Every Internet user should at least have a basic understanding of the terms used in regard to online security and so I have collected a few of the popular ones and put them in this article with a brief explanation of each.

Adware means “Advertising Supported Software”. It refers to placing adverts in software or distributing them along side a software download.

Bots are software applications that run automated tasks over the internet. Bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human editor alone.

Cross-site scripting This is a method of placing malicious scripts on websites that are then “executed” inside the web browser of the person viewing the website. These scripts can be dangerous at times.

DDos stands for Distributed Denial of Service. A DDoS attack attempts to consume the target resources so that it can not provide the service. In plain English this means a website can be brought down by aiming 1,000’s of page requests a minute until the website can no longer cope and fails!

A drive-by download is a program that is involuntarily downloaded to your computer, without your permission or even your awareness. A drive-by download can be commenced by simply visiting a Web site or viewing an HTML e-mail message.

Exploit This is name given to any process that seeks to take advantage of a code vulnerability, usually in a web browser such as Internet Explorer or FireFox.

Firewall In its simplest form it is a software security mechanism that prevents unwanted/unauthorized internet traffic from entering your computer. A firewall can also block software on your computer from sending out data as well. Having a software firewall on your computer is ESSENTIAL if you are connected to the Internet.

A keylogger is a small program that monitors each keystroke a client types on a specific computer’s keyboard. Keyloggers can steal valuable information that can allow a thief access to your online banking account etc.

Malware is software that is designed to damage a computer system without the owner’s informed permission. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Phishing is the act of deception by giving someone secret information or tricking them into doing somewhat that they normally wouldn’t do or shouldn’t do. For example: distributing e-mails to a number of users falsely claiming to be your bank etc.. in an endeavor to cheat the users into yielding private information like passwords. The latest versions of Internet Explorer 7 and FireFox 2 have built in phishing filters to help spot this kind of activity.

Root Kit is a set of tools that hackers embed in a victim’s computer. They can act as a “back door” entrance onto your computer and provide information for the person who put them there. These tools have been especially designed to allow malicious processes/applications to run on your computer but evade detection.

Spyware is any technology that assists in collection of information about a computer user without their knowledge. Spyware is software that is put in someone’s computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a virus or as the result of installing a new program. If you have some annoying advertising that appears on your computer all the time you are likely infected with a spyware application.

Trojan is a software application that installs malicious software while under the guise of doing something else. These are nasty things to get infected by and are used to steal data from you as you use your computer!

Virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus can only spreadvirus internet worm from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium such as a CD, USB drive or by the Internet and eMail. Not all viruses are harmful BUT they all cause problems on the infected PC.

Worm is similar to a virus but with a different implementation. It is a self-replicating computer program. It uses a network to send copies of itself to other PC’s and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms can bring a PC down to the point where it is impossible to use it because it it too slow. Worms can also harm a company network by consuming most of the available network bandwidth, so that the connected PC’s can not speak with each other.

A zero-day exploit is the one that takes advantage of security vulnerability on the same day that the vulnerability becomes generally known. Ordinarily, after someone detects that a software program contains a potential exposure to exploitation by a hacker that person or company can notify the software company and sometimes the world at large so that action can be taken to repair the exposure or defend against its exploitation.

Zombie is a program that secretly takes over another Internet attached computer and then uses that computer to launch attacks that are difficult to trace. Zombies are typically used in denial of service attacks (DOS), typically against targeted Websites. 10,000 zombie PC’s can be used in a single attack! What usual happens is a criminal gang will approach the “owner” of the zombie PC’s and pay them to perform an “attack.”

However you can generally remain safe if you:

Use an up to date AntiVirus package, AntiSpyware package, make sure your Windows Firewall is on and have Windows Updates set to automatically receive any updates from Microsoft as they become available.

In addition if you have not yet moved to Internet Explorer 7 or FireFox 2, from an older version, do so now!

Its a great concept! A site where people can share invites for different web services which are invite-based only. Instead of searching for invites on the web or waiting for an invite you requested from that particular site, you can go to InviteShare.com and request an invite, and usually you will soon be invited by one of the users.

But the downside is that there is no provision to protect the privacy of users. Once you request an invite, your email address will be visible to anyone who holds an account at the site. Now imagine what happens if a spammer gets hands on your email address. In fact, people have reported an increase in spam in their inboxes after they signed up at InviteShare. Well, every good thing has its price. So are you going to request an invite again at InviteShare?

A new Trojan has been talking PCs into being infected, while it simultaneously deletes all the files on the computer and gets away by wishing you a nice day.

The BotVoice.A Trojan, detected by PandaLabs, uses Windows text reader to say, “You have been infected I repeat you have been infected and your system files have been deleted. Sorry. Have a nice day and bye bye.”

These comments are repeated in a loop as the trojan tries to delete all the files in the computer’s hard disk. It also renders computers unusable as it modifies the Windows registry so that none of the programs installed on the computer nor the task manager can be run. It also disables the Windows registry editor in order to safeguard its actions.

This trojan uses P2P networks, physical storage devices, such as USB memory sticks, floppy disks or CD-ROMs, and downloads performed by other malware or from malicious web pages, to look for victims.

PandaLabs has warned that in cases of a new and previously unknown Trojan like BotVoice.A, the infection will not be prevented by traditional antivirus software, which relies primarily on signature files of known malware.

More information here

Security experts have warned of a newly intercepted worm that carries its malware payload in a file purporting to be a copy of Harry Potter and the Deathly Hallows.

The Hairy-A worm can automatically infect a PC when users plug in USB drives, which carry a file posing as a copy of the eagerly anticipated book.

If the users have allowed USB drives to ‘auto-run’ they will see a file called ‘HarryPotter-TheDeathlyHallows.doc’. Inside this Word document is the simple phrase ‘Harry Potter is dead’.

The worm looks for other removable drives to infect and attempts to create a number of new users on infected computers.

These ‘new users’ appear as the main characters from J K Rowling’s celebrated series, namely ‘Harry Potter’, ‘Hermione Granger’ and ‘Ron Weasley’.

After logging in, users are shown the following message via a batch file:
‘read and repent
the end is near
repent from your evil ways O Ye folks
lest you burn in hell…JK Rowling especially’

The worm’s final trick is that every time infected users open Internet Explorer, they will find their start page has been redirected to a spoof Amazon.com web page selling a book entitled ‘Harry Putter and the Chamber of Cheesecakes’.

So do not download any such file and keep your system secure with daily antivirus updates.