Protecting Yourself Part 1: Definitions of Common Terms

"It will never happen to me, I know what I'm doing."

We've all said it.  This time, we're not talking about sex and pregnancies or STDs but something just as common: computer viruses.  Over the years I've heard repeatedly "I won't get a virus, I only visit sites I trust," or "I won't get hacked because I only visit sites I trust."

Honest Truth: If you believe either one of these statements, you're either very naive or very stupid.  The only way you'll never get hacked or never get a virus is if you NEVER expose your computer to the internet or outside devices.  If that were the case,  you wouldn't be reading this article, would you?

This is the first in a series of gaming related articles concerning viruses, hacking and preventative measures.  Sure, we've heard them all before, but hackers are getting smarter, viruses getting sneakier and while I'm not a paranoid person, I will say, they are out to get you, whether you realize it or not.

This first article is for folks relatively new to viruses, phishing and other thing associated with the online world and will cover definitions of common terms and phrases seen in the gaming world.  This article can also be useful for parents who have teenage children who are starting to game and put their family or personal computers at risk.

Adware
There are several definitions of adware, the most predominant being that adware is a type of spyware that collects information about the user in order to display targeted advertisements in the Web browser based on the users browsing habits and frequently visited sites.

The second type of adware is a type of software, not always a virus, that automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used.

Specific programs have been developed to detect, quarantine, and remove both types of adware mentioned here.

Browser Hijacker
This is another type of malware/spyware that replaces the existing internet browser default home page, error page, or search page with its own page, forcing you to go to it.  Some browser hijackers will not let you venture away from that webpage or will redirect your searches to pages of its own.  Occassionally these sites will have other viruses on them as well which can be downloaded to your computer without you knowing it via ActiveX and Flash.  Browser hijackers are one of the easier to remove forms of malware out there.

Fakeware
Fakeware is software that parades itself as a useful program or a free download of a popular program, but is a virus in disguise.  A great example of fakeware is when you have a pop-up window that tells you your computer is infected and to fix the problem download this program.  The program is actually harmful, not helpful, thus fakeware.

Hacking
A lot of people confuse "hacking of their gaming accounts" for real hacking, when, in most cases it is through Trojans and other viruses.  Hacking, as defined by USLegal.com, is intentionally accessing a computer without authorization or exceeds authorized access.  There are a lot of famous hacking cases out there, such as when the Pentagon was attacked by hackers.  These were actual cases of hackers accessing a computer and doing things they weren't authorized to do.

Most of the time, when an "account is hacked," it is the result of viruses, phishing (see below), carelessness on the user's part or use of services that put their accounts at risk.  The few cases where hacking is the case are rare.

Malware
Malware is a shortened term that means "malicious software." This term is a generic term that covers a number of similar items, even though each item does something different. It often refers to, adware, spyware, viruses, worms, trojan horses and, most recently, fakeware.  All of these are defined within this article.

If we wanted to break the word down a bit more, mal is latin for bad, and ware, obviously refers to software.  It directly translates to what it is: bad software.

Phishing
Phishing is a criminally fraudulent process of attempting to acquire, or acquiring, sensitive information, such as usernames and passwords, or other sensitive information without permission from the victim. It applies only to Internet fraud. 

This term is often seen in conjunction with Website spoofing.

Website spoofing is where a site looks like it's part of an "official" site, but is often just a slightly different address and is used to acquire username and passwords when people try to log into it. The fake site then records your login and password, passing it on to the originators of the site, while giving you a message that your username and password do not work.  This allows the person running the site to log into the real site, such as a bank online tool, with your information and subsequently hack your account information.

This has been seen a lot with Facebook, Myspace and even gaming sites where they make their site look -exactly- like the real site.  Future articles will talk about how to protect yourself from these types of attacks.

Rootkit
A rootkit is a collection of programs which grant administrator-level access to a computer or computer network. Rootkits are installed on a computer after the hacker obtains user-level access, either by exploiting a known vulnerability or cracking a password. Once installed, the rootkit allows the attacker to mask intrusion and gain admin access to the computer and, sometimes, other machines on the network.

A rootkit may consist of spyware, viruses and other malware that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection.

Keeping your system updated can help prevent your machine from being targeted by vulnerabilities which allow these things to happen.

Spam
Spam can be easily defined as repeated, obtrusive and unsolicited messages, either via e-mail, private messages, forum posts, etc., that may or may not bear significant meaning to the recipient.  Spam often contains links to sites that may or may not contain malware.  Spam e-mail sometimes contain viruses as an attachment in the hopes of luring an unknowing person into opening it and infecting their computer.

Spear phishing
Spear phishing is an e-mail spoofing fraud attempt that targets members of a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source such as a well-known company or Web site. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.

According to an article in the New York Times, spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by "sophisticated groups out for financial gain, trade secrets or military information."

Spyware
Spyware is a type of malware that "spies" on things you do on your computer. Spyware can do any number of things to your computer, including but not limited to capturing web browsing habits, capturing user names and passwords, and hijacking browsers

Trojan (Trojan Horse)
A Trojan horse is a specific type of virus that, much like the others, can be very malicious.

The name of this type of virus comes from the Greek legends of old, regarding the Trojan Horse left as a "gift" for the Trojans, who then brought the seemingly benign wooden horse into their fortress.  As the Illiad tells us, at night, the Greeks then broke out of the horse and ultimately took over the city of Troy.  Much like in the Illiad, trojan horse viruses often masquerade as something they are not.

They can be acquired through browsing a website or downloading files and can be transferred from other computers. Trojan horses can overwrite an entire system, serve as a key logging program and send usernames and passwords back to the program originator.

Virus
Malware also can be computer viruses. In many ways, these are similar to viruses we humans catch. They can do many dangerous things on your computer, including but not limited to creating new files, erasing files, sending out spam e-mail via your e-mail program and consuming memory, which often makes your computer run slower.

Worm
A worm is a type of malware similar to a virus. Worms often replicate themselves, and send themselves out via e-mail or networks to other computers. Most worm files are an invisible file type, which makes them harder to detect than viruses and spyware.

Now, that we know the terms, we can move on to the next lesson, which will come next Monday, called Protect Yourself: Part 2: Windows Updates.  This article will talk about Windows updates, why they're important, ways to set up for auto-updates and more.