UBA Group :: Fraud Alert :: Frequently Asked Questions

- What is Adware?

Adware (Advertising-supported software) is software that displays advertisements on your computer when you visit some websites.

- What are risks associated with Adwares?

It can slow down your PC and make it unstable. Internet connection can also be slowed down.

- What is a backdoor Trojan?

A backdoor Trojan allows someone to take control of your computer via the internet without your permission.

- How does a backdoor Trojan get on my Computer?

A backdoor Trojan may pose as legitimate software so that users run it. Once it is run, it adds itself to the computer’s startup routine and then monitors the computer until it is connected to the internet. When the computer goes online, the person who sent the Trojan can perform many actions- for example run programs on the infected computer, access personal files, modify and upload files, track the your keystrokes, or send out spam mail. Well-known backdoor Trojans include Subseven, BackOrifice and Gaybridge.

- What are browser Hijackers?

Browser hijackers are scripts that change the default home and search pages in internet browser. Some websites run a script that changes the setting in the browser without your permission. This hijacker can then change the page that is first displayed when the user opens the browser.

- What are Chain Letters?

An electronic chain letter is an email that urges you to forward copies to other people. They can create unnecessary email traffic and slow down mail servers. In some cases the chain letter encourages people to send email to certain addresses, so that these are deluged with unsolicited mail.

- What are Cookies?

Cookies are files on your computer that enable websites to remember your details. This can compromise your confidentiality.

- What is Denial-of-Service attack?

A denial-of-service (DoS) attack prevents users from accessing a computer or website. In a DoS attack, a hacker attempts to overload or shut down a computer, so that legitimate users can no longer access it. Typical DoS attacks target web servers and aim to make websites unavailable. A distributed denial-of-service attack uses numerous computers to launch the attack.

- What are document Viruses?

Document or “macro” viruses take advantage of macros – commands that are embedded in files and run automatically. It is a macro program that can copy itself and spread from one file to another. Anti-virus software can be used to remove these viruses.

- What are Email Viruses?

These are viruses that distribute themselves automatically by email. Email viruses may compromise computer’s security or steal data, but their most common effect is to create excessive email and crash servers.

- What are Internet worms?

Worms are programs that create copies of themselves and spread via internet connections. Worms differ from computer viruses because they can propagate themselves, rather than using a carrier program or file. They simply create exact copies of themselves and use communication between computers to spread. Internet worms can travel between connected computers by exploiting security “holes” in the computer’s operating system. You can use up-to-date anti-virus software to remove worms.

- What is Mousetrapping?

Mousetrapping prevents you from leaving a website. The site that mousetraps will either not allow user to visit another address, or will open another browser window displaying the same site.

- What is Obfuscated Spam?

Obfuscated spam is email that has been disguised in an attempt to fool anti-spam software. Spammers are constantly trying to find ways to modify or conceal their messages so that anti-spam software can’t read them. Example of such obfuscation is putting spaces between the letters of the word, hoping that anti-spam software will not read the letters as one word e.g., Viagra can be spelt as V I A G R A to disguise anti-spam. Another common technique is to use misspellings or no-standard characters. For example: V!agra

- What is Page Jacking?

Page-jacking is the use of replicas of reputable web pages to catch users and redirect them to other websites. Scammers copy pages from an established website and put them on a new site that appears to be legitimate. They register this new site with major search engines, so that users doing a search find and follow links to it. When the user arrives at the website, they are automatically redirected to a different site that displays advertising or offers of different services.

- What are Parasitic viruses?

Parasitic viruses, also known as file viruses, spread by attaching themselves to programs. When a program infected with parasitic virus is started, the virus code is run. To hide itself, the virus then passes control back to the original program. The operating system sees the virus as part of the program you were trying to run and give it the same rights. These rights allow the virus to copy itself, install itself in memory or make changes on your computer. Some anti-virus programs can remove parasitic viruses.

- What is Pharming?

Pharming redirects user from a legitimate website to a bogus copy, allowing criminals to steal the information entered by users.
To avoid pharming, use secure web connection when sensitive sites are accessed. Just look for the https:// prefix in the web address. If a hacker tries to mimic a secure site, a message will warn you that the site’s certificate does not match the address being visited. If you see a warning that a site’s certificate is not valid or not issued by a trusted authority, do not enter the site. There are also software solutions that can be used to prevent pharming. Some software can display a warning if you enter personal information in reply to an unknown email address. Other utilities can check to see if websites or IP addresses are blacklisted.

- What is Phishing?

Phishing is the use of bogus emails and websites to trick users into supplying confidential or personal information. Typically, you receive an email that appears to come from a reputable organization, such as a bank. The email includes what appears to be a link to the organization’s website. However, if you follow the link, you are connected to a replica of the website. Any details you enter, such as account numbers, PINs or passwords can be stolen and used by the hackers who created the bogus site.

- What is Ransomeware?

Ransomware is software that denies users’ access to their files until ransom is paid. Anti-virus programs with latest updates should be run to prevent viruses that can be used as ransomware.

- What is Rootkit?

A rootkit is a piece of software that hides programs or processes running on a computer. It is often used to conceal misuse of the computer or data theft.
Anti-virus programs can detect the Trojans or worms that typically install the rootkit, and some programs can now detect the rootkit itself while it is running.

- What are share price scams?

These are tips sent out by spammers to push up the price of shares that can then be sold out at a profit.
Share price scams, also known as “pump and dump” schemes, involve mass mailing misleading tips about “high-performing” companies. Victims are encouraged to invest in a company’s shares, pushing up the price artificially; the scammers then sell their own shares at a profit before the price collapses. These scams harm investors and small companies. When the bubble bursts and share prices plummet, investors lose their money. The collapse in value can also be devastating for companies that have limited assets.

- What is Spam?

Spam is unsolicited commercial email, the electronic equivalent of junk mail that comes through your letterbox.

- What is Spear Phishing?

Spear phishing is the use of spoof emails to persuade people within a company to reveal their usernames and passwords. Unlike phishing, which involves mass-mailing, spear phishing is small-scale and well-targeted. The spear phisher mails users in a single business. The emails appear to come from another member of staff at the same company and ask you to confirm a username and password. A common tactic is to pretend to be from a trusted department that might plausibly need such details, such as IT or Human Resources. Sometimes you are redirected to a bogus version of the company website or intranet. When you reply, the phisher takes the details and misuses them.

- What is Spoofing?

Spoofing is sending email that appears to come from one sender but has actually been sent by another. It can be put to a number of malicious uses.

- What is Spyware?

Spyware is software that enables advertisers or hackers to gather information without your permission. Spyware programs are not viruses (they do not spread to other computers) but they can have undesirable effects.
You can use good anti-virus software to detect and remove spyware programs which are treated as a type of Trojan.

- What are Trojan horses?

Trojan horses are programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. A Trojan program claims to have one function (and may even appear to carry it out), but actually does something different, usually without your knowledge.

- What are Viruses?

Viruses are computer programs that can spread by making copies of themselves. Viruses can have harmful effects, ranging from displaying irritating messages to stealing data or giving other users control over your computer. Computer viruses spread from one computer to another and from one network to another, by making copies of themselves, usually without your knowledge.

- What are Virus Hoaxes?

Virus hoaxes are reports of non-existent viruses. Hoaxes are usually in the form of emails that do some or all of the following:
• Warn you that there is an undetectable, highly destructive virus.
• Urge you to forward the warning
If users do forward a hoax warning to all their friends and colleagues, there can be a deluge of email. This can overload mail servers and make them crash.

- What is Voice Phishing?

Voice phishing is the use of bogus phone numbers to trick people into revealing confidential information. Phishing involved sending out emails that include links to bogus websites, where victims are asked to enter account details or other confidential information. Voice phishing also known as vishing, v-phishing or phone phishing asks the victims to call a phone number or “verify” their details. When the users call, an automated message asks for their card number. Criminals can then misuse the number for their own gain.