Jason Ogaard: Malware gets in the weirdest places
The Internet can sometimes be a treacherous place.
When I talk to someone that isn’t technically savvy, I call the Internet a jungle when we talk about dangers. There are sites that show pop-ups that look like they’re from programs on your computer. There are sites that tell you you’re computer is infected (when it isn’t) and that you should run their program to free yourself of infection, the catch being that their program then infects your computer. There are sites that pretend to be other sites just to get unsuspecting users to give away their information.
The bad programs are often called viruses or malware. Sometimes, the nature of the program is to simply cause havoc and destruction for the victims machine. Most often, these programs try to extract money from the victim. Malware is the term often used today because it doesn’t usually cripple the machine, it does slow it down quite a bit, though. Malware can actively cause the user pain by showing an official looking pop-up telling the user that their computer is infected and they should pay money to clean out the infection. Malware can also passively sit back and watch for the user to visit their bank and then send a record off of the login credentials.
Malware doesn’t always have to attempt to get money from the victim. Sometimes, it’ll set up a program that’s invisible to the owner that just runs in the background. These malware programs usually use the computers as resources to serve up malware websites or act as a source of an attack. A computer set up like this is considered a ‘bot’ because it can be used remotely to do a number of things. Having a network of remote computers that’ll do a number of things is useful. If someone wants to do something illegal on the Internet, it’s a good bet they’ll have the source of the illegal activity be a remote computer that would be very difficult to trace. Any scrutiny from law enforcement would be on the owner of the ‘bot’ for quite a while.
One of the most insidious ways nefarious people get you is with installers for legitimate programs. Say you decide to be a responsible computer owner and want to use an anti-malware program. You would probably do a search for one and then download it. Unfortunately for you, many websites take installers for programs and wrap them with another installer that puts malware on your computer. As an end user, you have no idea that the installer is not the official installer and that you now have malware on your computer.
Most of the time, these ‘bad’ installers just ask to install things such as toolbars on your browser. Don’t install those, by the way, they slow everything down and rarely provide any sort of benefit. To avoid the issue of rogue installers, it’s best to go straight to the company that makes the product and download the installer straight from them. And always run an anti-malware program, there are several good, free ones. Combine that with a good anti-virus program (Microsoft Security Essentials is free if you have a licensed copy of Windows) and you will be much safer.
JASON OGAARD was born in Bemidji and is a software engineer for FICO, a Minneapolis based public company providing analytics and decision-making services, including credit scoring credit bureaus.