Adware
Adware is software that presents banner ads or in pop-up windows through a bar that appears on a computer screen. Those advertising spots usually can't be removed and are consequently always visible. The connection data allow many conclusions on the usage behaviour and are problematic in terms of data security.

Backdoors
A backdoor can gain access to a computer by going around the computer access security mechanisms. A program that is being executed in the background generally enables the attacker almost unlimited rights. User's personal data can be spied with the backdoor's help, but are mainly used to install further computer viruses or worms on the relevant system.

Boot Viruses
The boot or master boot sector of hard drives is mainly infected by boot sector viruses. They overwrite important information necessary for the system execution. One of the awkward consequences: the computer system cannot be loaded any more…

Bot-Net
A Bot-Net is collection of software bots, which run autonomously. A Bot-Net can comprise a collection of cracked machines running programs (usually referred to as worms, Trojans) under a common command and control infrastructure. Boot-Nets server various purposes, including Denial-of-service attacks, etc., partly without the affected PC user's knowledge. The main potential of Bot-Nets is that the networks can achieve dimensions on thousands of computers and its bandwidth sum bursts most conventional Internet accesses.

Dialer
A dialer is a computer program that establishes a connection to the Internet or to another computer network through the telephone line or the digital ISDN network. Fraudsters use dialers to charge users high rates when dialing up to the Internet without their knowledge.

EICAR Test File
The EICAR test file is a test pattern that was developed at the European Institute for Computer Antivirus Research for the purpose to test the functions of anti-virus programs. It is a text file which is 68 characters long and its file extension is “.COM” all virus scanners should recognize as virus.

Exploit
An exploit (security gap) is a computer program or script that takes advantage of a bug, glitch or vulnerability leading to privilege escalation or denial of service on a computer system. A form of an exploit for example are attacks from the Internet with the help of manipulated data packages. Programs can be infiltrated in order to obtain higher access.

Grayware
Grayware operates in a way similar to malware, but it is not spread to harm the users directly. It does not affect the system functionality as such. Mostly, information on the patterns of use is collected in order to either sell these data or to place advertisements systematically.

Hoaxes
The users have obtained virus alerts from the Internet for a few years and alerts against viruses in other networks that are supposed to spread via email. These alerts are spread per email with the request that they should be sent to the highest possible number of colleagues and to other users, in order to warn everyone against the "danger".

Honeypot
A honeypot is a service (program or server), which is installed in a network.
It has the function to monitor a network and to protocol attacks. This service is unknown to the legitime user - because of this reason he is never addressed. If an attacker examines a network for the weak points and uses the services which are offered by a Honeypot, it is protocolled and an alert sets off.

Keystroke Logging
Keystroke logging is a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Like this, confidential and personal data, such as passwords or PINs, can be spied and sent to other computers via the Internet.

Macro Viruses
Macro viruses are small programs that are written in the macro language of an application (e.g. WordBasic under WinWord 6.0) and that can normally only spread within documents of this application. Because of this, they are also called document viruses. In order to be active, they need that the corresponding applications are activated and that one of the infected macros has been executed. Unlike "normal" viruses, macro viruses do consequently not attack executable files but they do attack the documents of the corresponding host-application.

Polymorph Viruses
Polymorph viruses are the real masters of disguise. They change their own programming codes - and are therefore very hard to detect.

Program Viruses
A computer virus is a program that is capable to attach itself to other programs after being executed and cause an infection. Viruses multiply themselves unlike logic bombs and Trojans. In contrast to a worm, a virus always requires a program as host, where the virus deposits his virulent code. The program execution of the host itself is not changed as a rule.

Script Viruses and Worms
Such viruses are extremely easy to program and they can spread - if the required technology is on hand - within a few hours via email round the globe. Script viruses and worms use a script language such as JavaScript, VBScript etc. to infiltrate in other new scripts or to spread by activation of operating system functions. This frequently happens via email or through the exchange of files (documents). A worm is a program that multiplies itself but that does not infect the host. Worms can consequently not form part of other program sequences. Worms are often the only possibility to infiltrate any kind of damaging programs on systems with restrictive security measures.

Spyware
Spyware are so called spy programs that intercept or take partial control of a computer's operation without the user's informed consent. Spyware is designed to exploit infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements.
 

Phishing, also known as "brand spoofing", is an elaborate form of data theft, targeting possible clients of ISP companies, banks, online banking services, government agencies etc.

When submitting your email address on the Internet, filling in online forms, accessing newsgroups or websites, your data can be stolen by Internet crawling spiders and then used without your permission to commit fraud or other crimes.

Phishers develop counterfeit WebPages, which imitate the corporate image of well-known, trusted service providers. Then, using collected or random generated email addresses, they "throw the bait".
A message with a credible subject is sent by email or instant messenger, asking for confidential data, inviting you to access a website ( 'Click Here' link; URL link; Image link; Text link) or even to fill in a form in the email itself. It looks like a plausible request and it even comes with a dire consequence, to get your immediate reaction.

Examples of email subject:
"Update Your PayPal Account"
"Your eBay User Account has been suspended!"

The required information is usually:
$ Credit card number;
$ ATM PIN and TAN number;
$ Bank account information;
$ Social Security Number;
$ Passwords;
$ Email accounts;
$ Other personal information.

Once entered, the user's information is no longer confidential and it is immediately used by the fraudsters in their own interest. It is usually very difficult to get the money back, as the phishing sites are generally online for a few days or even just hours.

The main method is using a trustworthy-looking email, which tries to lead you to a fake web page. Some phishing emails contain an application or order form directly in the message body. You should know that officials will never send you an email containing a form or asking for personal information.

On the fake website you might notice that the URL is not the correct one. Still, there are ways to fake the URL:

Social engineering:
The URL is very similar to the real one and you might just notice this on the first view. For example the real URL http://www.volksbank.com can be faked with http://www.voIksbank.com . If you think they are the same – not true! The lower case ‘l’ letter is replaced with the upper case ‘i’ letter.

Browser vulnerabilities:
The fake website may contain a script to exploit your browsers. In this case, the real URL is displayed, but the content of the web page is the one from the fake server. One example is to display a fake picture on top of the browsers real address bar. You can not ‘click’ in the bar’s input field to mark the URL. Other exploits allow a fake input field displayed on top, so it will be even possible to click into the field and mark the URL.

Pop up’s:
The link in the email points to the real website, but another browser window is displayed in front. Practically you can browse the real website without risk, but don’t get tricked by the second window. Those pop up's usually do not have an address bar to help identify a fake website.

No address bar:
Some fake sites do not display the address bar at all and unless you specifically look for it, you might not notice this.

There are other techniques, apart from playing with the address bar, which can be used in addition or stand-alone, to get access to confidential information.

Other browser vulnerabilities:
Some other vulnerability in your browser can be used to download and execute any malicious software. Such malicious software may be a Trojan that records all keystrokes and monitors all Internet traffic, especially when you are going to enter and submit data in an online form.

Pharming:
Also known as “domain spoofing”, it is used to redirect the users to a fake website. Although you type the correct URL in your browser, you are redirected to a fake website. The correct URL remains in your browser, without change. In order to accomplish the redirection process, the name resolution has to be modified. This can be done either by changing the TCP/IP protocol settings or by an entry in the hosts file.

Man in the middle:
Probably the most sophisticated method, as nothing has to be changed on the local computer. The phisher is located in between and redirects your connection to a fake server.

The phishing website might use other tricks such as:

Forged tooltip,

Right-click inaccessible.

Phishers avoid being detected by antispam/antiphishing programs using:

Random letters or famous quotes in the subject or in the body of the email;

Invisible text in HTML emails;

HTML or Java content instead of plain text;

Pictures only (no other text in the email body).

As the phishers can use so many techniques and can even combine them, it is rather difficult to tell if an email request comes from officials or not.

What are the consequences of disclosing confidential information?

$ The phishers can run up charges on your account.
$ They can open new accounts, sign utility or loan contracts in your name.
$ They can use a false ID and commit crimes using your personal information.

Do not fill in email forms concerning confidential information. Any trustful service provider uses secure websites and digital certificates.

Do not click on links provided by email, especially if you were not expecting that email. Contact the sender to verify if it was his/her intention to send this email (use the contact number the company gave you, not the one in the email).

Do not reply. Delete the message and check with the real company (use the contact number the company gave you, not the one in the email).

Do not click to follow the link provided in such a message. Type the address in the browser yourself.

Repairing the damage caused by phishing may be frustrating and time-consuming. Apart from the loss of productivity and use of network resources, data theft requires considerable efforts on your part: you will have to rescue your identity, property and rights and to clear your name.

It is much easier to follow some basic safety rules:

Update your operating system with the latest patches as soon as they appear.

Alternate Internet Explorer with other browsers.

Use antivirus and firewall solutions and keep them permanently up-to-date.

Always type the URL yourself instead of following a link.

Make sure you are using a secure website (HTTPS) and check the digital certificates.

Regularly check your accounts and statements and immediately report any abuse.

Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment!

 With your data at threat, almost everyone has security applications installed to protect their system.

 The problem is that we tend to assume that security software just works. However, configuration cock-ups, missed updates and simple human errors of judgement can leave you and your data cosseted in a false sense of security.

 Often, the first time you realise your security setup isn’t up to the job is when the worst happens – and even then plenty of people never actually twig that their system has been compromised. But there is an alternative: hack it yourself. It’s best to break into your own system before someone else does.

 You can easily test your system for vulnerabilities to Internet threats with on-line tests. Test your firewall, exploit your PC, check for leaks, send in the processor probes, probe for viruses and swamp your email.

  How to test your security like a hacker would.

ShieldsUP

https://www.grc.com

Here are the descriptions of each test:

 File Sharing

"Test My Shields" test for Windows file sharing. It provides the industry's only detailed Windows shares enumeration and password protection determination utilizing both UDP and TCP protocols.

Common Ports

"Common Ports" for testing many ports, including pseudo-port "Zero", ICMP Echo (Ping) detection of any firewall "back chatter" with the TruStealth technology, and the integration of the quick Text Summary.
 

All Service Ports

"All Service Ports" tests a total of 1056 ports (0-1055) to accurately detect any and all services operating at or below port 1055. The "All Service Ports" page provides several additional "Application Notes" detailing techniques for determining which (if any) ports are being blocked by your ISP, checking and verifying your NAT router's WAN-side security, and experimenting with adaptive IDENT port stealthing behavior.

Messenger Spam

It was bound to happen that sooner or later unsolicited commercial announcements would be popping-up in Windows' "Messenger Service" dialog boxes. Like so many other sources of Windows insecurity, the "Windows Messenger" service should not be running by default, but it is. This test works hand-in-hand with the free “Shoot The Messenger” utility by sending your system a few Windows Messenger pop-ups so you can see this Messenger Spam for yourself and verify that the insecure "Windows Messenger" service has been safely disabled.

Browser Headers

Web browsers send remote servers a set of "Request Headers" for every item retrieved. Since these headers are never seen, most Internet users remain unaware of their presence. This page allows users to see their browser's request headers and to experiment with feeding their browser a cookie. This can be useful for testing privacy proxies, cookie filters, and other security options.

User Specified Custom Port Probe

Between the "All Service Ports" and the expanded "Common Port Probe", most important ports are now covered. But there may be times when you may need to check a specific port or range of ports. The "Custom Port Probe" will quickly test any combination of up to 64 user-specified ports. Simple enter one or more ports (or port ranges) into the text field below and click the "Custom Port Probe" label above. (You may leave the field blank to be taken to a detailed help page.)

Lookup Specific Port Information

The Port Authority system incorporates a comprehensive Internet ports database containing detailed information and history about many prominent Internet services. The results generated by the three port probing services are linked to this database for one-click exploration and research into Port Authority results. In Addition, any single port's database page may be displayed by entering its port number into the field above and clicking on the "Lookup Specific Port Information" label.

LeakTest

When LeakTest was released, most personal firewalls were easily fooled. Any malicious program could give itself the same name as a trusted program to gain access to the Internet. LeakTest demonstrates and tests for this simple application "masquerading" vulnerability.

http://www.grc.com/lt/leaktest.htm

SecurAble
Display processor's security features. Quickly determine, display, and explore the availability and consequences of the state-of-the-art security-related features available in the system's processor.

http://www.grc.com/securable.htm

PC Flank

http://www.pcflank.com
 

Here are the descriptions of each test:
Quick Test
This test shows how vulnerable your computer is to various Internet threats. The test also determines if a Trojan horse already infects your system and if your Web browser reveals personal info about you or your computer while you're web surfing. This test is a combined version of Advanced Port Scanner, Browser Test and Trojans Test. The test takes less than three minutes. Afterwards you will see a full report including recommendations on how to improve the security of your system. This test is recommended to rookie users and users who do not have enough time to pass all the tests. To start the test click here.

Stealth Test
With the help of the Stealth test you can determine if your computer is visible to the others on the Internet. You can also use this test to determine if your firewall is successful in making ports of your system stealthed. To determine if your computer is visible on the Internet the Stealth test utilizes five scanning techniques: TCP ping, TCP NULL, TCP FIN, TCP XMAS and UDP scanning. To start the test click here.

Browser Test
This test will check if your browser reveals any of your personal information. This might be the sites you have visited, the region you live in, who your Internet Service Provider is, etc. The test will recommend specific settings of your browser for you to change. To start the test click here.

Trojans Test
This test will scan your system for most dangerous and widespread Trojan horses. If a Trojan is found on your computer the test recommends actions to take. To start the test click here.

Advanced Port Scanner
The Advanced Port Scanner will test your system for open ports that can be used in attacks on your computer. You can select which scanning technique will be used during the test: TCP connect scanning (standard) or TCP SYN scanning. You can also select what ports of your system you want to scan: desired ports or range of ports, typical vulnerable and Trojan ports, 20 random ports or All ports. This test is recommended to experienced users. To start the test click here.

Exploits Test
This test will detect how vulnerable your computer is to exploits attacks. This test can be also used to test firewalls and routers for stability and reactions to unexpected packets. Most of the exploits are in fact denial-of-service attacks and if your system is unable to pass this examination it may crash or reboot. To start the test click here.

Recommended 3 main routes of passing PC Flank's tests. These are "Rookie", "Advanced" and "Rush".

Rookie:
This route is recommended to rookie users. Start from Quick Test, then run your system through Stealth Test and finish with Trojans Test to scan your system for most dangerous and widespread Trojan horses.

Advanced:
This route is recommended to experienced users. Start from Advanced Port Scanner and scan the ports you want to check, then examine your firewall with Stealth Test, then check your browser' privacy with Browser Test and finish with sophisticated denial-of-service attacks of Exploits Test.

Rush:
This route is recommended to users who do not have enough time to pass all the tests. Start testing your system from Quick Test and then examine your firewall with Stealth Test.

PCFlank LeakTest

PCFlank's LeakTest is a small utility that tests any firewall's ability to protect against unauthorized or illegal transmissions of data from a user's computer that is connected to the Internet.

The program doesn't require installation and can be downloaded from here (alternatively, click the download button to obtain the test executable):

The test results page is available at: http://www.pcflank.com/pcflankleaktest_results.htm.

(Note: On this page you can view the results for your current IP address. If your firewall successfully passes the test, no record will be registered for that test or IP.)

Kaspersky Online Virus Scanner

http://www.kaspersky.com/virusscanner

 Take the Kaspersky Challenge: See what your current antivirus is missing.

Free online virus scanner is a great way to find out if you have any viruses or spyware on your machine without having to uninstall your current antivirus software or install a new one. Most importantly, you can see what viruses your current antivirus software let slip through! The Kaspersky Online Virus Scanner scans your computer for malicious code and offers the same exceptional detection rates as other Kaspersky Lab products. This free online virus scanner is very powerful and scans your machine very deeply, so it could take hours to complete. We suggest running it during a time of low activity. Take the Kaspersky Challenge and see what malware your current antivirus software missed - you may be surprised.

 NOTE: The online virus scanner will not remove the malware from your machine if it finds it.

http://www.kaspersky.com/virusscanner

Spycar

http://www.spycar.org

 Spycar is a suite of tools designed to mimic spyware-like behaviour, but in a benign form.  Intelguardians created Spycar so anyone could test the behaviour-based defences of an anti-spyware tool. Spycar runs only on Windows, the same platform most targeted by spyware developers. Many anti-spyware tools put all of their eggs in the signature basket. That is, the vendor detects spyware by including thousands of signatures looking for specific sequences of bits on your hard drive or in memory.  Behaviour-based detection, another approach, lets anti-spyware stop malicious software based on its actions, not a specific set of signatures. Spycar wanted to see how anti-spyware tools could cope with new spyware for which they didn’t have a signature.  In their own laboratory, they tested a bunch of enterprise anti-spyware tools, and found that their behaviour-based defences were seriously lacking.  As long as no signature has been defined for a given piece of spyware, a lot of anti-spyware tools offer virtually no protection.  Spycar wanted to give you a chance to evaluate your own anti-spyware tool, so they released Spycar.

http://www.spycar.org

Open Relay Tests

An open relay (sometimes also referred to as a third-party relay) is a mail server that does not verify that it is authorised to send mail from the email address that a user is trying to send from. Therefore, users would be able to send email originating from any third-party email address that they want. Spammers are constantly on the lookout for open relay SMTP (Simple Mail Transfer Protocol) servers. They use the open relays to send unsolicited mail to a large number of email addresses, which has an impact on delivery speed, bandwidth, disk storage space, CPU processing and more. A number of organisations are cracking down on spam originating from open relay servers by forming blacklists. Several anti-spam solutions check if the mail server is in one of these blacklists before allowing incoming mail from it. If your mail server gets listed on one of these blacklists, a lot of the emails that you would be sending would not be reaching their destination.

SpamHelp

http://www.spamhelp.org

This is a SMTP open relay test script which is able to optionally report open relays to DSBL (Distributed Server Boycott List).

SMTP Diagnostics

http://www.mxtoolbox.com

This test will connect to a mail server via SMTP, perform a simple Open Relay Test and verify the server has a reverse DNS (PTR) record.  It will also measure the response times for the mail server.

Goolag Scanner

A tool that helps people find vulnerabilities in Web sites using data gleaned from Google. Goolag Scanner enables everyone to audit his or her own web site via Google. The scanner technology is based on "Google hacking," a form of vulnerability research. The Goolag Scanner was launched by a popular group of hackers called The Cult of the Dead Cow, who released the tool in order to help novices become better in their hacking career. Practically, the Goolag Scanner allows hackers to use Google’s search engine to scan web sites for a wide range of vulnerabilities. Hackers have been using Google for years, but the Goolag Scanner makes this job easier than ever, as the tool’s custom scripts and innovative methods sift through the significant quantity of data available via the popular search engine. Coming with an easy-to-use graphic interface, the Goolag Scanner could be used by both hackers and legitimate security researchers. The tool was based on techniques developed by Johnny Long, a Computer Sciences Corp. researcher who has been studying for years how Google’s popular search engine could be used to discover security flaws in web sites. It is of benefit to the average network administrator or web master, and even to the Internet as a whole. Network administrators and web masters can leverage Goolag Scanner to automate the scanning of their own domains, and ensure that they aren't unknowingly exposing sensitive data to Google's search engines. The more that administrators use Goolag Scanner to clean up their own data leaks, the less effective Google hacking becomes...making the Internet a little safer for everyone. It's no big secret that the Web is the platform, and this platform pretty much sucks from a security perspective. Goolag Scanner provides one more tool for web site owners to patch up their online properties. There have seen some pretty scary holes through random tests with the scanner. If I were a government, a large corporation, or anyone with a large web site, I'd be downloading this beast and aiming it at my site yesterday. The vulnerabilities are that serious.

Google Hacking

A term that refers to the act of creating complex search engine queries in order to filter through large amounts of search results for information related to computer security. In its malicious format it can be used to detect websites that are vulnerable to numerous exploits and vulnerabilities as well as locate private, sensitive information about others, such as credit card numbers, social security numbers, and passwords. This filtering is performed by using advanced Google operators. While Google was the original tool of the Google hackers, many of the tactics and operators can be used on other search engines, such as MSN Search and Yahoo.