There's a secret war going on inside your computer, and the prize is your bank account.
It didn't start out that way. Many early computer viruses were little more than practical jokes. One of the first viruses, whimsically named Elk Cloner, simply displayed a poem written by its creator.
Unfortunately, today's viruses and other attacks--known collectively as malware--clearly target your wallet, said Brendan Ziolo, vice president of marketing of Kindsight, an Ottawa, Ontario-based security firm. "What's changed is that the whole computer threat market has really become big business for the hackers." In the year ending July 2012, security firm Symantec estimated that malware and other cybercrime cost Internet users more than $110 billion worldwide.
What does malware do, and how can you stop it?
"It’s good for everyone to have at least a basic idea of threats and problems they can encounter on the Internet," asserts Ryan Naraine, a journalist and social media enthusiast specializing in Internet and computer security issues. In other words, know your enemy.
People don’t realize what actually happens when their computer is infected or when they click on a malicious link. They don’t always realize the threats: their identity, banking credentials, social media accounts can all be compromised, all by clicking one link.
Ryan Naraine, journalist specializing in Internet and computer security issues.
What It Is: The term "virus" is often used as a catch-all, but Symantec says that a true virus infects applications or documents.
What It Does: When infected files are shared, the virus comes along for the ride. When the file is opened, the virus infects other files on the host computer.
Why It’s Bad: Infected files may become unusable. Viruses may also infect system files or install malicious applications. "If your computer has a virus, it doesn't feel well, and it doesn't perform properly," says Ziolo.
What It Is: While a virus typically needs human assistance to spread, a worm spreads by itself -- and can so fast. In 2001, a worm known as Code Red infected more than 250,000 computers in nine hours.
What It Does: Think of a worm as a courier: it's the worm's "payload" that causes mayhem.
Why It’s Bad: That payload could be anything from a virus that damages your system to a keylogger that steals passwords as you type them.
What It Is: As the name implies, a Trojan poses as an app or website you want, hiding its true intentions.
What It Does: When you run the program, the Trojan begins carrying out its secret plan to infect your computer or steal data.
Why It’s Bad: Trojans harbor virtually every type of malware imaginable, from keyloggers to botnet infections. An infamous Trojan known as Zeus has delivered multiple payloads, including botnets and software that steal banking information.
What It Is: A botnet is a network of remotely controlled computers, sometimes numbering in the millions.
What It Does: The botnet infection turns your computer into a zombie, allowing a hacker to control it without your knowledge.
Why It’s Bad: A botnet creates a virtual zombie army capable of wreaking serious havoc. "Each computer isn't sending a lot of emails, but if there are millions of computers in that botnet, that's a lot of spam," says Ziolo. "Millions of computers performing ad click fraud could mean millions of dollars."
What It Is: A rootkit is so named becuase it gives a hacker "root access" to your computer--in other words, total control.
What It Does: While a botnet infection gives a hacker some control over your computer, a rootkit enables total control, just as if the hacker owned your computer.
Why It’s Bad: Difficult to detect or remove, a rootkit gives a thief open access to install other malware or retrieve important files. Most people first learned about rootkits when Sony secretly included one on music CDs that installed copy-protection software on PCs.
Adware and Spyware
What It Is: Often downloaded as a part of free software or a toolbar for your Web browser, adware displays ads within the app or browser while spyware tracks your behavior.
What It Does: Adware can display ads within an application or cover competitive ads on a website with its own. Spyware usually tracks your Web browsing, but might record personal information as well.
Why It’s Bad: What makes these programs malware is your lack of prior consent. "What defines spyware or adware is it's doing something the user didn't know about," said Ziolo.
Scareware and Ransomware
What It Is: Sometimes the threat of harm to your computer is what it takes for an unscrupulous character to make a buck, and that's exactly what these programs are about.
What It Does: Scareware displays a pop-up message warning of a harmful virus running rampant in your system, then offers to save the day -- if you buy this antivirus application right now. Ransomware is darker -- it may encrypt your files or block access to your system, demanding payment in return for granting you full use of your own computer.
Why It’s Bad: Is it really necessary to tell you what's wrong here?
These threats are no longer confined to your computer. Anti-malware protection is as important for your mobile devices as it is for your laptop. "Your smartphone, your tablet, your gaming system -- they're all vulnerable," says Ziolo. Any Internet-connected device is at risk."
The solution? Arm yourself with knowledge, for starters. And take a layered approach to protection that includes awareness, running security software, and following best practices to avoid malware.
Five Steps to Better Security
Anti-malware protection is an obvious and necessary step, but it takes more than "set-and-forget" security software to protect your system against today's wide variety of attacks. Here are the first steps you should take:
Upgrade Windows. While malware can be sophisticated, most cybercriminals aren't geniuses. Much of their software is still built for 32-bit operating systems. So step up to the 64-bit versions of Windows 7 or Windows 8, where even if a hacker tricks you into downloading a rootkit, it probably won't run.
Upgrade your browser. The only way to lose the browser wars is to keep using an old version. A modern browser includes up-to-date security features. Most threats make their way to your computer from the Web, so put as much security in their way as you possibly can.
Use strong passwords. To thwart modern password-cracking software, you absolutely need a different password for each place you log in--combining upper- and lower-case letters, special characters, and numbers. Use a password manager such as 1Password, LastPass or KeePass to not only create your passwords but also remember them for you.
Keep your software updated. Use Windows Update to update your system automatically. Most apps now have a "check for updates" option. If your apps are getting old, it might be time to invest in an upgrade, especially if the company has stopped supporting the version you're using.
Stay educated and vigilant. Ryan Naraine, a journalist who specializes in computer security issues, recommends using common sense when you're at the computer. "If something looks too enticing, it probably is malicious. Pay close attention to strange e-mails and never enter sensitive log-in details unless you're absolutely sure you're on the right website."