The Computer Clarity Blog

Quick Facts

Spyware is software installed on your computer without your consent to monitor or control your computer use. Clues that spyware is on a computer may include a barrage of pop-ups, a browser that takes you to sites you don’t want, unexpected toolbars or icons on your computer screen, keys that don’t work, random error messages, and sluggish performance when opening programs or saving files. In some cases, there may be no symptoms at all.

To lower your risk of spyware infections:

• Update your operating system and Web browser software, and set your browser security high enough to detect unauthorized downloads.
• Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
• Download free software only from sites you know and trust. Enticing free software downloads frequently bundle other software, including spyware.
• Don’t click on links inside pop-ups.
• Don’t click on links in spam or pop-ups that claim to offer anti-spyware software; you may unintentionally be installing spyware.

Just when you thought you were Web savvy, one more privacy, security, and functionality issue crops up — spyware. Installed on your computer without your consent, spyware software monitors or controls your computer use. It may be used to send you pop-up ads, redirect your computer to websites, monitor your internet surfing, or record your keystrokes, which, in turn, could lead to identity theft.

Many experienced Web users have learned how to recognize spyware, avoid it, and delete it. All computer users should take preventive steps to avoid spyware.

The clues that spyware is on a computer include:

• Barrage of pop-ups
• Hijacked browser — that is, a browser that takes you to sites other than those you type into the address box
• A sudden or repeated change in your computer’s internet home page
• New and unexpected toolbars
• New and unexpected icons on the system tray at the bottom of your computer screen or on your desktop
• Keys that don’t work (for example, the “Tab” key that might not work when you try to move to the next field in a Web form)
• Random error messages
• Sluggish or downright slow performance when opening programs or saving files

The good news is that consumers can take steps to lower their risk of spyware infections.

Update your operating system and Web browser software. Your operating system (like Windows or Linux) may offer free software “patches” to close holes in the system that spyware could exploit. Set your operating system and security software to update automatically to be sure you have the latest protections.

Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. You can download this software from ISPs or software companies or buy it in retail stores. Look for anti-virus and anti-spyware software that removes or quarantines viruses and that updates automatically on a daily basis.

Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find — or difficult to understand — think twice about installing the software.

Minimize “drive-by” downloads. Make sure your browser security setting is high enough to detect unauthorized downloads, for example, at least the “Medium” setting for Internet Explorer.

Don’t click on any links within pop-ups. If you do, you may install spyware on your computer. Instead, close pop-up windows by clicking on the “X” icon in the title bar.

Don’t click on links in spam or pop-ups that claim to offer anti-spyware software. Some software offered in spam or pop-ups actually installs spyware. In fact, ads that claim to have scanned your computer and detected malware are a tactic scammers have used to spread malware, so resist the urge to respond to or click on those messages.

Install a personal firewall to stop uninvited users from accessing your computer. A firewall blocks unauthorized access to your computer and will alert you if spyware already on your computer is sending information out.

Back up your data. Whether it’s text files or photos that are important to you, back up any data that you’d want to keep in case of a computer crash. Do these as regularly as you update your security software.

If you think your computer might have spyware on it, immediately stop shopping, banking, or doing any other online activity that involves user names, passwords, or other sensitive information. Confirm that your security software is active and current and run it to scan your computer for viruses and spyware, deleting anything the program identifies as a problem.

Computer Clarity

By Daily Mail Reporter
Last updated at 2:11 PM on 11th August 2010

• Trojan is still at large and may strike again, experts warn
• Bank affected has still not been named

Thousands of British online banking customers have fallen victim to a sophisticated attack by cyber criminals who have stolen thousands of pounds from their accounts.

About 3,000 online banking customers have been victims of a computer virus attack that empties their accounts while showing them fake statements so the scam goes undetected.

Experts have described the attack using a ‘Trojan’ virus as the most sophisticated and dangerous malware program ever created.

The cyber criminals stole an estimated £675,000 between July 5 and August 4 and the attack is still progressing, experts warn.

Out of action: The new Trojan virus can empty bank accounts without their owners knowing about the theft as it shows them fake statements

The latest virus is a variant of the Zeus Trojan banking virus which first emerged three years ago and is called Zeus v3. 

M86 Security said: ‘We’ve never seen such a sophisticated and dangerous threat. Always check your balance and have a good idea of what it is.’

The scam was discovered after M86 gained access to the command-and-control server in Eastern Europe running the thefts.

How to protect yourself from Trojans when banking online

• Make sure your anti-virus software is up to date.
• Keep firewalls set to the highest level.
• Never open an e-mail attachment from someone you don’t know.
• Never double-click on an e-mail attachment that ends in .exe. It is an ‘executable’ file and can do what it likes in your system.
• If you think your machine has already been infected, contact your bank immediately. If the bank thinks you are a genuine victim of fraud it will reimburse you.

It collects data such as passwords and even transfers money out of accounts automatically, but only after checking if there is at least £800 available.

Bradley Anstis, M86 vice-president of technology strategy, said: ‘This is an extremely sophisticated version of the virus and it cannot be detected by traditional security software.’

The company said it was the most-sophisticated and dangerous virus yet seen and advised online banking users to check their balances regularly and have a good idea of what it should be. 

British high street banks do not believe they have become victims of the cyber criminals.

A spokesman for HSBC said: ‘There are millions of viruses and other malicious software.

We urge people to take basic measure to protect themselves from virus attacks.

Any customer who is a victim of fraud will be reimbursed by HSBC.’

However, M86 said it believed one high street bank was breached and failed to act quickly after warnings last month.

More than 100,000 PCs in Britain have been infected with other forms of the Trojan virus.

McAfee Inc, the security software maker, said production of software code known as malware, which can harm computers and steal user passwords, reached a new high in the first six months of 2010.

McAfee said total malware production continued to soar and 10 million new pieces of malicious code were catalogued.

What is a Trojan?

• A Trojan is a type of computer virus that infects your PC
• It is called a Trojan because it will disguise itself as a useful application but when installed can take control of a user’s computer
• It can let a hacker take control of your computer or simply wipe the hard drive
• It can also be used to install key logging software which will let the hacker know what you are typing and give him access  to your passwords
• Trojans are now the most popular form of computer virus or ‘malware’

It also warned users of Apple’s Mac computers, considered relatively safe from virus attacks, that they may also be subjected to malware attacks in the future.

‘For a variety of reasons, malware has rarely been a problem for Mac users. But those days might end soon,’ a spokesman said.

‘Our latest threat report depicts that malware has been on a steady incline in the first half of 2010,’ Mike Gallagher, chief technology officer of Global Threat Intelligence for McAfee, said in the report that was obtained by Reuters.

Last year £59.7million was lost to online banking fraud, according to Financial Fraud Action UK.

Another £440million was lost to credit card fraud.

And the problem is said to be on the rise, with criminals attacking banks’ customers rather than the banks themselves as they are seen as softer targets.

A Financial Fraud Action UK spokeswoman said: ‘The idea that criminals are targeting people by using malicious software or Trojans is nothing new.

Bank systems are hard to attack so they have to go through the easier link in the chain, which is the customers.

They’re hoping customers aren’t taking security precautions. We’ve been seeing this for the last few years and we’re constantly urging people to protect their computers to try to mitigate the risk of becoming a victim.’

Victims of online banking fraud are generally refunded the money.

Computer Clarity

Computer malware is to the personal computer as AIDS is to the human immune system. Both conditions progressively reduce the effectiveness of each immune system while leaving the subject susceptible to subsequent opportunist infections. The computer’s immune system is its security software. The antivirus and firewall are the two most important components of your computers security, or immune system. Upon a successful infection, most of the common forms of malware today will immediately attack and disable the security software rendering your computer defenseless against the current infection and against other viruses that find your computer. Many viruses will even go out on the internet and invite other viruses to come into the computer too. This is part of the reason the computer slows down tremendously after a virus has found its way into your computer. One virus gets in, disables security, invites its buddies, and they all have a party in your hard drive with your processor and your information.

So, how does that first virus get in? If this antivirus is the immune system, why ain’t my computer immune? It is a very fair question. However, there are several answers.

First, many malicious programs are designed to look like something else. Some try to look like Windows Warming messages. Others try to look like an antivirus program. These two examples are like a fake police or security officer seeking entry into your house. They look official and if you let them in, that is when they will do their damage. Another example of a virus th at looks like something else comes to us in the form of “FREE” downloads: free music, videos, games, and software. Not all that is free is bad; but much of it is. But a simple search on Google will tell you what has happened to others who have downloaded it. If it legitimate, you will see websites telling you who makes it, what it does, and why it’s free. If it is bad, you will see ten thousand websites, blogs and tech forums all talking about how bad it is. In a heartbeat, you can know if it is ok to use or if you should run like you were being chased by a bunch of birds and swine with the flu. In all of these cases, the virus got in because the user invited it in. Like with a vampire, your invitation renders all of your defenses powerless.

The other way these viruses get into a computer is when the security system has failed. If the antivirus or firewall looses functionality or fails to update, the immune system is down and the computer is defenseless. Just as with AIDS (Acute Immune Deficiency Syndrome) if the computer’s immune system is deficient, it will get sick and, without serious attention, it will die.

Computer Clarity