Skip nav to main content.

Online Security Threats

Internet Security Threats

This section addresses current and past online security threats. While the Internet is extremely important to consumers and business’s alike, it’s also a breeding ground for scam artists. Educating yourself will help protect you.

We hope that you will take the time to review each of our articles regarding the latest scams and security issues. There are many, and new ones crop up frequently, so be sure to sign up for security alerts [link to Member Security Alerts page] as well.


This current internet scam has gone mainstream and could be the most frightening of all. Why? Because even the most experienced Internet users could fall victim and not even know it.

It’s called pharming and involves extremely skilled hackers redirecting customers who do online banking to fake sites where they can steal passwords and other sensitive information about their accounts. And unlike phishing (a scheme where users click on links to e-mails and are redirected to fake sites), pharming captures a user on his or her way to the bank, credit union or credit-card firm.

What alarms experts most is that pharming can reroute thousands of Internet users at a time, making the impact potentially massive.

According to security experts, pharmers have two main ways of operating. They attack:

  • Users’ computers
  • Large servers that find Web sites for users

The first method sends virus-laden e-mails that install small software programs on users’ computer. Then, when a user updates personal information (i.e. aslogons, PIN codes or driver’s license numbers), the scammers use the information to steal identities.

The second method takes advantage of the fact that websites have verbal names but reside at numeric addresses on the Internet. Typically, when a user types in a website’s name into their browser, Domain Name System (DNS) servers read the name, look up its numeric address and take users to that site. However, pharmers jump in by changing the real site’s numeric address to the fake site’s numeric address and assault customers that way.

What’s the Solution?

Companies and big organizations can ease the threat of pharming by keeping their software up to date and patched. They can also install firewalls, filter for known scams, and watch for changes in Internet protocol addresses on their servers.

Additionally, anti-pharming software is underway, including products that will display security information and show users where a Web site is being hosted.

This newest scheme is much more clever and has a much greater potential to trick you. Although we have summarized it here, it’s a good idea to read this excellent USA Today piece thoroughly so you’ll be up to speed on some of the newest schemes hackers use to separate you from your hard-earned money.

Also, a word of caution: Never ever key in your password and login online in response to an e-mail, even if it seems to be from your most trusted vendor. Always call them first to confirm if the e-mail is legitimate, because it probably isn’t. Almost no reputable online business will ask for this information via e-mail.


Malware (from malicious software) is any type of programming intended to cause harm. Viruses, worms, spyware, and Trojan horses are the most common examples of malware. Among other things, a malware infection can: corrupt files, alter or delete data, distribute confidential data, disable hardware, deny legitimate users access, and cause a hard drive to crash. Frequently, malware is also designed to send itself from your e-mail account to all the friends and colleagues in your address book. The results of malware infection include wasted resources, compromised systems, lack of regulatory compliance, lost or stolen data, and the loss of user and client confidence.

Although each type of malware has defining characteristics, the distinctions between them are becoming blurred because blended threats are becoming increasingly common. Blended threats combine characteristics of more than one type of malware to maximize the damage they cause and the speed of contagion.

Typically, malware is distributed in one of three methods: by e-mail, either through a virus-laden attachment or code embedded in the message body; in an infected application; or through infected code on a Web site. Originally, removable media—typically a floppy diskette—was the vehicle most malware took to get to your computer, but now the vast majority of malware is distributed electronically. According to various reports, the amount of viruses currently transmitted by e-mail is 87-93%.

Many security experts believe that the newer communications channels, such as instant messaging and VoIP, pose a very serious threat to networks. According to Gartner Group research, 58% of network security managers stated that instant messaging poses the most dangerous security risk to their enterprise. Symantec Security Response predicts that the next major worm exploit will be IM-based. Furthermore, according to chief of research Eric Chien, every free IM client that the company has examined contains exploitable vulnerabilities.

How to keep yourself protected

  • Keep virus definitions up to date and run antivirus software on a regular basis, at home as well as at work. If your home computer, laptop, or handheld device is in contact with computers at work, poor security practices could put the whole network at risk.
  • Visit the Windows Update page frequently and download any advised security patches.
  • Check the security information and options in your Web browser and set the latter appropriately.
  • Never open questionable attachments. It pays to be suspicious, even if the message purports to be from someone you know. If an attachment is unexpected, verify with the sender before you open it. Because file extensions can be spoofed, don’t assume that a file is safe to open, even if it appears to be a text file.
  • Don’t even open messages that seem suspicious. Malware can be embedded in the content of the message itself. Some viruses, such as BubbleBoy, Kak, and Nimda can infect your computer as soon as you open a message.
  • Don’t preview messages. If you browse through your messages with the preview window open, in effect you’re opening each message that appears there. Viewing or previewing messages also encourages more spam. Many spam messages include a mechanism that informs the sender when a message is viewed. This confirms a live address, to which greater volumes of spam—some of it virus-laden—will be sent.
  • Use appropriately stringent security settings in your e-mail program. In Outlook, for example, under Tools > Options > Security > Secure content > Attachment security, set attachment security to High so that you’ll be prompted before opening attachments.
  • Watch out for social engineering attempts. Never give out passwords or other protected information; don’t leave them lying around (or on a sticky note affixed to your computer, for that matter, a surprisingly common practice).
  • If possible, opt to view messages in text only.

Browser Hi-Jackers

Browser hijackers are programs that alter your computer’s browser settings so that you are redirected to websites you had no intention of visiting.

Most browser hijackers alter default home pages and search pages to those of their customers, who pay for that service because of the traffic it generates. More virulent versions often: add bookmarks for pornographic websites to the users’ own bookmark collection; generate pornographic pop-up windows faster than the user can click them shut; and redirect users to pornographic sites when they inadvertently mistype a URL or enter a URL without the www. preface.

Poorly coded browser hijackers (which, unsurprisingly, are common) may also slow your computer down and cause browser crashes.


Worms are a virus variant that can infect a computer without any user interaction. A worm doesn’t alter files, but resides in active memory and duplicates itself.

Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.


Spyware is programming that is put into your computer to secretly gather information and relay it to advertisers or other interested parties.

Spyware can get in a computer as a software virus or as the result of installing a new program. Although not malicious in intent, spyware is often installed without your consent and even without your knowledge, as a drive-by download or as the result of clicking some option in a deceptive pop-up window. By the same token, adware, which usually includes spyware components, can also be considered malware.

Trojan Horse

In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.


In computers, a virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette, USB thumb drive, or CD. The immediate source of the e-mail note, downloaded file, or diskette you’ve received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect (“Happy Birthday, Ludwig!”) and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm.

Generally, there are three main classes of viruses:

File infectors. Some file infector viruses attach themselves to program files, usually selected .COM or .EXE files. Some can infect any program for which execution is requested, including .SYS, .OVL, .PRG, and .MNU files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly-contained programs or scripts sent as an attachment to an e-mail note.

System or boot-record infectors. These viruses infect executable code found in certain system areas on a disk. They attach to the DOS boot sector on diskettes or the Master Boot Record on hard disks. A typical scenario (familiar to the author) is to receive a diskette from an innocent source that contains a boot disk virus. When your operating system is running, files on the diskette can be read without triggering the boot disk virus. However, if you leave the diskette in the drive, and then turn the computer off or reload the operating system, the computer will look first in your A drive, find the diskette with its boot disk virus, load it, and make it temporarily impossible to use your hard disk. (Allow several days for recovery.) This is why you should make sure you have a bootable floppy.

Macro viruses. These are among the most common viruses, and they tend to do the least damage. Macro viruses infect your Microsoft Word application and typically insert unwanted words or phrases.

The best protection against a virus is to know the origin of each program or file you load into your computer or open from your e-mail program. Since this is difficult, you can buy anti-virus software that can screen e-mail attachments and also check all of your files periodically and remove any viruses that are found. From time to time, you may get an e-mail message warning of a new virus. Unless the warning is from a source you recognize, chances are good that the warning is a virus hoax.

Virus through Instant Messaging

Instant messaging, commonly referred to as IM, is a method of online communication like e-mail. Read on to find out how to avoid getting or spreading a virus when you use IM.

Understanding instant message viruses

Like e-mail viruses, instant message viruses are malicious or annoying programs that are designed to travel through IM. In most cases these viruses are spread when a person opens an infected file that was sent in an instant message that appeared to come from a friend.

When unsuspecting people open these files, their computers can become infected with a virus. Because of the virus, their computers may slow down or stop responding, or they may not notice any change at all. However, the virus might have installed a covert program on their computer that could damage software, hardware, or important files, and that may include spyware, which can track information entered on a computer.

A computer infected by a virus may continue to spread the infection by sending copies of the virus to everyone on your IM contact list. A contact list is the collection of IM names (similar to an e-mail address book) that you can store in your IM program.

5 steps to help avoid instant message viruses

As with most threats on the Internet, you can help keep yourself safe by taking basic precautions. If you know how to avoid e-mail viruses, you’ll already be familiar with many of these steps.

1. Be careful downloading files in IM. Never open, accept, or download a file in IM from someone you don’t know. If the file comes from someone you do know, don’t open it unless you know what the file is and you were expecting it. Contact the sender by e-mail, phone, or some other method to confirm that what they sent was not a virus.

2. Update your Windows software. Visit Microsoft Update to scan your computer and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them. For more information, visit the Protect Your PC site.

3. Make sure you’re using an updated version of your IM software. Using the most up-to-date version of your IM software can better protect your computer against viruses and spyware. If you’re using MSN Messenger, install the updated version by visiting the MSN Messenger Web site and clicking the Download Now! button.

4. Use antivirus software and keep it updated. Antivirus software can help to detect and remove IM viruses from your computer, but only if you keep the antivirus software current. If you’ve purchased a subscription from an antivirus software company, your antivirus software may update itself when you’re connected to the Internet.

5. Use antispyware software and keep it updated. Some IM viruses may install spyware or other unwanted software on your computer. Antispyware software can help to protect your computer from spyware and remove any spyware you may already have. If you don’t have antispyware software, you can download the new Microsoft Windows AntiSpyware (Beta) or another spyware removal tool.

Online Banking – A Better Security Bet?

On average, consumers who bank online discover ID theft or fraud faster than those who rely on paper statements to view their accounts. The average online banker will view his or her accounts twice a month or more, compared to offline bankers who view their paper statement an average of once every 30 days.

Reports of security breaches, hackers, and phishing scams have consumers running scared about online financial transactions. However, a study released in January 2006 by Javelin Research and Strategy shows that Internet-related fraud problems are actually less severe, less costly, and less prevalent than previously thought.

According to the study, identity theft victims who detected the crime by monitoring their accounts online lost only about $551, compared with an average of $4,543 when the theft was detected from paper statements.

The difference is that the longer it goes on before you detect the fraud, the more it will cost you, and you’re likely to discover it faster if you monitor your accounts online.

Online banking has grown steadily since first being introduced to consumers in the 1990s. More than 53 million Americans currently make some type of monetary transaction online, according to a study performed by Pew Internet & American Life Project, an organization that tracks the social impact of the Internet.

According to both the Javelin and Pew reports, growth in online banking is built on two trends.

The first is that Internet users are gaining more experience and, therefore, are more likely to participate in activities like online purchases and travel reservations.

Betty Reiss, senior vice president of media relations for Bank of America, says that when Internet banking was first introduced in 1995, banking customers made baby steps in their initial online banking attempt.

“Our customers traditionally started to bank online to look at transactions and move money between accounts. The next step was paying bills online. Once people tried paying bills online, they saw that it was easier and more convenient.”

The second trend is that banks are more aggressively offering online banking as an option for their customers, and they are offering it for free.

“Online bill pay from Bank of America has been a free feature for our customers since 2002,” Reiss says.

Reiss says Bank of America, which has the largest online-banking customer base in the United States, made bill pay free based on an 18-month analysis comparing online-bill-pay customers to offline customers. She says that over time, online-bill-pay customers had wider relationships and more loans with Bank of America, and stayed with the bank longer.

Still, even though banks have tried to make online banking attractive, some consumers refuse to take that route because of security fears.

But despite the series of recent security breaches, most bank-related crimes remain old-fashioned.

The Javelin study indicates that the most common source of misused information is a lost or stolen wallet, checkbook or credit card. More than 68 percent of ID theft and fraud occurred from offline means, compared to just 11.6 percent from online.

Paper statements from your bank, credit card offers and insurance claims also can be potential time bombs if someone, even your family member or friend, get ahold of them.

The Javelin study pointed out that in 26 percent of all cases of ID theft and fraud, the victim knew the person who had misused his or her personal information.

Bruce Cundiff, a researcher for Javelin Strategy and Research, says consumers reluctant to bank online face a greater threat of ID theft and fraud because they leave a paper trail that is easily accessed by thieves, family members and friends, which then gives them direct access to their important financial information.

Cundiff says, “Online banking gives consumers the ability to eliminate the physical statements, taking away the ability to get your information through that physical record.”

Age plays a factor in who banks online.

For consumers aged 25-34, 65 percent do their banking online. Compare that to only 34 percent of consumers 65 and older.

“I believe that older generations are so accustomed to traditional banking that they are reluctant to try something relatively new,” says Cundiff. “Also, because some older people are not familiar with the Internet and might find it overwhelming, they tend to stick with what they know and trust.”

Cundiff says that enhanced awareness campaigns about online banking, as well as Web sites specifically set up for seniors, are being offered by several banks.

The Javelin study shows that victims are more likely to discover ID theft through self-detection than through general notification by companies, debt collectors or the decline of credit.

On average, consumers who bank online discover ID theft or fraud faster than those who rely on paper statements to view their accounts. The average online banker will view his or her accounts twice a month or more, compared to offline bankers who view their paper statement an average of once every 30 days.

According to the latest findings by the Federal Trade Commission released on Jan. 26, 2006, Internet-related complaints accounted for 46 percent of all reported fraud complaints. Credit cards and money orders accounted for most of the Internet-related fraud complaints. Over 680,000 identity theft and fraud complaints were received by the FTC in 2005.

The FTC estimates that identity theft affects nearly 5 percent of Americans, costing businesses and individuals a combined $53 billion annually.

“We certainly say, that despite online safety, consumers need to update their security tools because fraud on the Internet is alive and well,” says Cundiff. “Just as traditional fraud and robbery has evolved over time, the same thing will happen online. Banks will have to evolve to keep the ever-present criminal out of their info.”

Federal financial regulators are requiring banks that offer online monetary-based transactions to tighten online access by the end of 2006. The Federal Financial Institutions Examination Council, along with five other banking regulators, issued guidelines in October 2005 detailing the security requirements in a 14-page report.

The report notes that current single-step authentication is inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties. Regulators say that a two-step authentication system should be the standard.

David Barr, a Federal Deposit Insurance Corp. spokesman, says that while the council offers the guidelines, it does not endorse any particular technology. Rather, the banks complete a risk assessment. Based on that assessment, they may or may not have to beef up security. The risk assessment will look at what type of information can be accessed online.

Barr says, “Banks can choose from a variety of security methods that provide two-factor authentication processes that verify customer identities. A two-step authentication process basically consists of combining a standard password with some other identity test that is harder to steal or fake.”

The use of two identity tests should make it more difficult for thieves to raid accounts.

Some banks may choose additional security based upon each customer’s risk assessment. Customers who just view bills online may have a low-risk security feature. Higher-risk customers who utilize online banking for several different types of transactions would receive a higher security feature.

Tighter security will be needed if the transactions include confidential information such as Social Security numbers, passwords or usernames, and credit card numbers.

A two-step authentication process is recommended for consumers who move money from account to account, pay bills online or view credit card accounts online.

Some banks are looking at computer fingerprinting.

Computer fingerprinting systems capture the serial numbers of computer parts, such as the hard drive. These numbers are used to generate a unique ID for the machine. Whenever a customer connects to a bank’s Web site, the bank’s online system recognizes the computer by the fingerprint and allows the customer to log on with a simple password.

If the customer does the bulk of his or her online banking from a particular computer, like a home PC, the fingerprinting system will establish that computer as authorized. However, if the customer logs on from another computer that is not recognized by the fingerprint system, the Web site will take the customer through a tighter sign-in process to verify his or her identity.

A key fob is another potential online security feature that provides two-step authentication. There are numerous types of key fobs that can be used. A key fob can be a physical object, such as a keychain or a device installed on a personal computer, that works with a customer’s PIN number. The key fob displays a randomly generated series of numbers, which change periodically, usually every 30 to 60 seconds. A user first authenticates himself on the key fob with a personal identification number, or PIN, followed by the current code displayed on the device.

It is easier for the owner to know if the key fob has been stolen than a password, since it is a physical object.

This type of technology helps if criminals are using spyware on your computer because it essentially locks people out of your account by constantly updating the information used to log onto a secure Web site.

Other security technology like picture recognition takes computer keyboards out of the transaction. Because spyware only records key strokes and not mouse clicks, your bank can establish picture recognition as the second step in accessing your account.

Finally, biometrics — thumbprint readers or iris scans — are yet another potential security feature that banks could utilize. This type of security tends to be more expensive that other types of technology, but could be used for high risk clientele who move large amounts of money between accounts.

“Online banking is growing and that is one of the reasons why we are issuing these guidelines,” says Barr. “We want customers to feel comfortable, plus banks have reputational risks if they do not sufficiently protect their customers, not to mention additional costs if security breaches occur.”

Barr goes on to say the FDIC, along with other financial regulators, expects banks to adhere to the guidelines.

Bank of America started offering its two-step SiteKey program to customers in June 2005. SiteKey is a multistep process that combines passwords with user-selected test questions and a digital system that “fingerprints” the user’s computer.

Barr says that added two-step authentication measures will not wipe out ID theft and fraud 100 percent, but it will help to ensure a safer banking environment that you cannot get through traditional banking means.

Article from CIO Today

© 2006 All rights reserved.

© 2006 CIO Today. All rights reserved.

We know members like friends.
We know their names, their families and their pets.