You turn on your computer and a message appears to tell you to update your Adobe Reader or iTunes or any software you have installed on your computer. You can't be bothered right now, so click the option to remind you later - it's a habit with these irritating messages, right? Then you have just opened yourself up to cybercriminals the world over. Congratulations!
No piece of software is perfect or can ever be perfect. These imperfections within the code can be exploited by hackers to gain access to your computer. Once an exploit is found, it is patched by the software company which then sends an update to its users. This is the update that you keep ignoring. Until you take the time to click 'Update', you are vulnerable to attack. Your apathy is what the hackers are counting on.
Following on from my last blog post, this time we will look at more types of malware and what can be done to avoid them.
If you have ever downloaded a free app, chances are you have encountered adware - a program that displays advertising in the apps you use. Some may also track the user's behaviour patterns to make sure the advertising is relevant to that user. Free apps are often adware, or are distributed with them, because it provides a way for the developer to offset the development cost through advertising revenue.
Most adware programs are not malicious in intent. Annoying perhaps, but usually harmless. They are just displaying advertisements ‒ not that much different from being shown commercials while watching your favorite television show. Unfortunately, there is a fraction of adware that crosses to the malicious side.
When adware leads the user to a malicious site, it is then categorised as malicious. Since adware is often bundled with other apps, tricky situations arises when the main application is clean but the adware is not. In addition, a malicious ad that appears today might be replaced with a clean one tomorrow. Because of these factors, it is hard to accurately categorise a piece of adware as entirely clean or malicious.
And then, there are some adware that fall in a grey area. They abide the rules and do nothing wrong, yet they may use sneaky tactics to convert the ads into sales revenue. This is where in-app purchases come into the mix. Often, this happens with apps aimed at children where parents have not set up password prompts to confirm every purchase.
Replication and spreading to as many computers as possible is the order of the day for worms. If your computer is on a network (at work, for example), it will use this as a means to spread further. It does this by relying on security failures where software and operating systems have not been updated and have known weaknesses. They may make your machine (and network) run slowly by taking up bandwidth, but the biggest worry is that they create a backdoor, allowing the worm writer to access your computer.
It is not just computers that get infected with malware any more. Mobile malware is on the rise, so it's important to use a mobile security app on your smartphone. This will protect against viruses, visits to malicious websites whilst browsing and often has additional child protection features for parents - pretty essential as tablets are as popular among children as they are with adults.
Android devices are at more risk from malware than Apple users, but that is not to say that Apple users with children wouldn't benefit greatly from safe browsing. Mobile malware will take control of your device, often without you knowing. Sometimes, cyber criminals use it to steal your content and blackmail you with it. Another ruse they have is to make your phone dial premium rate numbers in unregulated countries, racking up your bill.
There are two ways to protect yourself from mobile malware. The first is to be vigilant with the permissions you give new apps to your phone. Does a game really need to have access to your contacts? Does a music app need access to your location? If the answer is no, then don't give the permission. The second is to ensure you use a mobile security app. People are used to having this on their computers, but less so with mobile phones and this is what the cyber criminals exploit.
Scared? It's not all bad!
Hackers are a real threat now and this won't change. Luckily, there are crime fighters out there though. These are the men in tank tops in security labs around the world who are monitoring the Internet for criminal behaviour and work to halt them. Once a new piece of malware is discovered by one of these labs, it takes a matter of seconds for every computer with quality antivirus protection to be protected. So the solution is very simple for the user - use a proven security solution (check out AV-Test.org for independent recommendations) and keep your software up to date. A few minutes spent doing this will save a lot of time, money and embarrassment further down the line.Suggest a correction