Malware is really any type of unwanted program that is designed to cause you harm in some way. Viruses are the most well-known type of malware, and you likely have some sort of anti-virus software on your computer to protect you (if you don’t have anti-virus software, or don’t update it regularly, get that done right now). However, there are other types of malware out that you may not be protected against. You may hear a number of different names to describe them—Trojan horses, spyware, or rootkits, for example—but they all share the goal of hiding on your computer and doing bad things to you. Probably the most dangerous thing that these programs are capable of doing is assisting crooks in stealing your money or your identity. For simplicity, we will refer to all of these programs as spyware.
Spyware can work in several different ways. It may monitor everything you type on the keyboard and send that information to the crook. So, any websites you have gone to, passwords you have entered, or card numbers you have entered would be available to the crook. They may also be able to identify other personal information on your computer that could be used for identity theft, and send that to the crooks as well. Other types of spyware are programmed to identify online banking and other financial websites that you may go to, and pop up extra screens that look like they are just part of the website. They may direct you to enter additional information that can then be sent back to the crook.
So how can you protect yourself? The best way is to not get infected at all. One common approach to infecting computers with spyware and other malware is to get you to go to a website that has been infected and can download malware to your computer. The site may look like it has some benign purpose (funny videos for instance), but can infect your computer without you knowing it simply by virtue of you visiting the site.
The next trick is to get you to go to these malware-infected websites. The crooks may distribute a spam e-mail that directs you to the site, or put links in public message forums or comment sections of blogs and news sites. An even better way is to infect Facebook or other social networks sites so that the links appear to be sent or posted by people you know. Clicking on the link in Facebook may also cause the link to be posted to your own wall, so that it can then be viewed by your friends as well. The bottom line is, you should never click on a link that goes to a website you do not recognize, even if sent by someone you know.
Another way to protect yourself is to use software meant to protect specifically against these types of attacks. EECU has partnered with a company called Trusteer to provide software that is designed specifically to protect you while you are logged on to a financial website. You can read more about Trusteer under the “What is Trusteer” FAQ article.
You can also download software specifically meant to protect against spyware. Like anti-virus programs, there are many different anti-spyware programs to choose from. Some popular free programs are Spybot Search & Destroy, available at http://www.safer-networking.org, Ad-Aware, available at http://www.lavasoft.com, and Malwarebytes, available at http://www.malwarebytes.org. Some anti-virus software makers also include anti-spyware in with their anti-virus suites, so you might see if you already have anti-spyware software installed.