Malware is any kind of software that performs unwanted actions on a user’s computer. Malware is a general term used to describe spyware, viruses, Trojan horses and other security compromising software.
Spyware is a type of malware that is installed on a computer without the users’ permission in order to collect information from the user. Spyware can collect several types of information:
- Keys typed
- Web sites visited
- Camera images
- Sounds received by the microphone
A virus is a type of malware that is installed on a computer without the users’ permission. A Virus can makes copies of itself, consuming resources until it impacts system performance. Some viruses can transmit themselves across networks to infect other computers.
A Trojan (or Trojan Horse) is a type of malware that appears to perform a desirable function, but instead drops a malicious payload. Trojans often include a backdoor allowing unauthorized access to the target computer
Social engineering is the act of psychological manipulation of people into performing actions or divulging confidential information.
Phishing is a social engineering technique whereby hackers send authentic-looking emails to a user in order to persuade the user to share valuable information, generally for use in identity theft or other fraud.
Spear phishing is a type of phishing attack that focuses on a single user, department or organization. Attackers may gather personal or organizational information about their target to increase their probability of success. Spear phishing emails may even appear to come from someone within the company.
Spam is generally considered to be any unsolicited email you receive that tries to sell you something.
If you register at a web site or buy something online, there is usually a form requiring your email address. Lots of these sites have a pre-checked box (often hidden somewhere on the page), that asks if you would like future information from the company. Although this email is annoying, since you technically asked them to send it to you, it isn’t spam.
A firewall is a piece of hardware that examines all traffic destined to a network of computers. It applies filter rules to try to remove malicious traffic before it can reach a user’s computer. A firewall is also a piece of software that runs on an end-users computer to block un-wanted outside connections.
There is a particularly destructive piece of malware circulating via email named CryptoLocker. You can read up on it at Sophos Labs Blog by clicking here.
A quick overview –
- CryptoLocker is Ransomware, it controlled by the miscreants and is required to decrypt the files.
- CryptoLocker will also encrypt files saved on shared drives or connected removable drives (including online services such as dropbox)
- According to the notification, the private key will be deleted if they haven’t received payment within a certain period of time.
- The CryptoLocker malware can be removed, but at this time, there is no way to decrypt your files once they have been encrypted.
Basic tips to stay safe using email –
- Keep your operating system and software up-to-date
- Pay attention to links in incoming messages, they may point to malicious sites.
- Do not open an e-mail attachment unless you know what it is, even if it appears to come from someone you know. Confirm the attachment is from a trusted source.
- Disconnect backup devices when not creating backups.