Security on the Internet
The Internet gains more popularity every day. This has made the world-wide web THE medium for the provision of products and services, resulting in a huge increase in order and payment traffic. Over the course of a couple of years the Internet has developed into a business worth billions, making it indispensable in our modern information society.
The rapid growth of this new medium and its popularisation, means most surfers are aware of the enormous opportunities of the Internet but not of the serious risks involved with surfing.
Below we will provide more information about a number of risks and how best to avoid them. But the responsibility, dear surfer, always lies with you. When someone on the street asks for your VISA card, you don't simply give it, do you? Well, why would you on the Internet then? The same applies to passwords, PIN codes but also your e-mail address or your telephone number. And this nonchalance of surfers is probably where the biggest problem lies.
When surfing the Internet we need to be aware of the major risks we run. Internet users need to be made aware of this and the dangers of the Internet need to be pointed out to them.
Possible security problems
Security problems on the Internet are the result of technical manipulations that can be broken down into three large groups:
- A first group consists of obtaining information from the surfer through deception by an external party. The deception therefore is not done by changing the data in the surfer's computer but by sending (misleading) information (e.g. copied e-mails of banks).
- On the other hand there is a security problem when the surfer's computer is violated by an external party in order to thus obtain access to the data of the unsuspecting user. Data can be exchanged in this way without the surfer noticing it. However, this method leaves tracks because it requires 'extra' programs to be installed on the computer.
- Some malevolent people try to block the Internet by overloading computers or Internet connections.
Often these techniques are combined. In this way Internet frauds try to manipulate surf behaviour by making very small and hard to detect changes in the software of other people's computers or they use the computer of an unsuspecting surfer to overload the servers.
1. Manipulation without access to the computer
This class of Internet manipulation tries to obtain something from the end user without getting access to his/her PC. These security problems might be the least dangerous but should certainly not be underestimated. They can result in theft, manipulation of confidential information and overloaded or crashed Internet systems.
Adware / Malware
Malware is a collective name for malicious and harmful software. It is a contraction of the words malicious and software. In addition to viruses, Trojan horses, worms and spyware, root-kits and back-doors are also termed as malware. Increasingly, different forms are combined. Adware is the collective name of all pop-ups and applications that display advertisements. Unfortunately some harmful variations send private information via the Internet without notifying the surfer of this. This variation is known as spyware.
Phishing
Phishing covers a wide category of fraudulent practices. The end user is directed to a specific website by an innocent looking pop-up or a warning e-mail. Typically this is an e-mail which notifies you that a certain account will expire, that your log in data was wrongly classified by a bank and you are kindly requested to follow the "link below". Often the pop-ups or websites are very good imitations of the original and you are requested to give your bank account number, your PIN code, VISA card details, or other confidential data and information that is immediately usable. Of course, the site to which you have been directed has nothing to do with the site where you think you are. The layout is the same, the URL seems to be what you expect, however ... you have been the victim of a "phishing attack".
Pharming
Pharming goes a step further than phishing. By breaching a number of secondary services such as web-caches and name servers frauds try to deceive the end user. Even if you use the correct URL, you still end up on the frauds' website. "Pharmers" can do this with a virus that changes the details in your name servers. When a URL is converted to an IP address you normally pass via the name servers you specified (or were specified via the DHCP of your provider). If a fraud is able to refer them to a name server he set up, he is able to control to which site you surf.
The "pharmer" changes the IP number in different ways.The most common way to change the IP number is via local DNS cache poisoning. The surfer goes to the website in question by entering a domain name that is linked to a specific IP number. To speed up the search in the future the computer saves these DNS results in the so-called cache memory (DNS cache). The next time the surfer wants to go to the www.dns.be website, the search will go quicker via the DNS cache.
Pharmers try to change the DNS cache via a Trojan horse or a virus, i.e. award a different IP number to a certain domain name (mijnbank.be). The next time you want to visit www.mijnbank.be, you will be directed to a perfect copy of the website where you unsuspectingly fill in your bank details, which can then be used by the pharmers.The IP number can also be modified by poisoning the DNS servers. The same system is used as with local DNS cache poisoning, but on a higher level, more specifically the servers of Internet providers, domain name registrars or registries.
The last form of pharming is less frequent because the servers of Internet providers, domain name registrars or registries are usually very well protected, although these kinds of attacks cannot be excluded.
Cybersquatting
Cybersquatting and typosquatting are two techniques that refer to domain name registrations; they have absolutely nothing to do with the content of websites. A cybersquatter registers domain names that are identical to well known and registered brand names or trade names, merely with the aim of harming the brand name holder or the trader or to sell the domain name at an inflated price.
Cybersquatting can, depending on the specific case, be an "unlawful registration" within the meaning of article 10 of the General terms and conditions of DNS.be and of the Belgian Act of 26 June 2003 concerning the unlawful registry of domain names. Pursuant to article 10 of the terms and conditions of DNS.be a procedure can be instituted before CEPINA for the unlawful registry of .be domain names. For more information regarding the rules on the settlement of disputes we refer to this page for detailed information.(LINK)
On the other hand the Belgian Act of 26 June 2003 also allows proceedings to be instituted before a normal court. This is an "interlocutory proceedings" (zoals in kort geding) procedure and needs to be instituted before the Chairman of the Court of first instance or the Court of Commerce.
Typosquatting
Typosquatting is similar to cybersquatting in that the squatter registers a domain name that is not identical to an existing brand name or trade name but may create confusion. Just as with cybersquatting the typosquatter registers the domain name, merely with the aim of harming the brand name holder or the trader or to sell the domain name at a hugely inflated price.
Some believe that registering a domain name merely with the aim of selling it at an inflated price is in violation with the law. This, however, is not the case. The registration of a domain name is only unlawful when all the application conditions of the law have been met, i.e. the domain name needs to be identical to or create confusion with an existing brand or trade name and the registration or its use is in bad faith. Registering domain names to rent out or sell is permitted in other words, unless the statutory provisions have been violated.
SPAM
The origin of the word SPAM goes back to a 'Monty Python' sketch in which a mountain of SPAM (meat; a contraction of Spiced Ham) is served to a person. However, this person does not like SPAM and doesn't want it. The result is a typical series of hilarious dialogues. In the same way (e-mail) SPAM is a message you don't want. Frequently occurring SPAM mails are e-mails offering Viagra, potions that make you feel fitter/better/younger, fake products, etc.. Fraudulent e-mails in the form of SPAM also exist. These include e-mails of a friend of the president or the chairman of a bank who needs your help to manage his (black) money, for which you will be richly compensated. If you accept to help, you will be conned into making a small contribution. The fraud will take the money and run of course.
Unfortunately very few efficient tools are available to combat SPAM. They overload Internet lines and mail servers without providing any added value. A number of groups try to collect IP addresses of computers that are used by so-called spammers. By blocking these IP addresses on the mail server SPAM can be combated in part.
Because e-mail systems don't carry out any authentification, a surfer sending a mail can use a random e-mail address. In other words don't always simply assume that an e-mail has come from the person who signed it!
Spoofing
By making some technical adjustments a computer is able to intercept all traffic from and to another computer. In this way the computer 'in the middle' is able to "eavesdrop on" the communication between two computers. This is known as a "man-in-the-middle attack". In the same way a computer can pretend to be someone else. Once this new computer with an existing identity has exchanged the necessary information, it is sometimes considered as the new server. Stealing the identity of this computer is called spoofing.
E-mail Hoax
Sometimes you receive e-mail messages that warn you that a particularly dangerous virus is circulating, with the advice to forward this e-mail to your entire address list. This warning can be an e-mail hoax, i.e. a false virus warning!
E-mail hoaxes are usually sent by spammers who once the flow of e-mails has started are able to lay their hands on a huge number of addresses. Before forwarding these kinds of warnings it is therefore recommended to check the "authenticity" of the virus on the different virus libraries on the Internet.Another variable is the virus hoax whereby you receive an e-mail with a 'false' virus.
Another variable are 'chain letters'. The most well known of these chain letters are the ones where you need to forward some or other sob story to at least 10 people. The goal is purely to overload the global e-mail system.
2. Manipulation with access to the computer
By hacking your computer a hacker is able to do things in your name via your computer, such as carry out bank transactions or see exactly what you are doing on your computer.
Hacking and Cracking
Malevolent computer users often try to access big systems because they contain large quantities of information that can be misused to manipulate people or put institutions under pressure. To get access these people go to great lengths. Examples:
- call an unsuspecting employee on the pretext of 'we are working on the IT' and ask for the password.
- rummage through rubbish bins to find post-its with passwords
- look over your shoulder while you log in ...
So ... always be alert!
Viruses
A virus is a program that nestles in a file, e.g. in files of an operating system such as Windows. They are harmful because they use up disk space and computer time of the infected computer. In serious cases they inflict serious damage such as delete files or spread sensitive data. Viruses are programmed to spread to other computer systems. A virus is able to spread via, for instance, files on a diskette, CD-ROM, e-mail or a file sharing program (e.g. Kazaa).
Trojan Horse / Backdoor
A Trojan horse is a seemingly useful software program that is usually downloaded from the Internet and installed on the hard disk of the computer. A cracker is able to access a PC via a client console. In this case he will be able to operate all peripheral equipment and change, copy or even delete the data on the hard disk. Contrary to viruses they do not infect other files, nor do they multiply.
Worm
Worms are often confused with viruses. The symptoms may be very similar, but they spread differently. Worms do not infect files, but spread via computer networks, e.g. local networks, e-mail, peer-to-peer networks or via errors in the operating system.
3. Blocking of the computer
Denial of service
In a "denial of service attack" (usually abbreviated to DOS attack), the aim is not to access a computer. By flooding a machine with requests they try to slow down the system so much that bona fide surfers are unable to access the machine either.
Distributed denial of service
If it concerns an attack from several computers that try to block a service or a machine 'in group' we speak of a "distributed denial of service attack" (abbreviated as DDOS). These attacks are very difficult to counter. Often they target the root-name servers, i.e. the servers at the basis of the domain name system. If the root servers are unavailable it is impossible to surf or e-mail because the names that are used cannot be converted into addresses.