Table Of Contents
Advanced persistent threat
Adware
AES 256-bit encryption
Anti-theft tools
Botnet
Browser hijacking
Browser trackers
Clickjacking
Denial of service attack
Drive-by download
Email spoofing
Exploit
Firewall
Hacker
Identity theft
In-the-cloud detection
Internet Service Providers (ISPs)
Keylogger
Malware
Man-in-the-middle attacks
Phishing attack
Potentially unwanted application (PUA)
Ransomware
Rootkit
Scam
Security breach
Social engineering attacks
Spam
Spyware
SQL injection
Trojan
Virus
VPN
Web anonymity
Worm
Advanced persistent threat
What is an advanced persistent threat (APT)?
These are elaborate, multi-step targeted attacks aimed at infiltrating a specific network, such as governmental institutions or companies.
How they spread
APTs are designed to evade detection and usually involve malware attempting to exploit vulnerabilities.
What they are after
Unlike hit-and-run attacks, APTs exploit vulnerabilities to get in, and once inside, the attacker monitors traffic to steal the desired information. In this respect, APTs are to antivirus what stealth aircraft is to radar; they aim to remain undetected as long as possible in order to siphon off intellectual property, computer source code, and financial assets.
Known cases
Some of the most high-profile cases of advanced persistent threats targeting companies include Adobe, Google, Lockheed Martin, and Sony.
Adware
What is adware?
Adware stands for “advertising software”, a program that displays banner ads and/or pop-ups on devices without permission.
Adware distinguishes itself from your typical in-product ads, in-app banners, and service-supported ads in the following ways:
- The software, which displays the ads, was installed without your explicit consent (often unnoticed during the installation process).
- The adware hijacks your web browser and redirects you to third party websites.
- Sensitive information related to your web browsing and purchasing habits is collected without your knowledge and consent.
How adware spreads
Adware is usually installed by users or bundled with other software (in exchange for using free software or as a default install option).
What is it after?
Adware generates money for those who control them either directly via purchases of advertised products, or indirectly via the sale of collected information and resold to ad networks. In certain cases, adware can redirect to malicious websites, in which case, it is referred to as malvertising.
The harmful by-products of adware include slowing down your computer, hogging your bandwidth, invading your privacy, and potentially redirecting you to malicious websites.
How to remove adware
Avira Free Antivirus protects you from adware.
AES 256-bit encryption
What is AES 256-bit encryption?
AES stands for Advanced Encryption Standard, which is the norm used worldwide to encrypt data.
256 refers to the key size – the larger the size, the more possible keys there are. To understand the magnitude of the effort it would take to try all possible combination keys, 256-bit encryption offers more combination possibilities than there are stars in the universe (a septillion or 1024 stars), and would take more years by billions of computers to crack than the age of the universe (13.8 billion years).
Avira uses 256-bit encryption to protect the confidential data of its customers.
Anti-theft tools
What are anti-theft tools?
A number of mobile security apps offer tools to help users find lost phones and prevent thieves from accessing information on stolen phones.
Below is a list of anti-theft tools to be found in a number of mobile security apps:
- Phone finder: pinpoints a phone’s location on a map
- Remote lock: an online dashboard that enables users to remotely lock a phone
- Remote yell: triggers a loud sound to help users find a misplaced phone, or scare and identify thieves
- Owner prompt: displays on the phone a notification to the person who finds it, making it easy for them to contact the owner
- Data wipe: remotely resets the phone to factory settings.
Avira Antivirus Security for Android offers these anti-theft tools.
Botnet
What are botnets?
A botnet is a connected network of computers – usually controlled by a command and control center – that communicate together in order to accomplish certain tasks. Although not always malicious, they are frequently used for illicit activities.
What they are used for
Where bots are used for illegal pursuits, the botnet is usually operated by a hacker, who then takes control of other computers within the network, referred to as zombies.
Computers that are part of a botnet are used to send spam, carry out denial-of-service attacks, and even transfer funds for criminal activities. The hacker can also sell the services of the botnet to send spam. This enables spammers to avoid detection (the emails are not coming from their servers), and cut down on costs, as the owner of the infected computer will be paying for the Internet service.
Known cases
High-profile botnets that have been shut down include Grum (which was responsible for 26% of spam traffic between 2008 and 2012), GameoverZeus, ZeroAccess, and Kraken.
How to block botnets
Avira Free Antivirus protects you from botnets.
Browser hijacking
What are browser hijackings?
These are unwanted changes to the default homepage and search engine in an Internet browser without a user’s permission.
What they are used for
They are used to redirect web browsers to sites that users didn’t intend to visit, generating money for their authors via this forced web traffic.
How to block browser hijackings
Our premium protection secures our customers against browser hijackings.
Browser trackers
What are browser trackers?
These are tags on web pages that collect information on a user’s online habits and preferences.
Tags write out scripts, and these scripts develop cookies that are stored in web browsers. These are tracked by websites to better understand user behaviors. Although cookies have a number of positive aspects, such as remembering logins and letting users resume where they left off in a previous session, they can be invasive.
For example, online vendors can build customer profiles, thanks to tracking technologies. This wouldn’t be problematic if they restricted themselves to the information customers voluntarily shared while on their website. However, when partnering with ad networks, these vendors share information across the network to build more detailed profiles. That’s how after visiting a product on Amazon, a user can later see an ad for it on Facebook.
How to block browser trackers
If you are keen to restrict the amount of information companies can collect, Avira offers a browser tracking blocker integrated in its free extension: Avira Browser Safety.
Clickjacking
What is meant by clickjacking?
Clickjacking are attempts to trick users into clicking on malicious links hidden within legitimate-looking videos, images, and articles.
A clickjacked link could redirect users to an infected website, a phishing site, online scam, or spam. Alternatively, a clickjacking attempt could induce a user to unknowingly post a promotional or harmful content on their LinkedIn profile or Facebook page.
How to prevent clickjacking
Our premium protection blocks infected and phishing websites, which users are being redirected to from clickjacked content.
Learn more about our premium protection
Denial of service attack
What are denial-of-service attacks (DoS)?
These are attempts to overload a server with requests so that users can no longer access it. These attacks are not intended to steal or compromise data – they aim to shut down a service altogether by flooding it with useless traffic.
Here is a list of varying (colorful) types of DoS attacks:
- Buffer Overflow: transfers more data than a buffer can handle, causing an overflow. This overflow contains hidden instructions that corrupt the system.
- Ping of Death: sends ping requests, which are larger than the size IP allows
- Smurf Attack: pings are sent to an IP broadcast address as if they originated from a targeted victim. These pings are magnified and echoed back to the victim. In sufficient volume, they can bring down a server.
- TCP SYN attack: these are requests that cannot be completed, and therefore pile up in a queue. In sufficient quantity, they too can bring down a server.
In order to leverage the required volume of traffic to overload a server, botnets are frequently used. In this case, the attack is referred to a distributed denial-of-service attacks (DDoS).
Drive-by download
What is a drive-by download?
This often refers to the unintentional and automatic download of a malicious file onto a computer just by visiting an infected webpage, from clicking on a link from an email or by clicking on a pop-up window.
Most websites affected by drive-by downloads are legitimate everyday websites, and are themselves the frequent targets of an attack. When a user lands on an infected page, the browser downloads malicious software.
How to block drive-by downloads
Our premium protection includes advanced web protection, which blocks infected websites before they load.
Email spoofing
What is email spoofing?
Email spoofing refers to a sender address that is forged to make it look as if it came from someone else.
This is a common technique used by phishing attacks, spam, and malware to make their emails appear to be coming from legitimate sources, such as governmental authorities, insurance companies, and banks. They will frequently contain requests for confidential information, such as social security numbers or banking details, and requests to reset passwords.
Exploit
What is an exploit?
These are attacks that take advantage of vulnerabilities in order to access or infect devices, including PCs, Macs, and smartphones. Zero-day exploits often refer to vulnerabilities, which are identified before the software developer was made aware of it. These vulnerabilities tend to be closed when software is patched or a new version is released, which addresses the security vulnerability.
Known cases
Some of the most high-profile exploits include Heartbleed and the iPhone vulnerability that enabled the FBI to access a locked phone.
How to prevent security exploits
To guard yourself against vulnerabilities, ensure your software is frequently updated, or use a tool such as Avira Software Updater, which updates critical software automatically as soon as a new release is made available.
Firewall
What is a Firewall?
Firewalls are a set of rules designed to prevent the unauthorized access to a private network.
Firewalls are frequently used to protect information shared on an intranet, which scans all messages moving in and out of the network and blocks those that do not abide by the established security criteria. They are also used to block attempts to gain unauthorized access to a computer by enforcing secure authentications certificates and logins.
Firewalls are usually considered a first line of defense in the protection of confidential information. Further lines of defense usually entail encryption via a VPN solution.
Hacker
Denotes an individual with outstanding programming skills. Although frequently used to denote criminal activity, the term itself is agnostic.
Hackers are frequently divided into 3 categories: Black Hat, White Hat, and Grey Hat.
- Black Hat hackers are computer programmers who use their skill for illicit activities, such as developing malware.
- White Hat hackers, on the other hand, are frequently hired by companies with the explicit purpose of testing their network defenses.
- Grey Hat hackers are a more elusive community usually associated with hacktivism, a hacking activity driven by political or social motivations. The prominent Anonymous group is often thought of as a community of Grey Hat hackers.
Identity theft
What is identity theft?
Identity theft is the unlawful adoption of another person’s personal information with the objective of committing fraud or theft. Although digital identity theft typically targets corporations, it is also occasionally encountered by individuals.
Every downloaded file, stored credential, and visited website leaves traces – even after deleting the bin and clearing the browser history. Together, they paint a picture of who the user is as a consumer, a taxpayer, or a shopper. By collecting this information, identity thieves are able to impersonate their victims.
Names, social security numbers, addresses, photos, credit card numbers, birth certificates, and passwords are the key targets of identity theft. Stealing a wallet is one way of getting ahold of the confidential information. Sending phishing emails or using keyloggers, rootkits, and spyware are increasingly common.
How to reduce the risk of identity theft
Avira security bundles shields its users against phishing attacks and malware. It also includes a variety of privacy tools to remove all traces of online activities.
In-the-cloud detection
What is in-the-cloud detection?
This is a type of scanning, which takes place in the cloud: the digital fingerprint of unknown files are uploaded anonymously and scanned in real time.
The Avira Protection Cloud leverages this groundbreaking technology, and acts as our early warning system, whereby unknown files are scanned and the results are quickly distributed to our entire user base.
In-the-cloud detection gets more powerful with every user, increasing its ability to quickly disseminate information on new malware outbreaks, which is why we integrate it in Avira Free Antivirus as well as our premium products.
Internet Service Providers (ISPs)
Protect your privacy from Internet Service Providers (ISPs)
A new bill has just been signed into law in the US, allowing ISPs to sell private browsing information.
This may include:
- Where you shop and bank
- Whether you have debt
- Indications as to your possible health conditions
What you can do to protect your privacy
We recommend you use both a VPN and a private browser – the former creates a secure and private connection between your device and the server, while the latter encrypts the final leg of the journey — namely between the server and the websites you visit. It’s the optimal combination to ensure a great balance between experience and privacy.
Avira Phantom VPN
- Prevents ISP from knowing what websites you visit.
- Includes additional safeguards to ensure that at no point will your private information be visible (anti-DNS leaks and a built-in fail-safe)
Keylogger
What are keyloggers?
Software or hardware that tracks everything a user types, including usernames and passwords.
How they spread
Keyloggers commonly infect users via email attachments and infected websites. They can also be downloaded and installed by other malware already present on a victim’s machine.
What they are after
Keyloggers intercept a user’s keystrokes. They can be used legally, for example, by businesses to monitor what their employees do, but are frequently used for illicit purposes to capture sensitive information.
How to block keyloggers
As keyloggers primarily target passwords, we recommend you use two-factor authentication for your critical services, such as online banking accounts and email. To detect and remove keyloggers, use security software, such as Avira Free Antivirus.
Malware
What is malware?
Malware is a Portmanteau term comprised of “malicious” and “software.” Although frequently used interchangeably with “virus,” it encompasses a much broader range of threats, including adware, keyloggers, rootkits, spyware, Trojans, viruses, and worms.
How to block malware
Avira Free Antivirus offers award-winning protection against malware.
Man-in-the-middle attacks
What are man-in-the-middle attacks?
These are attacks that intercept communications, and either alter them or redirect them away from their intended recipient. A typical example of a man-in-the-middle attack involves unencrypted communications over a public WiFi, such as at an airport or a coffee shop.
How to block man-in-the-middle attacks
To protect users from man-in-the-middle attacks, Avira Phantom VPN encrypts all communications, ensuring that even if they are intercepted on a public WiFi network, the communications are unreadable.
Learn more about Avira Phantom VPN
Phishing attack
What are phishing attacks?
These are attempts to capture sensitive information by cybercriminals masquerading as banks, social media platforms, and other official entities.
How phishing attacks work
A typical phishing attack might entail email spoofing whereby the attacker poses as a reputable organization. The email will typically include a link that takes users to a fake website, which continues the masquerade of posing as an authoritative entity. On the website, one might be asked to reset a password or enter a social security, credit card, or phone number. The cybercriminal then captures these confidential data.
Alternatively, the phishing email might include an attachment. When the attachment is clicked on, a malicious file is downloaded from the Internet. The file then infects a user’s device.
Our premium protection guards users against phishing links and scans emails for malicious attachments.
Potentially unwanted application (PUA)
What are potentially unwanted applications (PUAs)?
These are hidden applications, unknowingly downloaded alongside legitimate apps, which clutter your PC with ads, hijack your browsers, slow down your PC – and frequently collect data on what you click on.
How they spread
PUAs often get onto user’s PCs via social engineering tactics; legitimate applications trick the user to install additional software.
This tend to be done via:
- Writing up a misleading description of the software
- Claiming that the installation of additional software is mandatory
- Installing additional software by default
- Tricking the user into taking unnecessary actions
What they are after
PUAs can be extremely irritating. Among other things, they can collect information about your surfing habits and then transmit it to third parties without notification or consent. They can also hijack browsers to change default settings (search engine and start page).
Known cases
Some of the most commonly encountered PUAs include OpenCandy, InstallCore, and Media Get.
How to block PUAs
To protect yourself from PUAs, consider the following guidelines:
- When downloading any software/app, be on the lookout for any pre-checked option boxes.
- When it comes to terms and conditions, always read at least the title above the fine print to ensure that the terms are for the specific program(s) you want to download.
- Read through the information in the top navigation bar of an installation wizard to catch names of unwanted programs.
- Avira Free Antivirus blocks PUAs – even if you didn’t read the terms and conditions!
Ransomware
What is ransomware?
There are two types of ransomware: crypto-ransomware that encrypts files (rendering them unreadable), and screen-locking ransomware that locks the home screen. In both cases, the authors of malicious software demand a ransom from its victims to access the files and device.
How ransomware spreads
Ransomware is frequently spread via email: a cybercriminal sends an email with an attachment. The unsuspecting user opens the document (or java script file), which looks like gibberish. The document recommends enabling macros “if the data encoding is incorrect,” which, of course, it is by design. Enabling macros allows the ransomware to be secretly downloaded onto computers via a drive-by download.
What it is after
Crypto-ransomware then proceeds to encrypt all files it finds (images, videos, office files…). It even scrambles data on removable drives plugged in at the time. Now that all files are encrypted, the ransomware asks for payment in exchange for unscrambling them. Payment is frequently demanded in bitcoin and can cost up to several thousands of dollars. In the case of screen-locking ransomware, the malware locks the home screen – preventing users from accessing their devices – and similarly demands payment for regaining access.
Known cases
CryptoLocker, FBI Ransomware, and Locky are three cases of widespread ransomware that have infected millions of victims.
How to protect yourself from ransomware
We recommend you back up your data on a regular basis, so that if your data is ever encrypted, you still have access to them and you can wipe your hard drive if need be. To detect and block ransomware, use security software such as Avira Free Antivirus.
Rootkit
What are rootkits?
It’s a technique used by software to gain long-term access to a computer without having the required permission. Rootkits are typically installed by other malware to cover their traces. For example, a keylogger might siphon off passwords and credit card details, while the rootkit hides the traffic to keep the theft unbeknown to the user. Other cases involve Trojans that install a rootkit in order to create a botnet.
Known cases
Companies such as Sony have been known to use rootkits to track the spread of CDs online.
How to block rootkits
Most antivirus software detects and blocks rootkits. You can learn more about and download Avira Free Antivirus.
Scam
What is an online scam?
A scam is an attempt to trick an individual into paying or surrendering valuable information.
Below is a list of commonly encountered online scams:
- Love scam: fake profiles are created and online relationships are developed over time with a “soul mate.” Once the victim is hooked, the criminal claims to be in great need of financial assistance…
- Weight loss: miracle pills, revolutionizing creams, and groundbreaking equipment are all too common promises. The end products actually sold rarely meet expectations.
- Lottery winner: a user is selected as the lucky winner of a jackpot. The only tiny procedural step? A small check to cover tax fees and shipping costs…
- Nigerian Prince scam: now a classic, this scam announces to the user that their help is required in recovering large sums of money from an overseas bank. In exchange for a cut, all the user needs is to pay the transfer fees in advance…
The best defense against scams is a very healthy dose of skepticism.
Security breach
What is a security breach?
It is the unauthorized access of information on networks, servers, or devices, getting around security on those systems, ultimately resulting in data leakage.
Security breaches are usually used within the context of companies, organizations, or governmental institutions where security defenses were bypassed in order to access confidential information such as identities, email addresses, passwords, sensitive financial information, etc.
Known cases
Some of the most high-profile cases of data leakage include EBay, JP Morgan Chase, the US voter registration database, US diplomatic cables, the NSA prism program, and the Panama Papers.
How to mitigate risks associated with security breaches
Antivirus software, data encryption, password managers, Firewalls and employee training are the recommended to help prevent and mediate the effects of security breaches.
Social engineering attacks
What is meant by social engineering attacks?
These are attempts by attackers to trick their victims into performing a certain action, such as clicking on a webpage or opening an attachment.
How they work
Most social engineering attacks involve a multi-step process. For example, a user could be approached on Facebook and offered to click on a video, which has been clickjacked. The user gets redirected to an infected website which encourages the user to download a plugin to see the video. The download link includes malware and PUA installers that steal login details.
Spam
What is spam?
Spam is unsolicited emails, most often sent in bulk, and is the electronic equivalent of junk mail.
How do users end up on a spam list?
Email addresses are most frequently harvested from security breaches (i.e. users signed up for a service, and that company’s servers got hacked) or through the purchase of email lists from companies that users have an account with. Alternatively, hackers have also been targeting large email service providers with malware in an attempt to get ahold of their email lists.
Spam can be a lucrative industry, with large volumes of emails being sent out at relatively little cost to the spammers. At best, spam is an irritant, at worst, a security risk:
- Spam crowds inboxes, wasting users’ time.
- Spam can be used to distribute malware
- Spam can be a means of acquiring further confidential details (i.e. phishing)
- Spam can be used to disseminate scams (the famous Nigerian Prince scam)
How to block spam
Most online email providers now automatically offer an integrated anti-spam filter.
Spyware
What is spyware?
Spyware is software that secretly monitors and collects information.
Spyware can be used legally. Certain companies install it on their employees’ computers to monitor sensitive activities (in which case, it ought to be included in their contracts). It is also included in some parental control programs, which can work in a similar fashion to keep a watchful eye out for cyberbullying.
What it is after
In most cases, however, spyware is used to steal credit card details or passwords for banking websites and serial numbers.
How to block spyware
Avira Free Antivirus protects its users from spyware.
SQL injection
What is an SQL injection?
An SQL injection is an exploit that takes advantage of vulnerabilities in a database to inject code. This technique is used by cybercriminals to embed malware in legitimate websites.
When entering forms on a page, the entries get stored in a database using the SQL computer language. A vulnerability in the code might enable an entry in a form field to send a command to the database. For example, this might allow cybercriminals to enter a command that would reveal the contents of that database, including email addresses, usernames, and passwords.
A number of free web applications are available to scan websites for vulnerabilities. If you are the owner of a website which contains a form entry field that stores information, we recommend you run a scan.
Known cases
A number of universities were the target of SQL injections, notably John Hopkins University, which announced that their Biomedical Engineering servers had fallen victim to an SQL injection. A number of governmental and international institutions have also been attacked in China, Türkiye, Japan, the UK, and the UN.
How to block infected websites
To protect our users, our premium protection includes advanced web protection, which blocks infected websites.
Learn more about our premium protection
Trojan
What is a Trojan?
Trojans are malicious programs that misrepresent themselves to appear routine or helpful, but actually carry out hidden functions.
How Trojans spread
Trojans frequently spread via email, pirated software applications, license key generators (Photoshop is a grand favorite), drive-by downloads, and phishing attacks. One of the most dangerous Trojans was Zeus, a banking Trojan, which stole confidential banking information. Zeus spread on both computers and mobile devices, and was reported to have infected millions of users and stolen millions more from private and corporate banking accounts. Trojans also frequently install backdoors that allow computers to be remotely controlled, either directly or as part of a botnet.
Known cases
The Zeus Trojan was one of the most successful malware created, having stolen approximately 47 million dollars. Other notable cases include Shedun, which at its height, infected approximately 2000 users per day, and Tiny Banker Trojan, which as its name suggests, is one of the smallest Trojans ever created and therefore difficult to detect.
How to block Trojans
To guard against Trojans, we recommend being vigilant as to what email attachments you open and what web links you click on. And of course, Avira Free Antivirus protects you from Trojans.
Virus
What is a virus?
Computer viruses are self-reproducing malicious software that wreak havoc on devices and spread from one file to another, then one device to another, frequently via email attachments, drive-by-downloads, and USB drives. Viruses need human action to spread.
What they are after
Most viruses attach themselves to executable files, but on occasion, they also affect MS Office macros, auto-run scripts, and the master boot record. Viruses are largely disruptive in nature: they display irritating messages, disrupt the functioning of a device, corrupt files, or delete them altogether. In certain cases, viruses can also steal information.
Known cases
- The Concept Virus that was accidentally shipped on a CD-ROM by Microsoft in 1995.
- Chernobyl virus used to strike every year on April 26, marking the anniversary of the Chernobyl nuclear accident.
- The Melissa virus, which spread via email and allegedly caused $80 million in damage.
How to block viruses
Avira Free Antivirus protects you from viruses.
VPN
What is a VPN?
VPN stands for virtual private network. It protects your privacy and security while online by encrypting your traffic.
Particularly handy while using public WiFi hotspots, VPNs not only encrypt the traffic between devices and websites, but they also help preserve web anonymity. VPNs are frequently used to bypass blocked regional content by giving users a choice of exit servers: by using a web proxy server, the VPN can fool websites into thinking the user is accessing it from a different country.
Avira Phantom VPN offers both free and paid versions.
Web anonymity
What is web anonymity?
This refers to the ability of users to hide their online identities, including their IP addresses and geographic locations. There are several ways to enhance one’s online anonymity:
- Web Browser: using a secure and private web browser can block companies from tracking online users.
- Email: most emails nowadays encrypt emails, but few allow users to sign up without relinquishing certain private information. Some, such as Thunderbird, are more privacy-focused than others.
- Instant Messaging: a number of instant messaging clients on computers and mobile devices encrypt communications to prevent them from being read by unauthorized third parties. Adium, Pidgin, and Signal are three such services.
- Web connection: when connecting online, users are assigned IP addresses, unique to their devices. Based on this IP address, it is possible to determine the following information:
- The city
- Time zone
- Zip code
- User’s likely demographic, based on government census information
- The name of the organization that owns the IP
- Whether the user is on a mobile network, and if so, who the carrier is
Avira Phantom VPN enables users to hide their IP addresses.
Worm
What is a computer worm?
Worms are malicious programs similar to viruses: they cause havoc on devices and are able to self-replicate.
What they are after
Unlike viruses, which need human action to propagate, worms are able to send out hundreds of thousands of copies of themselves via email, or spread via USB devices and shared folders.
Known cases
Some of the most high-profile cases of worms include:
- ILOVEYOU, which spread via email and caused businesses over 5.5 billion dollars in damage
- Stuxnet, which attacked Iranian nuclear centrifuges, and was spread via USB devices
- SQL Slammer, which slowed down the Internet for a brief period of time by attacking Internet hosts
- Blaster worm, which forced computers to repeatedly and automatically reboot
How to block worms
Avira Free Antivirus protects its users from worms.