|"Honeypots"||Pop-ups||Remote administration utilities|
|Spybots||Spyware||Technologies of social engineering|
ActiveX technology - technology designed to modify OCX elements developed by Microsoft to create multimedia client-server applications. It is actively used by attackers because the technology’s vulnerabilities allow access to the computer being targeted. To disable the downloading of ActiveX elements on your computer, go to the Internet Explorer toolbar. Click on “Tools” and then “Internet Options”. Then go to the “Security” tab.
Applets - applications, small Java-programs embedded in HTML pages. By their nature these programs are not malicious, but can be used for malicious purposes. Applets are especially dangerous for online gamers because Java applets are required to make games playable. Just like spyware, applets can be used to send information collected on a computer to a third party.
Cookies - files with user data collected by Web servers and stored on a computer’s hard drive. After visiting any Web server, information about a user's preferences is stored in special files called cookies which are used for user identification by the server. The data taken from cookie files is used by spammers to compile mailing lists. The collection of information in cookie files can be disabled by going to the Internet Explorer toolbar and clicking on “Tools”, “Internet Options”, and then “Advanced”.
Dialers - special computer programs designed to scan a range of telephone numbers in order to find one answering as a modem. Once this is done, the attackers use the numbers found to wrap calls into the victim's phone bill or to connect the victim via the modem to expensive telephone services without the victim’s knowledge.
Hoaxes - are non-malicious e-mail messages written in a markedly neutral tone telling about a new virus that is supposedly spreading. Most virus hoaxes have one or more of the following characteristics. The name of the virus referred to by the author of the message is not the one normally used by most anti-virus companies. The message states that the "virus" was previously not detected by anti-virus programs, and an offer is made to find the file involved and delete it from the disk. In the event the file is found, recipients are asked to inform all friends and contacts listed in their address books. Despite the harmlessness of such a hoax, its danger is obvious—the mass mailing of copies of useless messages increases mail traffic and robs users of time.
"Honeypots" - web pages that act as bait by meeting the criteria of users doing online searches with keywords. Though such pages entice users, in reality they contain all sorts of exploit programs, and unwanted and malicious software.
Hijackers - This is a type of unwanted computer program whose main goal is to replace the existing Internet browser home page with its own in order to force hits to a particular web site. The programs use gaps in Internet browser security systems and put themselves into the system register. Usually a manual cleaning of the register does not help because hijackers have a restoration function for register data and know how to make it look like system files. Such programs are used by the owners of popular web sites that have large numbers of visitors—e.g. sites containing music, games, and adult-only content.
Pop-ups - are non-malicious programs that operate as a type of adware in the form of “pop ups”—advertisements that suddenly appear in small windows on a computer monitor.
Remote administration utilities - these are not malicious programs but can be used for malicious purposes. The utilities enable remote access to the network and remote actions on the network from anywhere in the Internet.
Spybots - are not virus programs. They are independent functional modules, each performing a specific task. Hackers use spybots to monitor network activities.
Spyware - programs that are not viruses but are dangerous for users. These programs monitor and send collected information to a third party–the person who created the program or one of their clients. Among those clients ordering spyware are spammers, advertisers, spam agencies, criminal groups, and individuals engaged in industrial espionage. Spyware takes an interest in system data, browser type, visited Web sites, and sometimes the contents of the files in the victim's computer hard drive. Such programs secretly get into the computer through shareware or after viewing specially built HTML pages and pop-ups. They install themselves without the user’s knowledge. The side effects of spyware are unstable browser operation and decreased system performance.
Technologies of social engineering - methods of getting confidential information from users by misleading them. Very often this leads to voluntary disclosure of information by users. Social engineering does not use special computer programs; the fraud is built on trivial lies and relies on people's gullibility and naivety. Most often authentic-looking letters from existing credit organizations are sent to users asking them to confirm passwords for account access and credit card PIN numbers.
Vulnerability - part of the program code that allows its user to breach the system and enter networks. Today, the speed at which vulnerabilities are exploited is so great that it takes just days for attackers to break into a system after data on specific detected vulnerabilities has been published. Especially popular with hackers and virus writers are the numerous vulnerabilities of Microsoft software, the most widely used software in the world.
Zombies - small computer programs distributed through the Internet by computer worms. Zombie programs install themselves in infected systems and wait for further commands.