Kaspersky Lab: Antivirus Software and Free Online Virus Scan
Free Trials|Site Map

HomeThreatsReading RoomYour Guide To Staying Safe Online
Threats

Windows 7 compatible

Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 are now fully compatible with Microsoft’s newest operating system. Read more

Free update: for users who already have a valid license and would like to download a Windows 7 compatible version, click here.

Your Guide To Staying Safe Online

Author: David Emm, Senior Technology Consultant,
Kaspersky Lab

Why Have We Produced This Guide?

The 'Stay Safe Online' guide uses plain English to explain the potential dangers of being online, and how to stay protected. This comprehensive guide covers 'traditional' threats, such as spam and worms, through to the biggest threats facing home PC users today - phishing attacks and crimeware. The aim of this guide is to help you protect yourself from cyber attacks.

These attacks are increasing in frequency (the number of computer threats has doubled in the last year). They have also become more sophisticated in recent years, as traditional viruses, worms and Trojans have been replaced by crimeware, i.e. malicious programs used by cyber criminals to make money.

However, while the risk to home PC users from online attacks continues to grow, if you follow the simple precautions outlined in this guide there is no reason why surfing the Internet should not continue to be an enjoyable, productive and worry-free experience.

There's a glossary at the end, to help explain the technical terms used in this guide.

What's The Risk?

Unfortunately, the moment you connect your PC to the Internet it becomes a potential target for cyber criminals. Just as an unprotected home offers easy pickings for burglars, an unprotected PC is an open invitation to the writers of malware (short for malicious software) and the cyber criminals who work with them.

From Cyber Vandalism To Crimeware

Until a few years ago, the threat to PCs generally took the form of cyber vandalism. This was mostly the result of programs designed as an anti-social form of self-expression exploiting computer technology. Few of them were deliberately written to cause harm, although a small number caused damage to data or made the computer unusable (quite often as a side-effect, rather than by design). The bulk of malicious programs in circulation at this stage were viruses and worms.

Today, by contrast, the greatest threat comes from crimeware. The criminal underground has realised that malicious code can be used to make money in our constantly connected world and they use it to steal confidential data (logins, passwords, PINs, etc.) to make money illegally. Most of the programs used for this purpose are Trojans. There are many different types of Trojan. Some record which keys you press, some take a picture of your screen when you visit a banking web site, some download additional malicious code, and some provide a remote hacker with access your computer. However, they all have one thing in common: they allow cyber criminals to harvest your confidential information and use it to steal your money.

More And More Threats

Cyber threats are not just getting more sophisticated, there are more of them. The number of threats has doubled in the last year alone. Kaspersky Lab anti-virus databases now hold over 340,000 records (as of June 2007) with more than 450 new records being added every day.

What Happens When You Have Malicious Code On Your Computer?

Just like other software, malicious programs are designed to behave in a particular way and carry out certain specific functions. They have exactly the same limitations as any other program. What they do depends on what the malware author has coded them to do.

In the past, viruses often had no payload: they were simply designed to spread. However, some caused unintended side-effects (as a result of poor programming). A relatively small number were designed to delete files from the disk, write garbage to whole sections of the disk, or cause slow corruption of data. They could be a nuisance, or they could cause loss of data. However, they seldom tried to harvest data for later use.

In contrast, today's malicious code is typically designed not to damage data on the victim's computer, but to steal it. This is why many Trojans are referred to as spyware: they're installed stealthily, without your knowledge or consent, and they monitor your actions day after day. They are deliberately designed to be inconspicuous and they hide their tracks using programs called rootkits. As a result, you can't see them with the naked eye: everything appears to run normally.

Hacker Attacks

Today's applications are very complex, compiled from thousands of lines of code. And they're written by humans, who are fallible. So it's hardly surprising that they contain programming mistakes which can make them vulnerable to attack. These loopholes are used by hackers to break into systems; they are also used by authors of malicious code to launch their programs automatically on your computer.

The term hacker was once used to describe a clever programmer. Today, it's applied to those who exploit security vulnerabilities to break into a computer system. You can think of it as electronic burglary. Hackers regularly break into both individual computers and large networks. Once they have access, they steal confidential data or install malicious programs. They also use compromised computers to distribute spam or flood another company's web servers with network traffic. Such Denial-of-Service (DoS) attacks are designed to make the site inaccessible and damage the company's business.

Cyber criminals, of course, want to maximise the return on the time and effort they've put in, so they target the most widely used systems. That's why, for example, hackers focus so much attention on Microsoft® Windows®: it's the operating system used by the vast majority of people.

How Can I protect my computer from malicious code and hacker attacks?

There are several steps you can take to protect your computer from today's cyber threats. Following the simple guidelines below will help minimise the risk of attack:

  • Install security software on your computer.
  • Check it includes the following components for comprehensive protection:
    • Anti-virus
    • Anti-spyware
    • Anti-phishing
    • Personal firewall
    • Intrusion prevention
    • Anti-spam
    • Proactive technologies to defend against new, unknown threats
  • Update your security software regularly (i.e. at least once a day).
  • In addition to relying on real-time protection, scan your system at least once a week.
  • Always install security patches for your operating system and applications. If you use Microsoft® Windows® you don't need to remember to do this every month: simply switch on Automatic Updates in Security Center (this can be found in Control Panel).
  • If you use Microsoft® Office, remember to update this regularly too.
  • If you receive an email with an attached file (Word documents, Excel spread sheets, EXE files, etc.) don't open them unless you know who sent them and only then if you're expecting them. NEVER open an attachment sent in an unsolicited (spam) email.
  • Only use your computer's Administrator account if you need to install software or make system changes. Instead, create a separate account with only limited access rights, for everyday use (this can be done using User Accounts in Control Panel). This is important because when malicious code attacks, it will assume your access rights. If you're logged on with administrator-level access, that's what the virus, worm or Trojan gets too, and the malicious program will have access to vital system data.
  • Backup your data regularly to a CD, DVD, or external USB drive. If data on your computer's hard disk has been damaged or encrypted by a malicious program, a backup will ensure that you don't lose the data. You should also remember that your computer, like any household appliance, is a machine and therefore has a limited life span.

What Is Phishing?

Phishing is a specific type of cyber crime that is designed to steal your personal identity data and financial credentials.

Here's how phishing works: cyber criminals create a fake web site that looks just like a bank's web site (or any web site that conducts online financial transactions). They then try to trick people into visiting this site and typing in their confidential data, such as their login, password or PIN. Typically, they do this by sending out large numbers of emails which appear to come from a particular bank or financial institution, and which contain a link to the fake site. Of course, many people who receive the email are not customers of the bank in question. However, only a small percentage of the large number of people who get the email need fall for the scam for the cyber criminals to make money.

If you click on the link, you're taken to the fake web site and asked to type in your details. Such emails often try to put you off your guard by using the real bank's style and logo, by using a link that resembles the real bank's URL or by including your name to make it seem as though the email is addressed to you personally. The email usually gives a fake reason for sending you the email and asking you for your personal details: the bank is conducting random security checks, or the bank has made changes to its infrastructure and need everyone to re-confirm their details.

When you enter your details on a fake website, they'll be recorded and sent to the cyber criminals running the scam. And once they have your details, they'll use them to take money from your account. Often they withdraw just a small amount, so as not to arouse suspicion. Of course, there are lots of potential victims, so they only need a small amount from many accounts to generate a large profit.

How can I protect myself from phishing attacks?

The following guidelines (together with the advice given above about protecting your computer from malicious programs and hacker attacks) will help you minimise the risk of getting caught by phishers:

  • Be very wary of any email message that asks you to disclose personal information. It's extremely unlikely that your bank will request such information by email. If you receive an email which claims to be from your bank, call them to check
  • Don't click on links in HTML emails in order to get to a web site: cyber criminals can hide the URL of a fake web site behind a link that looks legitimate. Instead, type the URL into your web browser yourself. Or consider configuring your email reader to use plain text only, since this trick doesn't work in plain text.
  • Don't complete a form asking for personal information in an email. Only enter such data using a secure web site. How can you tell a web site is secure? Check that the URL starts with 'https://' and look for the padlock symbol in the lower right-hand corner of the web browser. Since it's possible for a phisher to fake both of these items, you should double-click the padlock and check that the address shown in the security certificate matches the one shown in the web browser address bar. If you're in any doubt, use the telephone to transact your business.
  • Check your bank accounts regularly (including debit and credit cards, bank statements, etc.), to make sure you can account for all the transactions. Report anything suspicious to your bank immediately.
  • Check any dates mentioned in the body of the email. Be suspicious if an email contains a reference to a date that has already passed: for example, if the deadline specified for you to take action has already passed.
  • Be suspicious if an email is not addressed to you personally: for example, if it begins 'Dear Valued Customer', or something similar.
  • Be suspicious if you're not the only recipient. In the very unlikely event that your bank does communicate with you by email about your personal account, it will not send the email to other people.
  • Spelling mistakes, poor grammar and syntax and other clumsy use of language are typical of phishing emails.

What Is Ransomware?

Ransomware is malicious code used by cyber criminals to extort money. The virus, worm or Trojan encrypt the data on the hard disk. It also creates a 'readme' file; the text in this file tells the victim that if they want to get the data back they will have to transfer money to the author of the program using the specified e-payment service.

How can I protect myself from ransomware?

  • Follow the advice given above on protecting your computer from malicious programs and hacker attacks.
  • Backup your data regularly. Kaspersky Lab has been able to recover the data encrypted by the ransomware programs we've seen so far. However, cyber criminals are using more and more sophisticated levels of encryption, so it's possible that in the future it will not be possible to recover encrypted data. However, if you have a backup, you will not lose any data.
  • NEVER pay money to a cyber criminal. If you do not have a backup of your data, contact your anti-virus vendor's technical support department: it's likely that they will be able to help you recover the data.

What Is A Rogue Dialer?

Rogue dialers are programs that divert your computer's modem to a premium rate phone number, instead of the normal number you use to connect to your ISP. These programs are installed without your knowledge or consent and they operate secretly. The first indication of infection may be when the phone bill arrives and it's substantially larger than normal. There will also be premium rate telephone numbers listed on your bill that you know you haven't called.

Since rogue dialers use a computer's modem, they only target people with a dial-up connection. If you connect to the Internet using broadband, rogue dialers will not work. However, when you switch from dial-up to broadband, be sure to disconnect your modem cable from the telephone socket and remove any dial-up icon from your desktop. This will ensure you don't accidentally use your dial-up connection. Don't worry, if you ever need a dial-up connection again (if your broadband connection is interrupted temporarily, for example), simply reconnect the modem cable to the telephone socket and use Start | Settings | Network connections to run the dial-up connection.

How can I protect myself from rogue dialers?

Simply contact your telephone service provider and put a ban on all telephone numbers beginning with '09'.

If you think you have already fallen victim to a rogue dialer, report the suspect number(s) to ICSTIS (www.icstis.org.uk), the regulatory body for premium rate telephone services.

What Is A Wireless Network?

Most computers today are wireless-enabled: in other words, they are able to connect to the Internet (or another wireless-enabled device) without a physical network cable. The major benefit, of course, is that you can use your computer anywhere in the house or office (as long as it's within range of your wireless router). However, there are potential risks unless you secure your wireless network.

  1. A hacker could intercept any data you send and receive.
  2. A hacker could get access to your wireless network.
  3. Another person could hijack your Internet access.

How do I secure my wireless network?

There are some simple steps you can take to secure your wireless router and so minimise these risks:

  • Change the administrator password for your wireless router. It's easy for a hacker to find out the manufacturer's default password and use this to access your wireless network. Avoid using a password that can be guessed easily: follow the guidelines provided in the section below on choosing a password.
  • Enable encryption: WPA encryption is best, if your device supports it (if not, use WEP).
  • Switch off SSID (Service Set Identifier) broadcasting, to prevent your wireless device announcing its presence to the world.
  • Change the default SSID name of your device. It's easy for a hacker to find out the manufacturer's default name and use this to locate your wireless network. Avoid using a name that can be guessed easily: follow the guidelines provided in the section below on choosing a password.
  • Follow the advice given above on protecting your computer from malicious programs and hacker attacks.

What Is Spam?

Spam is anonymous, unsolicited bulk email, the electronic equivalent of junk mail delivered through the post.

Spam makes up approximately 70% - 80% of all email sent and Kaspersky Lab analysts process between 300,000 and 600,000 spam emails daily. Spam is used to advertise goods and services. Spammers send out large volumes of email and make money from those who respond.

Typically only a very small number of recipients respond, but this is enough for spammers to make a profit. It's time-consuming and frustrating to have to wade through junk email. It also clogs up your mailbox and absorbs bandwidth and storage space. However, there's another important point: spam can carry malicious programs. Spam emails may come with an infected attachment, or they may contain a link to a web site which contains a malicious program. (This code may download automatically when you visit the site and infect your machine if your computer is missing a security patch).

Spammers use botnets to distribute their emails. Botnets are networks of computers that have been taken over by cyber criminals using Trojans or other malicious code. The victim doesn't realise that the spammer can control their computer remotely, but the infected machines automatically send junk email to others. Of course, if you use a good anti-virus program, this will minimise the risk of your computer being taken over in this way.

How can I protect myself from spam?

How can I protect myself from spam?

The following guidelines (together with the advice above on protecting your computer) will help minimise the amount of spam you receive:

  • Don't respond to spam emails. Spammers often verify receipt and log responses, so responding simply increases the risk of receiving more spam.
  • Don't click on 'Unsubscribe' links. This will confirm that your email address is active, and spammers will target it in the future.
  • Use multiple email addresses. Keep one for personal correspondence and at least one other for public forums, <a href="reading_room?chapter=207716786#33">chat rooms", mailing-lists and other public web sites or services.
  • Make your private email address difficult to guess. Spammers use combinations of obvious names, words and numbers to build possible addresses. So be creative and avoid using just your first name and last name.
  • Avoid publishing your private address anywhere public. If you have no choice, mask the address so it can be picked up by automated tools used by spammers to gather email addresses from the Internet. For example, write 'joe-dot-Smith-at -mydomain-dot-com', instead of 'joe.smith@mydomain.com'.
  • View your public address(es) as temporary. If you start receiving spam, simply change your address.

Why Are Passwords Important?

One important way to safeguard confidential information is to use a password to prevent other people from accessing your personal data (bank account details, etc.).

This has become more important as Internet use has increased. There are more Internet users than ever before, and we're using it for a far wider range of activities, including online banking, online shopping and online research. Increasingly, we're also using the Internet to socialise. In the last few years there's been a massive growth in the number of social networking sites such as Friends Reunited, Match.com, MySpace etc. Members share all kinds of personal details as well as music, pictures, and videos.

Unfortunately, the more personal details we make available, the more exposed we are to online identify theft. Identity theft is when a criminal steals confidential personal data that lets them fraudulently obtain goods and services in the victim's name. The criminal could, for example, open a bank account, obtain a credit card or apply for a driving licence or passport. Or they could simply steal money directly from the victim's bank account.

Given that passwords protect such valuable data, they're clearly very important. You should protect all your online accounts with a password. However, you have to be careful when choosing passwords.

What should I think about when I choose a password?

The following guidelines will help you choose a password that can't be easily guessed:

  • Make passwords memorable, so you don't have to record them anywhere. This includes storing them in a document or spreadsheet on your computer (because the file can be deleted, damaged, or stolen by cyber criminals).
  • Don't tell anyone your password. If an organisation contacts you and asks for your password, even by phone, you don't have to give them any of your personal details: after all, you don't know who's at the other end of the telephone line.
  • If an online store, or any web site, sends you an email confirmation that contains a new password, login again and change your password immediately.
  • Don't use obvious passwords that can be easily guessed, such as your spouse's name, your child's name, pet's name, car registration, postcode etc.
  • Don't use real words that a hacker or cyber criminal can find in a dictionary.
  • Use a mixture of uppercase and lowercase, numbers and non-alpha-numeric characters such as punctuation marks.
  • If possible, use a pass phrase, rather than a single word.
  • Don't use the same password for multiple accounts.
  • Don't recycle passwords, e.g. don't use 'password1', 'password2', password3', etc. for different accounts.
  • Check that your Internet security software blocks attempts by cyber criminals to intercept or steal passwords.

Maintaining Child Safety Online

First you should think about the possible dangers they face. These include the following:

  1. So-called 'drive-by infections' (i.e. malicious programs that download automatically when a compromised web site is viewed).
  2. The risk of infection through peer-to-peer (P2P) file-sharing programs that give others access to your computer.
  3. Unwanted advertising, including pop-ups and adware programs: these are sometimes installed automatically with freeware programs that are available for download on the Internet.
  4. Sexually explicit (or other inappropriate) content.
  5. Children may be tricked into disclosing personal information (about them or you).
  6. Children may download pirated material (e.g. music or video files).
  7. Children may be targeted by online bullies.
  8. Children may be approached (in Internet chat rooms, for example) by paedophiles.

How can I help my child stay safe online?

There are things you can do to minimise the chance of them being exposed to these dangers.

  • Talk to your children about the potential dangers they face.
  • If possible, locate your computer in a family room and try to make the computer a shared family experience.
  • Encourage your children to talk to you about anything they experience online that upsets them or makes them feel uncomfortable.
  • Provide guidelines for them on what they may, or may not, do. Here are some of the things you should think about (remember that the answers may change as your children get older).
    • Is it OK to register on social networking or other web sites?
    • Is it OK to make online purchases?
    • Is it OK to use instant messaging programs? If the answer to this is 'yes', make sure your children understand they should not chat to unknown users.
    • Is it OK to visit Internet chat rooms?
    • Is it OK to download music, video or program files?
  • Follow the guidelines above for protecting your computer from malicious programs and hackers and explain to your children how this helps protect them.
  • Restrict the content that can be accessed from your computer. Many Internet security solutions let you do this. In addition, Internet. Explorer includes a Content Advisor that can help you do this (this can be found under Tools | internet Options | Content).

Dealing With A Compromised PC

It's not always easy to tell if your computer has been compromised. More than ever before, the authors of viruses, worms, Trojans and spyware are going to great lengths to hide their code and conceal what their programs are doing on an infected computer. That's why it's essential to follow the advice given in this guide: in particular, install Internet security software, make sure you apply security patches to your operating system and applications and backup your data regularly.

What should I do if my computer has been compromised by a virus, worm or Trojan?

It's very difficult to provide a list of characteristic symptoms of a compromised computer because the same symptoms can also be caused by hardware and/or software problems. Here are just a few examples:

  • Your computer behaves strangely, i.e. in a way that you haven't seen before.
  • You see unexpected messages or images.
  • You hear unexpected sounds, played at random.
  • Programs start unexpectedly.
  • Your personal firewall tells you that an application has tried to connect to the Internet (and it's not a program that you ran).
  • Your friends tell you that they have received email messages from your address and you haven't sent them anything.
  • Your computer 'freezes' frequently, or programs start running slowly.
  • You get lots of system error messages.
  • The operating system will not load when you start your computer.
  • You notice that files or folders have been deleted or changed.
  • You notice hard disk access when you're not aware of any programs running.
  • Your web browser behaves erratically, e.g. you can not close a browser window.

Don't panic if you experience any of the above. You may have a hardware or software problem, rather than a virus, worm or Trojan. Here's what you should do:

  • Disconnect your computer from the Internet.
  • If your computer is connected to a local area network, disconnect it from the network.
  • If your operating system will not load, start the computer in Safe Mode (switch on the computer, press and hold F8, then choose Safe Mode from the menu), or boot from a rescue CD.
  • If you don't have a recent backup, back up your data.
  • Make sure your anti-virus signatures are up-to-date. If possible, don't use your computer to download updates, but use a friend's computer, or a work computer. This is important: if your computer is infected and you connect to the Internet, a malicious program may send important information to a remote hacker, or send itself to people whose email addresses are stored on your computer.
  • Scan the whole computer.
  • If a virus, worm or Trojan is found, follow the guidelines provided by your anti-virus vendor. Good anti-virus programs provide the option to disinfect infected objects, quarantine objects that may be infected, and delete worms and Trojans. They also create a report file that lists the names of infected files and the malicious programs found on the computer.
  • If your anti-virus software doesn't find anything, your machine is probably not infected. Check the hardware and software installed on your computer (remove any unlicensed software and any junk files) and make sure you have the latest operating system and application patches installed.
  • If you have any problems removing files, check your anti-virus vendor's web site for information on any dedicated utilities that may be needed to remove a particular malicious program.
  • If necessary, contact your anti-virus vendor's technical support department for further advice. You can also ask them how to submit a sample file for analysis by a virus researcher.

A Final Note About Identity Theft

Remember that offline security is important too. Physical data can be used by identity thieves to access online accounts. Invest in a shredder (ideally a cross-cut shredder) and destroy any document that includes personal data (name, address, date-of-birth, etc.) before you throw it away.

Glossary Of Terms

Adware

The general term applied to programs that either launch advertisements (often pop-up banners) or re-direct search results to promotional web sites. Adware is often built into freeware or shareware programs: if you download a freeware program, the adware is installed on your system without your knowledge or consent. Sometimes a Trojan will secretly download an adware program from a web site and install it on your computer. If your web browser isn't up to date, and contains vulnerabilities, hacker tools (often referred to as Browser Hijackers because they subvert the web browser to install a program without your knowledge), can download adware to your computer. Browser Hijackers may change browser settings, re-direct incorrectly typed or incomplete URLs to a specific site, or change the default homepage.

They may also re-direct searches to pay-to-view (often pornographic) web sites. Typically, adware programs do not show themselves in the system in any way: there will be no listing under Start | Programs, no icons in the system tray and nothing in the task list. They seldom come with a de-installation procedure. Attempts to remove them manually may cause the original carrier program to malfunction.

Botnet

The term used for a network of computers controlled by cyber criminals using a Trojan or other malicious program.

Chat room

This is a way of communicating online, in real time. All the user has to do is type his/her message. As the name suggests, anyone in the same chatroom can participate in the conversation.

Crimeware

Any malicious program used by cyber criminals to make money.

Denial-of-service

A Denial-of-Service (DoS) attack is designed to hinder or stop the normal functioning of a web site, server or other network resource. There are various ways for hackers to achieve this. One common method is to flood a server by sending it more requests than it is able to handle. This prevents it from operating normally, and may crash the server completely.

A distributed-Denial-of-Service (DDoS) attack differs only in the fact that the attack is conducted using multiple machines. The hacker typically uses one compromised machine as the 'master' and co-ordinates the attack across other, so-called 'zombie', machines. Both master and zombie machines are typically compromised by exploiting a vulnerability in an application on the machine, to install a Trojan or other piece of malicious code.

Hacker

This term was originally used to describe a talented programmer. It now refers to those who exploit security vulnerabilities to break into a computer system.

Instant messaging

Instant Messaging (IM) programs provide a way of communicating, in real time, with other people in your personal contact list.

Internet

The Internet (sometimes referred to as 'the Net') is a global system of connected computer networks.

The Internet grew out of the ARPANET. This was set up in 1969 by the US government agency ARPA (Advanced Research Projects Agency) to connect academic and research organizations via computer networks.

Today, the Internet is made up of the countless computers around the world that connect to each other using the public telecommunications infrastructure. Holding the structure together is TCP/IP (Transmission Control Protocol/Internet Protocol): TCP splits data into packets for transmission across the Internet and re-assembles them at the other end. IP addresses the packets to the right location.

There are other protocols layered on top of TCP/IP which provide specific functions to users on the Internet. These include FTP (for file transfer) SMTP (for email) and HTTP (for transferring data across the World Wide Web).

ISP

An ISP (Internet Service Provider) provides users and organizations with access to the Internet. The ISP typically has what's known as a 'point of presence' on the Internet: they have the equipment necessary to provide Internet access to many users and a dedicated IP address. Some ISPs rely on the infrastructure of telecoms providers, other have their own dedicated leased lines.

Keylogger

These are programs which record key presses and can be used by a hacker to obtain confidential data (login details, passwords, credit card numbers, PINs, etc.). Backdoor Trojans typically come with an integrated keylogger.

Malware

This is short for malicious software. The term refers to any program that is deliberately created to perform an unauthorized, often harmful, action.

Peer-to-peer

The term peer-to-peer (P2P) refers to a temporary connection shared by users running the same application. This enables the users to share files which are on each other's computers (P2P is typically used to share music, video or other files over the Internet; Napster, Gnutella and Kazaa are all well-known file sharing applications).

Phishing

Phishing is a very specific type of cyber crime designed to trick users into disclosing their personal financial details. Cyber criminals create a fake web site that looks just like a bank's web site (or any other web site where online financial transactions are conducted e.g. eBay). They then try to trick people into visiting this site and typing in their confidential data, such as their login, password or PIN. Typically, the cyber criminals send out a large numbers of emails containing a hyperlink to the fake site.

Ransomware

Ransomware is malicious code used by cyber criminals to extort money. The virus, worm or Trojan encrypts data on the hard disk. It creates a 'readme' file; the contents of this file tell the victim that if they want the data back they will have to send money to the author of the program using a designated e-payment service.

Rogue Dialer

Rogue dialers are programs that divert the computer's modem connection from the normal number you use to connect to your ISP (Internet Service Provider) to a premium rate phone number. Such programs are installed without your knowledge and consent and they operate in stealth mode. The first time you notice anything amiss will probably be when the phone bill arrives and it's substantially bigger than normal. There will also be premium rate telephone numbers listed on the bill that you don't recognize.

Rootkit

This term describes a collection of programs used by a hacker to evade detection while trying to gain unauthorized access to a computer. The term originated in the Unix world, although it has since been applied to the techniques used by authors of Trojans that run under Microsoft® Windows® to conceal their actions. Rootkits have been used increasingly as a form of stealth to hide Trojan activity. The fact that many users log into their computers with administrator rights, rather than creating a separate account with restricted access, makes it easier for rootkits to be widely used.

Spam

Spam is anonymous, unsolicited bulk email, the electronic equivalent of junk mail.

Spyware

As the name suggests, this is software designed to harvest data from a computer and forward it to a third party without the consent or knowledge of the computer's owner. Such programs may monitor key presses, collect confidential information (passwords, credit card numbers, PIN numbers, etc.), harvest email addresses or tracking browsing habits. In addition to all of this, spyware inevitably affects network performance, slowing down the computer.

Trojan

The term Trojan refers to the wooden horse used by the Greeks to sneak inside the city of Troy and capture it. The classic definition of a Trojan is a program which can't spread by itself and appears to be a legitimate application but does something harmful on the victim computer.

The fact that Trojans can't spread by themselves distinguishes them from viruses and worms. In the early days, Trojans were relatively uncommon since the author had to find some way of distributing the Trojan manually. The widespread use of the Internet and the development of the World Wide Web provide an easy way to distribute Trojans widely.

Today, Trojans are very common. They are typically installed secretly and deliver their malicious payload without the user's knowledge. There are many different kinds of Trojan, all purpose-built to carry out a specific malicious function. The most common are Backdoor Trojans (often they include a keylogger), Trojan Spies, password stealing Trojans and Trojan Proxies that convert your computer into a spam distribution machine.

Virus

Today the term virus is often loosely used to refer to any type of malicious program. Strictly speaking, however, a virus is defined as program code that can copy itself, either within the computer, or to other machines.

Vulnerability

The term used to describe a bug or security flaw in an application or operating system that lets a hacker break into a computer. The hacker creates code that is tailored to make use of a specific vulnerability.

Once a vulnerability has been identified (either by the developer of the software or someone else) the vendor of the application typically creates a patch to block the security hole. As a result, vendors, security experts and virus writers are in constant competition with each other to see who can find new vulnerabilities first.

World Wide Web

The Internet is a global system of connected computer networks. The World Wide Web (WWW for short) is what makes it easy to access the vast pool of information stored on the Internet. It presents the data in a graphical way and makes it easy to browse.

The World Wide Web was developed by Tim Berners-Lee, a British software consultant who was looking for a way to track associations between pieces of information using a computer (much like a thesaurus does manually). He developed the idea, and the standards, to allow the sharing of data across the Internet. He created HTML (Hypertext Markup Language) as the standard method for coding web content. He designed an addressing scheme (the URL or Universal Resource Locator, e.g. http://www.kaspersky.co.uk/) for locating web content. And he created HTTP (Hypertext Transfer Protocol) as the standard for transferring web content across the Internet. The World Wide Web as we now know it appeared in 1991 and has continued to grow since.

Tim Berners-Lee founded the World Wide Web Consortium (the W3C), the body that sets WWW standards. The W3C defines the World Wide Web as 'the universe of network-accessible information, an embodiment of human knowledge'.

Worm

Worms are generally considered to be a subset of viruses, but with certain key differences. A worm is a computer program that replicates, but does not infect other files: instead, it installs itself on a victim computer and then looks for a way to spread to other computers.

In the case of a virus, the longer it goes undetected, the more infected files there will be on the computer. Worms, however, create a single instance of their code. Moreover, worm code is stand-alone rather than being added to existing files on the same disk.

Useful Websites
Technical Support
Downloads 		Home & Home Office Products for Business
Services for Business 		About Us Partners
Kaspersky Anti-virus Logo
Copyright © 1997 - 2009 Kaspersky Lab.
All rights reserved. Industry-leading Antivirus Software
Site map|Privacy policy|Contact us|Send us a suspected virus