Viruses, Spyware, Malware and Phishing: differences?

by HSG on May 15, 2014 in Articles from Software Fans

Yahoo answers abstract.

Overview:

·         Virus is a piece of code that is secretly introduced into a system in order to corrupt it or destroy data

·        
Spyware is software that secretly gathers information about a user while he/she navigates the Internet.

·        
Malicious software is a form of computer program designed with malicious intent.

·        
Phishing is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user IDs and passwords.


The threat of malicious software can easily be considered as the greatest threat to Internet security. Earlier, viruses were, more or less, the only form of malware. Currently, the threat has grown to include network-aware worms, trojans, spyware, adware and so on.

There are many different types of Malware:

Viruses & Worms:

Spread through e-mail, web pages or networks, these can self replicate and spread to other computers. Worms have probably been around the longest, though when they first started surfacing they were hardly as malicious as today's malware. A worm, as well as a virus for that matter, are a self-propagating computer program and can often cause great damage to a computer. The first well-known worm was known as the Morris Worm and it used an early version of the Internet and a BSD Unix flaw to propagate itself. In the recent past, hackers would often write these pesky programs simply to prove that it could be done. That was before every computer on earth was networked together via the Internet, and viruses and worms often had to be physically distributed to computers via floppy disk.

Viruses usually distinguish themselves from worms by requiring a host, like a Word document. Though both viruses and worms can be spread through email, viruses and unwanted email attachments have become synonymous. The first widespread email-distributed virus was 1999's Melissa virus, which was a macro virus that exploited Microsoft Word and Outlook to mail itself to an infected computer’s address book. Although viruses and worms can be damaging, their implementation is often haphazard and less beneficial to their creators than other forms of malware, which helps explain why this oldest form of malware is dying out.


Trojan Horse:

A Trojan horse program is a harmful piece of software that is disguised as legitimate software. Trojan horses cannot replicate themselves, in contrast to viruses or worms. A Trojan horse can be deliberately attached to otherwise useful software by a programmer, or it can be spread by tricking users into believing that it is useful. To complicate matters, some Trojan horses can spread or activate other malware, such as viruses. These programs are called droppers. The name of the game for Trojans is subversion -- sneaking their way onto a system and delivering an unexpected and potentially devastating payload


Back Door:

A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures. Based on how they work and spread, there are two groups of backdoors. The first group works much like a Trojan, i.e., they are manually inserted into another piece of software, executed via their host software and spread by their host software being installed. The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payload.


Spyware:

 Spyware consists of computer software that gathers information about a computer user (such as browsing patterns in the more benign case or credit card numbers in more serious ones) and then transmits this information to an external entity without the knowledge or informed consent of the user.

Just as widespread email use provided an enormous highway for virus traffic, the growth of the Internet helped spawn spyware. Spyware is an Internet browser-based malady that is largely fueled by the prospect of monetary gain. In its least virulent form, spyware or adware causes sluggish systems, slow Web browsing and annoying pop-ups. The more dangerous spyware might track browsing habits or sensitive information and transmit that information back to its creator.


Adware:

Adware or advertising-supported software is any software application in which advertisements are displayed while the program is running. These applications include additional code that displays the ads in pop-up windows or through a bar that appears on a computer screen.

Every computer that connects to the Internet should have a good virus-scanner and spyware/adware scanning software installed on it and these should be used regularly to scan the system to rid it of malware.
 


About Phishing

Phishing is where a website impersonates a real one to obtain your details. e.g. a fake bank site that looks like the real one so when you put your details into it, it stored them for itself.  A common phishing scam is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by Phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the Phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.

Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients' AOL accounts. The perpetrator's e-mail used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers; personal identification numbers (PINs), social security numbers, banking numbers, and passwords. This information was used for identity theft.

The FTC warns users to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization's Web site to find out whether the request is legitimate

Virus and Spyware Protection
http://www.avast.com   
http://www.grisoft.com 
 

Related:

Surprising Ways Viruses, Malware, Etc. are Infecting Computers

What are a few unique pieces of career advice that nobody ever mentions?

What People Should Know Before Getting Rid of Old Tech Stuff

other blog entries

The Value of Knowing Java
How to use a global variable in Python
Java, J2EE Interview Questions: the Basics
Computer Hackers, a Tricks of the Trade Overview
What Are the Advantages of Python Over Ruby?
Working With Lists In Python
Python Programming for Cisco Networking Engineers
Why Are More People Using Chrome Than Any Other Browser?
Types of Freelance Work in the IT Industry
Why learning C# could help you establish a fruitful software engineering career

Course Directory [training on all levels]

Upcoming Classes
Gain insight and ideas from students with different perspectives and experiences.

Interesting Reads Take a class with us and receive a book of your choosing for 50% off MSRP.

did you know? HSG is one of the foremost training companies in the United States

Information Technology Training that enables companies to build better applications and expertly manage the software development process.

Our courses focus on two areas: the most current and critical object-oriented and component based tools, technologies and languages; and the fundamentals of effective development methodology. Our programs are designed to deliver technology essentials while improving development staff productivity.

Personalized courses for unique business and technology needs

An experienced trainer and faculty member will identify the client's individual training requirements, then adapt and tailor the course appropriately. Our custom training solutions reduce time, risk and cost while keeping development teams motivated. The Hartmann Software Group's faculty consists of veteran software engineers, some of whom currently teach at several Colorado Universities. Our faculty's wealth of knowledge combined with their continued real world consulting experience enables us to produce more effective training programs to ensure our clients receive the highest quality and most relevant instruction available. Instruction is available at client locations or at various training facilities located in the metropolitan Denver area.

Upcoming Classes

consulting services we do what we know ... write software

Design and Development
Application lifecycle management
We generate use cases, UML documentation, architect the system, create an object model, iteratively develop the system, unit and system test and modularize where necessary. These types of engagements are typically longterm and, almost always, incorporate a variety of software technologies.
If you are in need of expertise but only require the assistance of one or two engineers, the Hartmann Software Group can be of help. Instead of procuring talent by way of a placement agency who is likely to contact us, come to the Hartmann Software Group directly. You may realize some savings.
Mentor
The best way to learn is by doing.

The coaching program integrates our course instruction with hands on software development practices. By employing XP (Extreme Programming) techniques, we teach students as follows:

Configure and integrate the needed development tools

MOntitor each students progress and offer feedback, perspective and alternatives when needed.

Establish an Action plan to yield a set of deliverables in order to guarantee productive learning.

Establish an Commit to a deliverable time line.

Hold each student accountable to a standard that is comparable to that of an engineer/project manager with at least one year's experience in the field.

These coaching cycles typically last 2-4 weeks in duration.

Provide Expertise
Services for your business growth.
With the introduction of smart devices, e-marketplaces, electronic forms, SEO practices, big data, virtual office environments, media streaming and so much more, there is hardly a business whose livelihood is not, in some way, dependent upon the inclusion of such software functionality into its online presence, work environment and product offerings. Such inclusion often presents a complex array of challenges that are far beyond the expertise of the business as it demands an understanding of technological options, modular decomposition, backend systems integration and web services. Most importantly, the business requires IT talent and expertise; this is where the Hartmann Software Group shines. To that end, here is an overview of some of the services that we offer:

Business Rule isolation and integration for large scale systems using Blaze Advisor

Develop Java, .NET, Perl, Python, TCL and C++ related technologies for Web, Telephony, Transactional i.e. financial and a variety of other considerations.

Windows and Unix/Linux System Administration.

Application Server Administration, in particular, Weblogic, Oracle and JBoss.

Desperate application communication by way of Web Services (SOAP & Restful), RMI, EJBs, Sockets, HTTP, FTP and a number of other protocols.

Graphics Rich application development work i.e. fat clients and/or Web Clients to include graphic design

Performance improvement through code rewrites, code interpreter enhancements, inline and native code compilations and system alterations.

Mentoring of IT and Business Teams for quick and guaranteed expertise transfer.

Architect both small and large software development systems to include: Data Dictionaries, UML Diagrams, Software & Systems Selections and more