What are some of the most basic security threats to your computer? Find out in this article, and learn drastic steps that can be taken to protect yourself and your system.

The IT security world has now enriched its vocabulary with such notions as spyware, adware, phishing, zombie PCs, spam robots, etc. Thus software protection from all that malware has appeared. Some developers offer specialized utilities, others supply whole packages of applications for deleting various malicious modules. These programs could be efficient, and thoroughly “clean” the system, if they could prevent zero-day threats from entering the PC.

Recently the amount of Internet threats to users’ PCs has risen disastrously. Last October, as a result of research lead under America Online and National Cyber Security Alliance initiatives, traces of spyware activity were found in more than 80% of users’ computers. The subject is relevant, so it’s time to talk about spyware, why users’ PCs are vulnerable and how to protect your computer from spyware attacks.

What is spyware?

Spyware is a general term used for software that traces user activity on the PC and collects personal info or confidential data without user consent. Spyware can register the websites you visit, the time of visits, all clicks on the keyboard (this is how credit card numbers and pin-codes are often stolen) or monitor and register secretly for software that is in turn installed on a PC.

The most dangerous spyware one which self replicates via e-mail, and installs itself without your consent using software bugs. Software intercepting e-mails and instant messages can collect and transmit confidential information to Internet, and are also dangerous and valid security concerns. Some software may also change parameters of installed security software without your consent. All this makes your computer vulnerable to spyware attacks. Depending on the type of spyware, some programs may warn the developer about users running applications on their PCs, while others are able to make holes for intrusion into the system, or set the modem to make calls, which the PC owner will eventually be billed for. Recently, some shareware programs have been referred to as spyware, such programs extract files from your computer without your consent. One of the most dangerous features of spyware is the ability to transmit collected information to the developer’s PC.

Spyware can enter your PC in a number of different ways. The most common is via e-mail or a Web browser. Also such software may be integrated into “useful” software and downloaded at the moment of “useful” program start-up. Generally such programs are integrated into popular free software, which are downloaded from the Internet, or distributed on CDs attached to magazines.

Why spyware is dangerous?

Spyware doesn’t have much influence on the way your PC runs. Usually, it doesn’t contain viruses, however it can consume a huge amount of system resources. Spyware brings lots of damage in the sense of data confidentiality. Spyware programs register every user step, both inside the system and in the Internet. All information is delivered to the malefactor who collects data in his, not your, interest!

How do I protect my PC from spyware?

Most spyware programs are integrated into freeware that you have to install on your computer, but some are automatically downloaded when you enter a Web site. If a message pops-up on your screen proposing you install a program providing access to Web site content, don’t hurry to press “OK” without checking the software. If there is no need to install some special software to view the Web site, it’s better to refuse downloading extra software.

On some Web sites you can find lists of programs containing harmful spy modules. Looking through these lists can help you learn if such programs have been installed on your computer. Sometimes PC system behavior such as slow typing, periodical alarms of installed firewalls, registration queries to unknown Web sites, system and network efficiency reduction and suspicious file discovery may indicate that spyware is inside. The best way to protect your computer from spyware is to install specialized anti-spy software.

Security Tools

A firewall is considered to be the most popular tool to protect a computer from spyware. Firewalls are integrated into operating systems (OS) and permanently examine incoming and outgoing addresses to computer network ports. They analyse data packages coming to Internet ports and mail ports according to the type of request and the addressee. Most firewalls allow or deny some types of addresses, but this is a weak point because spyware may be integrated inside many packages or disguised as a Web browser. This type of spyware cannot be detected by a firewall, and gets inside the PC to start its malicious activity. Also, firewalls are usually resource-consuming, so the price for relative security is
your PC running much slower.

The problem of firewall relative protection is successfully solved by proactive security systems. Such systems analyze all application activity on the PC for its potential maliciousness, according to predefined rules of malicious or non-dangerous behaviour. In case of a real threat, proactive systems block dangerous programs before any damage to the OS is done.

An anti-spyware solutions called Safe’n’Sec+Anti-Spyware, is a special solution consisting of Safe’n’Sec behavior analyzer — which blocks previously unknown spyware (new modifications) — and the Anti-Spyware module, which detects already known spyware with the help of extended anti-spyware signature databases. This Anti-Spyware module has the option to delete malware from the user’s PC. The solution is absolutely compatible with any traditional security software installed on your computer. Anti-Spyware solutions efficiently protect your confidential data from unauthorized access, whether you work in the system or just browse the Internet.

I have recently written a lot on social networking and have been asked on many occasions to justify what I write about, so here goes:

Social Networking is popular and packed with features, and yet it offers so little to so many. The favourite timewaster for many office workers, sites such as Facebook and MySpace offer swathes of features to keep you clicking around on the site without achieving anything other than leaking your personal data. Creating a bad first impression of yourself for potential employers and ruining your eyes.

Facebook is undergoing a new look, and is still incredibly popular. It contains an enormous database of college-educated users who use the site to keep in contact (a bit like email but more onerous), play silly games that suck the time out of their lives and upload private details and photos that should be kept private.  Even with the newly designed interface, Facebook still neglect to keep your privacy safe.

However, even if you’ve hardened your profile, someone still has access to this data. That someone is just as faceless to you as the guy or girl you’ve never met but wants to be your friend. That someone is Facebook itself.

So who are the faces behind Facebook, and why are they running a site that is essentially a massive database of personal details, surrounded by millions of users? Why have 3 US firms invested $25 Million (£50 Million) in a site that lets you play Zombie games, own strangers photographs, rate people you don’t know and befriend a paedophile or mentally ill person. How committed are these people to protecting your personal data? In the US, the New York Attorney General doesn’t think it’s committed enough (more on this later).

You must add this cool Application

Applications that Facebook allows to use its API, are also a danger. How do you know that the app that you have just added and invited all your friends to use were written by real developers? They could have easily been created for use by organised crime syndicates, hackers or companies wanting to collect your personal data for illegal use like Identity Theft, or to sell your information to the highest bidder on eBay.

In our own words

Even Facebook itself admits that it can’t keep users’ personal information completely secure. It’s privacy page says: “We are not responsible for the circumvention of privacy settings or security measures contained on the site.” The data that Facebook claims little responsibility for includes files on users who have signed up, as well as information about users who have been invited to join by excising users, even if they themselves have not run through the registration process. This in itself is dodgy. If I send your email address to a website, there is no good reason why that site should store it forever.

In fact, Facebook won’t store your email address forever, in this circumstance. However, you do have to take the initiative and contact the site directly, requesting that it removes the data about you that you did not send. It may not even be your friend’s fault that they sent your email address to the company. Signing Up involves a system that, if you gave a Gmail or Google mail account, it requests your Gmail password. Submit this, which is easy to do without realising the consequences, and the site will rifle through all your contacts and invite each one to be your Facebook friend. I, myself find this diabolical in an age where privacy matters.

If you are the sort of person who is concerned about the privacy fallout (if you’re not, you should be) from using store cards, which enable large companies to buy data on your shopping habits (bet you didn’t know that), sites such as Facebook should have you quaking with paranoiac fear. Do what no-one else does and read all of Facebooks terms and conditions. If you do, you may dig out little juicy nuggets such as the paragraph where Facebook reserves the right to investigate you and store the results of its research electronically.

Specifically, the site warns that it “may also collect information about you from other sources, such as newspapers, blogs, instant messaging services and other users on the Facebook service”. If it does this, it’s hard to imagine why this will be for your own benefit and it’s easy to see how it could cause problems. If nothing else, it’s unclear who else will have access to this research and its unclear as to how easy it would be for you to discover its extent and accuracy.

So, are networking sites a threat to your privacy and are they dangerous?

Using the internet to socialise electronically will not help create a new circle of friends. In fact, many young users will attract unwanted attentions of adult predators, and the sites they use fail to provide sufficient protection. These are the findings of myself, and academic researchers along with the New York Attorney General’s Office.

Facebook and MySpace encourage users to link to each other as ‘friends’ thus the term Networking. But many habitually choose  to go and interact with complete strangers. I myself use Facebook to research how its users behave when contacted by a stranger, most want to befriend you after the first or second message. I realised though, that just because you’ve become ‘friends’ with someone online, it doesn’t mean you are actually friends.

It’s so very easy to be deceptive online. A profile may look like someone is a genuine person, but what secrets lie behind the stare of their monitors? Not enough is done to educate people of the dangers of faceless interaction. I could just as easily pretend to be a 13 year old girl, befriending a young female of around the same age. I could also be a middle aged man, bereaved at the loss of a loved one, looking for the comfort of a stranger, but my motives could be more sinister.

The information that users plaster within their profiles can be dangerous. Anyone with mediocre computer skills can use this information to actually track you down and physically stalk you, or do something unimaginable to you. An example of this; I bought a pay-as-you-go SIM card for my mobile phone and put the new number on my Facebook profile. Within a couple of days, I had Facebook users I didn’t know, calling and sending text messages to it. If you’re a parent, do you know who is calling your child’s phone? Or more to the point, do you know who they are actually talking to, or who those people are added as ‘Friends’ in their list?

Naivety is no excuse

Whilst all this may sound obvious, many users of internet social networking (and even instant messaging) exhibit extreme naivety and will happily share personal information with people who are, effectively anonymous strangers. In September of 2007, the New York Attorney General’s office subpoenaed Facebook, accusing it of failing to protect young users from sexual predators.

Facebook failed to respond to complaints and noted several defects in the sites safety controls. When undercover investigators used the site posing as underage children, they were targeted by predatory adults and were also able to access pornographic content including video footage. Meanwhile, it was also noted that 3 convicted sex offenders were using Facebook, and this is just the tip of the iceberg.

Face the music

Facebook has had problems protecting its own data in the past. In August 2007 Facebook’s site suffered from some configuration problems, the result of which was that some of the programming code driving the site was exposed to the public. This provided an insight into how the site works, which in turn put users’ personal data at risk.

Facebook’s statement to this was: “a small fraction of the code that displays Facebook WebPages was exposed to a small number of users due to a single misconfigured web server that was fixed immediately. It was not a security breach and did not compromise user data in any way”.