SHCC WYSIWYG Article from November 2015

Previous Next

This article was written by Don VanSyckel, the club president, as a part of "The President's Pen".  This article appeared in the November 2015 WYSIWYG newsletter.

Phishing, Trojans, Spy-ware, and Ransom-ware

by Don VanSyckel

Despite all the information and warnings people are still being hit with phishing, trojans, spy-ware, and ransom-ware. These all attempt to part you and your money but in different ways. Some attempts combine features from more than one category.

Phishing is when you receive a request for information, most times from a company you've heard of. Many times you actually have dealings with the company which makes you all the more likely to respond. Companies will never request information from you via an email. Phishing has been expanded to the phone and you'll be asked for personal information to verify this or that. So don't bite because they will reel you in. Phishing doesn't install anything on your PC, it's transnational.

Trojans as in days of old, are delivered to you as a gift but contain something dangerous inside that you don't want. Trojans can do almost anything. They can find information of you hard drive and send it to it's home base. They can damage the information on your PC. They can delete files on your PC. Trojans install themselves so they run every time you boot your PC.

Spy-ware is generally not delivered openly and is moved in clandestinely. The goal of spy-ware is usually to steal information, your bank account password, your social security number, credit card numbers, etc. Many of the features of operation are the same as trojans above. Spy-ware installs itself on your PC just to keep an eye on you.

Ransom-ware is delivered either as a trojan or spy-ware but behaves so differently it is in a category all it's own. Once you receive ransom-ware and run it, it will sweep through the files on your hard drive and encrypt them. This involves reading each file in turn, encrypting the data, and rewriting the faile. Your data is not sent anywhere, just encrypted in place. As an added bonus some ransom-ware will read and remember the file time stamp and change the time stamp back to the original after it writes the encrypted version of the file. You should be alert to the noises you computer or hard drive is maaking. When ransom-ware is first run your hard drive will run constantly as it encrypts your data. Ransom-ware will somehow notify you that it has stolen your ability to access your data and explain to you how to pay the ransom. Of course once you pay there's no guarantee that you'll receive a password, if you do get a password is it the right one, if the password is the right one you still need to sweep through your hard drive and decrypt all the files.

The most popular ways to plant trojans, spy-ware, and ransom-ware on your PC is via some type of 'free' software, email, and websites, yes websites. Some of the difficulties with ransom-ware and infectious website is they are stationary contact points that investigators can target as a starting point to understand and investigate the infectious software. An infected PC can use the email and address book on the PC to send emails to everyone in the address book in an attempt to spread itself to new PCs.

Use a reputable browser. If the browser warning you about a web site, unless you know absolutely for sure (not likely) that the site is OK, pay attention to the browsers warning and don't go there. You might be betting your retirement account.

Don't click on links in emails unless you were expecting the email or you are familiar with the web site the link it to. Remember links do not necessarily go to where they state in the visible (prompt) part that is displayed. Most email clients and web browsers will display the actual site linked to when you hoover the pointer over the link. So hoover before you click and if the actual address doesn't make sense do not click the link.

I know it's not hip or trendy, but the old adage still holds true "if it sounds too good to be true, it is".

End of Article

Previous Next

To discuss the article with the author, send an email.

Article Index Page

Club members should contact the webmaster with comments and suggestions about this web site.