Some people tell me, “I’m not really too concerned about hackers getting on my computer… there’s nothing on there that anyone would want anyway!”
Your computer has value to a cyber-criminal in a variety of different ways that you might not even be aware of.
Here are a few things the bad guys could do with your computer:
1. Using your online buying and selling accounts
Before you say, “I really don’t do much of that” think about purchases you have made in the past. If you have ever purchased anything through Barnes and Noble’s website, Amazon, eBay, or any other online retailer, you have an account there. A lot of these companies even offer the convenience of storing your payment information in their servers, so that you can make purchases without typing out your credit card number each time (like Amazon’s “One Click” ordering process).
How this could be used: The thief could log in to your eBay account. First thing he would do is change the email address on file, so that any notifications would go to an email account that he controls (so you don’t see that anything is happening). He then sets up a fake auction for an expensive item along with instructions that payment gets sent to him, not to you as the eBay account owner. It’s even better for him if you have had the account for a while and built up a good positive feedback rating. But when people have paid and then don’t receive their item, they will be coming to you for an explanation.
2. Using your email
Oh, you only use your email for chatting with friends and family, right? You would never send any confidential or critical information by email, since it’s not secure. But what if someone with malicious intentions got control of your account? Anything that got sent out would seem, for all intents and purposes, to be coming from you.
How this could be used: Think about all the people in your email contacts list – friends, children, other family members, co-workers, other people. What if you sent every one of them an “emergency” email, explaining that you are stranded somewhere (even in another country), you had your cash stolen, and you just need a few hundred dollars to check out of your hotel and get back home. Probably most of them would know that something was amiss. But this is actually a common scam, and a certain percentage of recipients fall for it. They send the money via Western Union, the scammer collects it, and that cash is gone forever.
3. Using your credit card/debit card info
You might be very careful to instruct the online stores where you shop to NOT store your credit card information. You make sure to not keep your card numbers saved on any documents in your computer. These are what some people see as obvious precautions to take. But without proper protection, your card info is still at risk.
How this could be used: Obviously we know that if someone gets your credit card information, it can be used to make fraudulent purchases or cash advances (at least until you discover it and report it). But how would they get this information? Keylogger software. A keylogger runs silently in the background, recording every keystroke you make on your computer. So when you type in your credit card number, it is stored and sent back to whoever had the keylogger program installed. That’s when the shopping spree begins!
4. Using your computer for a DDoS attack
“DDoS” is an acronym for Distributed Denial of Service. When you have this little malware program installed on your computer, you don’t even see it running – in fact, your computer appears to be functioning fine. But on command, that software can direct your computer to visit a particular website on a specific day and time. You probably wouldn’t notice anything happening then either.
How this could be used: You know how sometimes you go to a website and if it’s a really busy time of day and a lot of other people are visiting the same site, the website becomes really slow? This is sort of the same process that criminals use to overwhelm a website with so much traffic that it breaks and is no longer working on the web. So how do they send all that traffic to a particular website? By having their little program secretly installed and running on hundreds of thousands of computers. When all of those computers go to the same website at the same time, the site can’t handle it and just shuts down (computers like that are called “Zombies” or “bots”, and the group as a whole is commonly referred to as a “botnet”). Your computer could be a part of that and you might never know it.
5. Using your computer for illegal purposes
It’s not pleasant to talk about, but your computer is capable of accessing things that you would never want to be involved with. If someone wants to get into activities that are completely illegal, they obviously would not want to use their own computer because it could eventually lead back to them getting caught. If they have control of your computer, they can use it instead – so the authorities come knocking on your door with a few questions for you to answer.
How this could be used: If the FBI came to you with evidence that your computer’s IP address was used in distributing or selling child porn, what would your response be? “Oh no, Mr. FBI Agent – there has been some mistake! My computer has not been used for that!” Or the scenario could include illegal gambling activity, maybe some threats to assassinate a public official, or plans to commit a terrorist act. If any of this is traced to your computer, you will be faced with the expense of hiring a lawyer just to defend yourself.
How do you prevent your computer from being infiltrated by any of this? Proper security software, and good habits.
For security software, I use and recommend 2 primary programs:
1. My antivirus program is Microsoft Security Essentials. Get it here. It’s free and does a great job.
2. My antispyware program is Malwarebytes – the paid version, not the free version. Get it here. It will run all the time, blocking a lot of bad stuff from coming in to your computer, and also blocking you from inadvertently visiting a malicious site that will infect your computer.
As far as “good habits”, that is mostly common sense. Don’t click on a link unless you know where it will take you. Don’t download something free from the internet unless you know it is legitimate. Don’t let any downloaded software install anything “extra” that you weren’t looking for originally. As a general rule of thumb, if you search Google for “free” anything, you will not be happy with the results.