Today, almost all hacking is done by professional criminals. In many countries, illegal hacking accounts for more crime, dollar-wise, than noncomputer crime. The United Kingdom recently joined that club.
Why is this important? First, if you find malware on your system, there's a good chance it's trying to steal your money. Second, no one is getting arrested anytime soon. If you lose anything to cybertheft, don’t expect to get it back -- most cybercriminals operate in foreign countries outside U.S. legal jurisdiction.
A friend’s Facebook account got hacked last weekend, probably because he gave up his password in response to a fake Facebook email. The hacker used my friend’s account to say hello to his Facebook friends and trick them into installing malware or sending money. My friend sent threatening emails to the hackers, telling them they messed with the wrong person and he would spend his last red cent making sure they got arrested. I have no doubt he gave them a good laugh.
In my nearly 30 years of fighting cybercrime, I’ve never heard of a victim getting money back from a hacker. Today’s world doesn’t work that way.
The good news is that arming yourself with basic information can drastically reduce the risk you’ll become a victim. Consider these four points:
1. Two starting points lead to the vast majority of attacks
Unpatched software provides the main entry point of entry for hackers or malware, in part because very few computers have the latest updates for every commonly hacked program. The victim surfs to a web page or opens an email, and their computer is instantly, silently compromised. The second-most-common attack method: The user gets tricked into installing a Trojan. Together, these two methods account for almost all successful hacks.
Sure, there are hundreds of other methods: SQL injection attacks, password guessing, and so on. But nearly everything besides unpatched software and downloaded Trojans is statistical noise. In fact, if you fix the main two issues, you almost don’t need to do anything else.
2. Trojans make up the biggest proportion of malware
Most malware can be broken down into viruses, worms, Trojans, or hybrids that combine features of two or more of those. Viruses spread by infecting other host files, which when run or accessed, fire off the malware program. Worms, once executed, are self-replicating; they don’t need someone to do anything once they are started.
Trojans don’t spread themselves. They rely upon each victim to execute the malicious program. The originating hacker must spread each and every copy to each victim separately, usually via email.
Why is this important? Well, unless the Trojan is ransomware, Trojans are easier to remove than the other malware types. Years ago most malware programs were viruses, and getting rid of them meant removing the virus from each infected host and trying to put back the legitimate program back to its original state. It was a hard to impossible task, and it significantly complicated removal and cleaning.
These days, because most malware programs are Trojans -- as long as they aren’t ransomware that hasn’t already locked up your computer -- you can identify the malicious programs and remove them (although Trojans may contain self-protection techniques to hamper removal). Still, there isn’t a malware removal pro or program that doesn’t mind messing with Trojans as compared to the other types of malware.
3. Most people give away their logon credentials
A significant percentage of users give their legitimate logon credentials to hackers every year. Typically this happens because the user is sent a phishing email that claims to be from the legitimate website asking for credentials -- or the user will lose the service.
Never give your logon credentials in response to an email request. When in doubt, go directly to the legitimate website and see what it tells you to do. Trust the website, not the email.
4. Antivirus programs are a necessary evil
Longtime readers know I don’t put a lot of faith in antimalware programs. Hackers create millions of new malicious programs each month, and signature-based antimalware can’t keep up.
That doesn’t mean people should disable or uninstall their antivirus program. They may not be 100 percent accurate, but they catch some malware, and for that alone, most computers should have one installed.
As I’ve reported several times in the recent past, I’m a big fan of periodically running running 57 antivirus programs all at once (and it's free!). A single antivirus program can’t be accurate, but 57 of them together do pretty darn well.