What can happen?
Internet users are at constant risk from different attacks and many people do not see the amount of damage such attacks can pose, if successfully performed. Some of the most widespread and dangerous consequences are:
- Identity theft – Criminals use login credentials of other people to for example perform purchases at their expense, access private files in cloud storages, register for exams on their behalf or send e-mails from their address.
- Exfiltration, manipulation or deletion of personal files – A very popular method for criminals at the moment is the encryption of personal files and demanding ransom for the decryption key afterwards.
- Remote control of computers – Criminals use infected computers for criminal activities like DDoS-attacks, sending spam e-mails or infecting other devices.
Which approaches do criminals use?
Malicious software
Malicious software, often shortened to malware, is software, which was created for criminal activities. There are many different types of malware, e.g. viruses (manipulate files or the operating system), spyware (used to steal personal information), Trojans (open back doors for attackers) or ransomware (encrypts personal files). Modern malware often combines multiple types and often can download additional parts for more functions. Infected devices are often combined to so-called botnets.
The infection of a device can happen in many ways. The most widespread method are infected e-mail attachments. Criminals try to hide malware in unsuspicious looking files, e.g. picture files, in e-mail attachments and try to persuade the user to open it. Websites can also offer infected files for download which often are disguised as some useful and free software for example. But not all infections need user interactions. Criminals can try to use security issues in software, like the internet browser, to infect computers as well. Sometimes they even manage to gain access over legitimate websites and replace files with infected ones. Less widespread but still possible are infections through external devices, such as USB flash drives.
Spam, phishing and more
Spam generally is defined as unwanted messages which are sent out on a massive scale. The term spam is derived from a Monty Python sketch about the canned meat called "SPAM" and was adapted as a synonym for "unwanted things in abundance". Spam messages can be distributed in many ways, e.g. by fax or SMS, but most spam is send out over e-mail. The authors, so-called spammers, distribute spam messages automatically, often by using infected computers (botnets). Such messages are mostly used for advertisement, scams, distribution of malware or phishing.
For advertisement or scams, spam messages usually advertise "sensational" or "incredible" products, such as new diet pills, or offers, e.g. methods to quickly and easily make lots of money. With many promises they try to lure you onto unknown, but often trustworthy designed websites to buy the advertised product or deposit money for the offer. Sadly such products or offers usually do not keep their promises or do not even exist and the paid money is gone for good.
The term phishing describes e-mails or websites which are specially created by criminals to gain information about users for identity theft. Phishing e-mails usually claim to be from an important company the user knows, e.g. banks, webshops or the WWU, and they often look deceptively real. In most cases the e-mail states some urgent problem (e.g. deletion of your account, confirmation for some activity or a request to change one's password) and urges the user to quickly take action. But this is just a false pretence to make the user access some phishing-website or open malicious attachments. Linked phishing websites are designed to look like the company's original websites and its address looks pretty similar to the original address, so that one can easily mistake it for the real address, for example https://www.uni-meunster.de instead of https://www.uni-muenster.de. Such fake websites often directly prompt the user to enter their credentials to continue. Sometimes criminals add pretended "security checks" or "information updates" to request additional information about the user, like one's address or credit card number. But every entered information is directly sent to the criminals and not to the company the user expected.
How can you protect yourself?
Only knowledge can help to protect from the threats on the Internet. Everyone using the Internet should follow some basic rules:
- Always be attentive.
- Only open expected e-mail attachments from known senders.
- Never reply to phishing-/spam-emails, just delete them instead.
- Always use encrypted connections (https instead of http in front of web-addresses) to prevent theft of credentials during transfer.
- Doublecheck the address of websites before you enter personal information or credentials. Especially check if the hostname ist correct (the part right before the .de/.com/...). University websites for example always use wwu or uni-muenster.
- Do not trust free offers or services. Such services can be illegal or sell/misuse personal information.
- Pay attention to privacy policies and general terms and conditions before registering on websites.
- The internet is no extralegal space. Respect the applying laws, especially the copyright law.
- Limit entered personal information to the required minimum.
Additional important security tips for several other topics regarding computer-usage can be found on the following pages.
Malware protection:
Useraccounts
Firewall
Antivirus
Backups
Encryption
Mobile Security
Phishing protection:
E-Mail Security
Credentials and Passwords
Security of Personal Data
Support from ZIV
The ZIV offers several services regarding the security topic:
Computer Emergency Response Team (WWU-CERT)
IV-Security Team