Install a good antivirus on your PC. We'll give it to you free. Just download it
If you already have an antivirus, get a free second opinion with Panda ActiveScan Pro. Scan your PC now
Help us combat identity theft and online fraud. Send us anything you think might be fraud
Did you know.? / Main threatsFor more information on any of these terms, go to www.pandasoftware.com/virus_info
A 'targeted attack' is an attack aimed at a specific user or group of users. These are not massive attacks, as their aim is not to reach as many computers as possible. The danger lies precisely in the customized nature of the attack which is designed especially to trick potential victims. The majority of these attacks are aimed at obtaining confidential data.
A botnet is a group of zombie computers (infected by bots), and controlled by a hacker known as a bot herder. These networks provide considerable profits for hackers, either by renting them to third parties for sending spam, for example, or using them directly to install spyware on thousands of computers at the same time. But botnets can also download other malware, such as keyloggers, and the network can therefore be used to obtain confidential data from thousands of users.
The word bot comes from "robot"?
The word bot comes from "robot". This is because they are automated Trojans. If a hacker gives them an order, such as to send spam, bots will continuously execute this order until they receive a command to the contrary. However, one of the most dangerous actions of bots is that they can download other malicious programs onto computers and in this way steal all types of confidential data from infected computers.
The word bot comes from "robot". This is because they are automated Trojans. If a hacker gives them an order, such as to send spam, bots will continuously execute this order until they receive a command to the contrary. However, one of the most dangerous actions of bots is that they can download other malicious programs onto computers and in this way steal all types of confidential data from infected computers.
What's a denial of service attack?
A denial of service attack (DoS) involves making continuous calls to a computer so that it becomes saturated and cannot respond. This technique is used to blackmail companies, with criminals asking for money in exchange for not attacking a certain server in the company, such as those that host the web pages of an online store.
There are two types of computer worm
There are two types of computer worm: Email worms spread rapidly via email, while network worms are those that can spread across both local networks and the Internet. Worms can also be used to make modifications to a system, and in this way carry out pharming attacks and steal users' bank details.
Spam is junk email, normally containing advertising. These messages, usually mass-mailings, can be highly annoying. The name comes from a Monty Python sketch, in which everything on a restaurant menu includes spam. However, not all spam messages contain advertising, as it is used in phishing attacks aimed at stealing confidential data in order to carry out identity theft.
Hoaxes are false warning messages that try to create a chain of emails between as many users as possible. The aim of these messages is often to gather email addresses which can then be used for sending phishing or targeted attacks.
What's a potentially dangerous application?
A potentially dangerous application is a program which although it has not been created with malicious claims, can on occasions be used to damage computers. Sometimes, some of these programs can enable the theft of data that the user enters in a computer.
Spyware is a type of malicious code aimed at collecting data about users' Internet habits, which is then often sold to unscrupulous marketing companies. The data can be used in order to personalize advertising or market surveys or, worse still, to create personalized targeted attacks making it easier to steal confidential data.
Cookies are small text files used by servers and Web browsers to store and recover information about visits to websites. However, there is the type of malicious cookie called a Tracking Cookie, which are often used by spyware programs to steal information. If one of these cookies stores confidential information it can be used by hackers for identity theft.
A software vulnerability is a design or programming flaw that allows an attacker to use it to carry out malicious action. They do this using exploits, small applications designed to take advantage of the specific vulnerability. For example, there is a vulnerability in Internet Explorer which allows a spoof web page to be designed to steal personal data. The address of the web page seems genuine but it is in fact hosted on a completely different side.
Spim is spam that is sent through instant messaging systems such as MSN messenger, ICQ, etc. Like spam, it can also be used for phishing attacks and even targeted attacks using links that, when clicked, will download other malware onto the computer.
P2P file-sharing networks, such as KaZaA or eMule, are becoming one of the most frequently used channels for spreading malware. The creators of threats use enticing names for their creations to encourage users to download them and run them on their computers. This enables them to get malware resident on a computer, waiting to steal any data that users enter.Trojans, even though they are commonly considered viruses, are actually programs that can be used for a whole range of malicious activity. This includes creating backdoors through which hackers can enter a system and steal confidential data.
Backdoor Trojans are malicious applications which are used to create backdoors through which hackers can access computers and carry out a range of actions, including stealing confidential data.
Phishing is a type of fraud that involves gathering details about your bank accounts and stealing your money. Phishing attacks normally use spoof bank emails asking you to confirm your confidential data for security reasons. These emails contain links which take users to false web pages that are replicas of those of the bank in question. It is important to ignore such emails and when you access your bank's website, type in the address yourself in the address bar of your browser. This will save you a lot of problems.
Keyloggers are malicious applications aimed at capturing the keystrokes you make on your computer keyboard. This allows all sorts of information to be sent to hackers. login details, passwords, account numbers, credit card details, etc.
Rootkits are a type of program that are not in themselves malicious but they can be used to cover the tracks of illegal activity. Rootkits use stealth technology to hide on systems without even the operating system being able to detect their exsistence. This means they can hide programs such as keyloggers which are continually stealing data.Online identity theft involves carrying out transactions using another person's details. Normally, as these actions are illegal (shopping online with stolen credit cards, opening bank accounts, etc.), the consequences of these attacks can be very serious for victims.
Pharming is an increasingly prevalent online fraud technique. Some cybercriminals can make changes to computers so that when users access online stores or banking services, instead of displaying the original page, a perfect copy appears. If users enter their details in these pages, they will fall straight into the hands of the cyber-criminals who can use them for fraudulent purposes. The changes that need to be made to carry out this task are usually done using Trojans, and therefore, the best defense is a completely up-to-date antivirus.
'Mule' is the name in Internet slang given to those laundering money obtained through cyber-crime. Normally, the function of a mule is to open bank accounts in which they receive money which is then transferred to other accounts exchange for a fee. Be careful if you ever encounter such offers, as rather than 'mule', 'scapegoat' would be a better description. Because in the case of a criminal investigation, the first port of call of the authorities is the mule and not the real criminal.
El Scam es la captación de personas por medio de correos electrónicos, chats, irc, etc... donde empresas ficticias le ofrecen trabajar cómodamente desde casa y cobrando unos beneficios muy altos. Sin saberlo, la víctima está blanqueando dinero obtenido por medio del phishing (procedente de estafas bancarias).
Car-phishing involves trying to entice users that want to buy cheap cars. The sale never takes place but the victim pays a deposit which they lose.
The fraud starts with seemingly great offers on luxury cars and can even involve spoof websites with names and domains similar to those of genuine second-hand car dealers. All of these frauds have something in common:
- Payment is made using agencies for sending money abroad (such as Western Union or Money Gram).This fraud involves sending victims notification of a lottery win. If the user replies to the email, they are asked to give their bank details so that the alleged prize can be transferred to the bank. On other occasions, victims are asked to send money to another country in order to be able to receive the full prize.
Obviously, there is no prize.This is a new type of Internet fraud which uses IP telephony numbers -cheap and easy to obtain-to set up bogus customer service departments for credit card companies or other financial services. Vishing follows a similar pattern to phishing: users receive a false email informing them about certain circumstances relating to their bank account or credit card. In this case, instead of a link to a website, a phone number is included which they can call to resolve any queries they have. The number they are calling is associated to a voice over IP account which can be obtained easily on the Internet through services such as Skype.
Espacio reservado a colaboradores
