Pharming (pronounced "farming") is very much like phishing, but without the lure of the e-mail. Pharmers are thieves who manage to redirect traffic to fake Web sites that appear to have the proper domain names.
This type of camouflage is the result of thieves hacking into the domain name system server, the machine that translates Internet domain names from easy-to-remember words like "lepak.com" into numerical addresses like "222.156.0.0" used by computers. An older term for such activity is domain spoofing.
When users visit the pharmed site, they don't feel in the slightest bit suspicious: everything looks fine. They are led into giving sensitive information such as passport numbers or credit card details in the ordinary course of business. That this is then stolen by the thieves is something they'll only find out later.
Solution: To thwart pharmers, some sites offer certificates. When you visit these, you see a dialogue box asking you if you want to trust the certificate. If the details of the certificate don't look right, leave!
