Security on the Internet
Some of the risks ...
Attacks from the Internet
Broadband connects you permanently to the Internet, which means, of course, that your computer is always available to be attacked from the Internet. This is a very real threat: many people on the Internet permanently run programs whose only purpose is to seek out and attack vulnerable computers (you!) – an unprotected computer will quite likely be infected within minutes.
An ADSL modem does nothing to reduce that threat - anyone on the Internet can send stuff to your computer hoping to exploit some vulnerability. An ADSL router is much better – it only exposes itself to the Internet, your computer never becomes visible to Internet attackers. More here.
If you must use an ADSL modem always run a personal firewall. More here.
Those who do their internet banking with Abbey, Barclays, Cahoot, HSBC, Lloyds, Natwest, Nationwide and the Woolwich are being targeted by malicious software that steals their access codes.
Russian criminals are attempting to divert funds from British accounts by infecting computers with Tofger-BG, a "trojan program" that secretly records users' keystrokes when they visit bank websites.
Confidential data is then sent to an internet site registered in Russia, allowing hackers to access accounts.
Graham Cluley, senior technical consultant at the computer security company Sophos, said: "This is very different from the fraudulent e-mails which many computer users receive trying to lure them to a bogus website.
"This trojan waits for the customer to visit real banking websites and then captures passwords and account information.
Det Chief Supt Len Hynds, head of the National High-Tech Crime Unit, said: "The criminals behind these attacks are constantly changing tactics to target a wider range of victims."
Daily Telegraph,
28 Aug 2004.
Most people are aware of the threat from viruses, but a much bigger threat these days is that of being infected by a trojan (whether or not you are connected by broadband), which can then use your broadband link secretly. Unlike viruses, trojans do not advertise their presence – they want to stay hidden so as to do something secretly. Some of the things that current trojans do:
- Monitor all your keystrokes to learn any passwords to online banking etc, and send them secretly to someone else who can then access your account as you.
- Download adverts to display in inconvenient places later, even when you're not connected to the Internet.
- Receive an item of "spam" from the scammer, and then send it to millions of people from your computer.
- Hijack your browser's home page and search page, so that every time you go on to the Internet, or any time you search for something, you are diverted to an unwanted Web page (often pornographic, or shopping- or gambling-related).
- Reprogram your old dial-up modem to cause it to silently dial premium-rate or international phone numbers and stay connected for hours, running up a huge phone bill for you.
Hundreds of Irish phone users have run up large bills due to auto-dialling fraud or modem hijacking.
One business discovered it had inadvertently run up a bill of nearly 12,200 euros (£8,360).
It is a complex but lucrative fraud. The criminal installs software on computers without the knowledge of the user.
The settings of that computer's internet dial-up are altered, so that when the internet is dialled up, it rings a foreign and highly expensive number.
BBC News, 22 Sept 2004.
There are also plenty of threats other than viruses and trojans, and not specifically to do with broadband. One of the biggest current threats is that of "phishing", where a scammer sends you an e-mail apparently from your bank, which asks you to click on a link to the bank's web site to "re-validate" your username and password. Of course, the site is that of the scammer, who then uses the username and password you typed in to go to the real site, login as you, and transfer your money out. There's an example (which has been rendered harmless) here.
To prevent falling foul of a "rogue dialler" which can run up enormous (£1,500 or more) phone bills, be sure to disconnect your old dial-up modem from your PC.
So what should I do?
Take some advice! You can either spend hours researching all this yourself (and I hope this page and the other pages here give you a head start) or you can let me worry about all that and get me to advise you.
I can help you avoid expensive mistakes. I am a computer consultant based in Englefield Green, and have 25 years' experience working for a large computer company. I'm now retired and operate independently, offering fixed-fee advice. A broadband or security consultation costs just £25 – you'll save at least that much in a couple of months by following my advice. I can also order and install broadband for you.
Phone me on 01784 439253 or see the "contact me" page.
© Copyright Paul Doherty, 2008. All rights reserved. Tel: (UK) 01784 439253