Much of the confusion around the different types threat arise from the difference between focusing on what each one is and what each one does.
Phishing scams
Phishing attacks take many forms – malicious emails, fake web forms, pharming – but the ultimate aim of each is to gain access to private information. At the heart of phishing attacks is deception. Each attacker is attempting to convince you they are a person or brand you are familiar with.
– Read our in-depth guide to phishing scams and how to avoid them.
Ransomware
Ransomware, for example, will hold your most sensitive (or indeed, all) your files hostage until you pay a ransom, but it could get onto your computer via a trojan, virus or worm.
Worms
Much like viruses (and arguably a sub-class of them), worms differ in one key way: viruses require an action on the part of the user for them to spread, or for the initial infection to take place. For example, receiving a malicious file attached to an email would require you to open the file for a virus to execute.
Worms, on the other hand, need no such interaction and can happily replicate and spread to different computers (on a network or via a USB key, for example) with no warning whatsoever.
This makes worms potentially more dangerous than viruses, trojans or other malware, as they're harder to contain.
While traditional anti-virus software will take care of a lot of the better-known viruses and trojans, the ability to replicate itself to networked resources without any interaction makes containing a worm a much harder task.
Doxing
In a doxing attack, hackers publicly release personal information about one or more individuals. In 2011, a hacking collective associated with Anonymous posted the names and addresses of dozens of LAPD officers online after accusing the department of shutting down the Occupy L.A. Movement. In 2015, Anonymous itself then released the names of hundreds of people allegedly associated with the Ku Klux Klan.
A US hacker, Mira Islam, was sentenced to two years in prison in 2016 after posting the names, addresses and phone numbers of dozens of celebrities including Michelle Obama, Jay Z and Ashton Kutcher. The US Department of Justice said the information was used by "countless others" in subsequent fraud attacks.
Baiting
Baiting attacks exploit the curiosity or greed of unsuspecting victims. A hacker may plant a USB stick loaded with malware in the lobby of a business. If an employee then put that USB into their work computer – perhaps because it had the logo of a rival company on it – it could install malware onto the company's internal computer network. Emails with intriguingly named files attached, or websites that offer free downloads, may also be baiting scams designed to trick people into downloading viruses onto their computers.
How to keep yourself safe
If you've ended up at this page and already have a virus, trojan or worm on your computer, you'll need some help to remove it.
GCHQ recently gave WIRED five top tips on staying safe online.
As ever though, prevention is the best medicine, so be sure to keep your anti-virus and other software up-to-date.
This article was originally published by WIRED UK
