Like crimes in real life, dangers that threaten your Internet security come in several different forms. Some have rather immediate and apparent consequences, while others work more subtly, without you catching on until it's too late. We'll be going into detail about specific types of Internet dangers in later courses and tutorials, but for now, we'll outline some of the general Internet security threats that you should be aware of.
These are some of the most common Internet dangers, and have been around even before the Internet became available to the public. They usually come from downloading the files they're attached to, but some can come from simply visiting the wrong website. They all copy themselves when they work; what they do beyond that varies. They may simply copy themselves to slow a computer down or take up memory space, or they may include other code that instructs them to replace or otherwise erase other data on a computer. Some viruses may even create openings in a computer's security system so that other viruses (or people) can get in and steal or destroy information.
There are three common types of virus-like programs: your basic computer virus, a Trojan horse, or a computer worm.
A basic computer virus usually hides itself inside another program, perhaps one that someone uses every day. When the other program runs, the virus runs as well, copying itself to other programs, and then copying itself again when those programs are run. This slows down a person's computer, and may cause other damage.
A Trojan horse is an advanced type of computer virus that hides itself inside another computer program that is advertised to a person as normal or useful for helping their computer work. This tricks the person into installing it and/or running it, which releases the virus inside. The virus then proceeds to copy itself, and perhaps cause damage. A common version hides inside fake anti-virus software that is advertised to a person when they supposedly have a virus on their computer, when in reality they do not (this is often known as "scareware").
A computer worm is a type of computer virus that isn't hidden inside another computer program and, as such, does not require a program to run in order to copy itself. Instead, part of its own code causes it to actively seek out ways to copy itself over available computer networks. Again, like a basic computer virus, a computer worm may simply copy itself and slow networks down, or it may also perform other destructive acts. Computer worms are among some of the most dangerous computer viruses because they can act somewhat independently (when compared to basic computer viruses and Trojan horses), but they are relatively rare.
Some bad computer programs don't copy themselves and cause damage like viruses do. Instead, they collect information about what you do on your computer, often without your consent or knowledge. Some simply monitor the different websites you visit, and use those to display specific advertisements to you in your web browser, based on what they think you like. These programs are known as adware, and most of them are relatively harmless (besides being a little privacy-invasive and irritating). However, there are some that perform this function excessively in an attempt to slow down your computer, often by repeatedly opening pop-up windows.
Some very extreme forms of adware perform illegal surveillance, tracking things like passwords or personal and/or financial details when you type them into web pages or other computer programs. They often do so, and then transmit what they find to their creator, without your consent or knowledge. These kinds of programs are commonly referred to as spyware.
As we pointed out in our Advantages and Disadvantages of the Internet article, these threats are an unfortunate consequence of how easy it is to put information -- or misinformation -- on the Internet. As a result, they usually occur in email clients or on Internet message boards, or on websites where comments are allowed. They may occur on certain other websites, though.
Spam refers to the practice of placing (fake) advertisements, fake warnings about new computer threats, or other trivial or useless information within emails or Internet comments. These emails or messages are then distributed or published en masse. The idea behind it -- if not simply an irritating strategy to direct more people to a certain person's website -- is to disrupt a conversation or fill up a person's email inbox, thereby slowing the conversation or email service (and Internet connection) down. Many modern websites and email clients have measures to counteract this type of threat, but it is still seen in some places on some occasions.
See our How to Stop Spam Email tutorial for more information.
Phishing is a more dangerous (and, often, more targeted) type of spam where a person intentionally misrepresents their information in an email or chat room. Often, the information they provide looks like it comes from a legitimate source, such as a bank, retail store, or a popular brand or website (or an employee of one of these). The impersonator will then often tell their victim something like they've won a prize or there's a problem with one of their accounts. The impersonator will then say that, in order to claim the prize or fix the problem, the person has to provide confidential personal or financial information, or click a link to go to a certain website.
The goal of phishing is to get the victim to give out information that can be used to steal their identity and/or money. If the victim is told to visit a website, that website will often forcefully download spyware onto the victim's computer, which will then steal the victim's personal or financial information (or otherwise download a general virus to wreck the victim's computer).
See our Phishing Scams and Advance-Fee Fraud tutorials for more information.
There are other nasty tricks that cyber-criminals will use to wreck people's computers, steal their information, or just otherwise annoy them. Here are some examples:
Mousetrapping refers to an attempt to make it impossible for a person to leave a website. This may be accomplished through an extreme form of adware that continuously re-opens advertisements -- or copies of the website itself -- in new pop-up windows. It may also take advantage of tricks or other security flaws in a web browser to disable the browser's functions, especially ones that deal with navigating to different web pages or closing the browser.
Browser hijacking refers to when a cyber-criminal takes advantage of tricks or security flaws in a web browser (or perhaps uses a type of spyware) to forcefully switch a person's home page to a certain website, and prevent it from being changed. This artificially increases the number of visitors to that website, which may be useful for advertising purposes. It's also annoying for the victim, and it may also result in viruses or more spyware being forcefully downloaded to their computer.
Clickjacking is a technique that often goes hand-in-hand with phishing. It involves displaying a website or email to the victim that appears to be legitimate, and includes what appears to be a hyperlink to a legitimate web page. Meanwhile, there is an invisible hyperlink placed on top of the fake hyperlink, and clicking it takes the victim to a malicious web page, usually to forcefully download a virus or spyware. A way to avoid this is to have a look in one of the bottom corners of a browser; usually, when you move your mouse cursor over a hyperlink, it will display in one of these places. That way, you can see where you're really being taken.
Hacking (or cracking) is when cyber-criminals take matters into their own hands, personally disabling computer security systems by exploiting their weaknesses. However, this is usually a tedious process that is reserved for specific targets and specific purposes, such as substantial personal gain or to make a significant political statement. It rarely happens to average people.
Well, now that you know about some of the different ways that people can be attacked over the Internet, let's discuss some easy ways that you can keep yourself from falling prey to a cyber-attack.
Learn how to use
Was something in this tutorial missing, confusing, or out of date? Or did it give you all the information you needed, and you just want to say "thanks"? We'd love to hear what you thought!