Find an ATM/Branch
Personal  |  Business  |  Corporate  |  Government  |  About Sovereign
Sovereign Bank
Banking: Business Checking, Business Cash Management, Business Online ServicesCredit: Lines of Credit and Loans, American Express Business Cards, Vehicle Lease and Finance, Equipment Leasing and FinanceInsurance: Small Business Insurance, Life Insurance, Term Life Insurance, Long Term Care Insurance, Disability InsuranceInvestments: Investment Accounts, Employee Pension PlanInternational Trade: Import Trade Services, Export Trade Services, Trade Finance, Foreign Exchange, Online Services, ResourcesPlanning: Starting a Business, Expanding Your Business, Health Savings Account Employer Program, Health Savings Account Broker Program
Business Security Center
How Small Businesses Can Help Protect Their Customers from Phishing
Hardware vs. Software Firewalls
Defending Against Malware and Trojan Horse Threats
How To Protect Your Computer Against Virus and Worm Attacks
Glossary of Internet Security and Threat Terms
Wi-Fi Security: Some Advice From the FBI
Printer-friendly formatPrinter-friendly formatPrinter-friendly format

Defending Against Malware and Trojan Horse Threats

From

 McAfee logo
Malware—software written to infect private computers and commit crimes such as fraud and identity theft—has become big business in the cyber underworld. As a result, if you use a computer for Web surfing, shopping, banking, email, instant messaging, and gaming without proper protection, you are putting yourself at high risk of being victimized.

By exploiting vulnerabilities in operating systems and browsers, malware can sneak malicious Trojan horse programs onto unsecured PCs. Unsuspecting and unprotected users can also download Trojans, thinking they are legitimate game, music player, movie, and greeting card files. Trojans can also lurk in files shared between friends, family, and coworkers using peer-to-peer file sharing networks.

Trojans have traditionally been hidden in worms and viruses spread by email, but they're increasingly showing up in instant messages and on PDAs and cell phones. Organized crime rings have devised insidious new ways of delivering Trojans, and consumers must stay informed of the latest tricks. Protection against these multi-faceted attacks requires integrated anti-virus, firewall, and anti-spyware technologies. Below are the top 10 ways you need to know to protect yourself against malware and Trojan attacks.

What Do Trojans Do?
Trojans corrupt important files and place adware, spyware, keyloggers, and screen scrapers that can steal personal information and your online experience. They can also redirect you to fake phishing Websites-even when you type valid Web addresses (URLs) into your browser.

Trojan programs are most dangerous because they can create a back door into your computer that gives malicious hackers direct access to your system. Once installed, Trojans can hijack your PC and upload usernames, passwords, credit card numbers, social security numbers, and bank account numbers to specified computers for as long as they remain undetected.

Hackers use chat rooms and peer-to-peer file sharing networks to target and hijack unsecured PCs. Once the Trojan opens a back door, the computer joins hordes of other “zombie” computers that the hacker can control remotely. The hacker can launch Denial of Service (DoS) attacks, generate ad traffic, send out infected software to other vulnerable computers, and pump out spam.

Cyber gangs even rent networks of these zombie computers (a.k.a. bots) by the hour to other criminals for extortion and fraud. Users are rarely aware that their machines have been hijacked, since usually the only indicator is slightly slower performance.

A new trend in malware is to extort money. This ransomware is a Trojan that encrypts a PC's files or threatens to delete them one by one unless the victim pays up. After the person pays using a money transfer service, the extortionist sends them a special disarming code or decryption application. Hackers also use Trojans to exploit weaknesses in legitimate banking, online bill pay, and e-commerce sites.

How Does My PC Get a Trojan?
Today, Trojans can be spread by browser drive-bys, where the program is downloaded in the background when you simply surf to a rigged Website. Shell code runs a Trojan that downloads additional payload code over HTTP-various forms of bots, spyware, back doors, and other Trojan programs. Hackers then send phishing emails to lure users to Websites, where unsuspecting victims are tricked into revealing personal information. Hackers can also exploit security weaknesses on sites, and then piggyback their Trojans onto legitimate software to be downloaded by trusting consumers.

Top 10 Ways to Defend Against Malware and Trojans.
Although hackers never stop developing new tricks to commit fraud and steal identities, consumers can take proactive steps to safeguard their systems. All it takes is a combination of robust security software and a commitment to following basic safety rules.
  1. Protect your computer with strong security software and make sure to keep it up to date. McAfee Total Protection for Small Business guarantees trusted PC protection from Trojans, hackers, spyware, and more. Its integrated anti-virus, anti-spyware, firewall, anti-spam, anti-phishing, and backup technologies work together to combat today's advanced multi-faceted attacks. It scans disks, email attachments, files downloaded from the Web, and documents generated by word processing and spreadsheet programs.
  2. Use a security-conscious Internet service provider (ISP) that implements strong anti-spam and anti-phishing procedures.
  3. Enable automatic Windows® updates or download Microsoft® updates regularly to keep your operating system patched against known vulnerabilities. Install patches from other software manufacturers as soon as they are distributed. A fully patched computer behind a firewall is the best defense against Trojan and spyware installation.
  4. Use extreme caution when opening attachments. Configure your anti-virus software to automatically scan all email and instant message attachments. Make sure your email program doesn't automatically open attachments or automatically render graphics, and ensure that the preview pane is turned off. This will prevent macros from executing. Refer to your program's safety options or preferences menu for instructions. Never open unsolicited business emails, or attachments that you're not expecting—even from people you know.
  5. Be careful when engaging in peer-to-peer (P2P) file-sharing. Trojans sit within file sharing programs waiting to be downloaded. Use the same precautions when downloading shared files that you do for email and IM. Avoid downloading files with the extensions .exe, .scr, .lnk, .bat, .vbs, .dll, .bin, and .cmd. Anti-virus software and a good firewall will protect your system from malicious files.
  6. Download the latest version of your browser to ensure that it is also fully updated, and utilizes the latest technologies to identify and filter out phishing sites that can install Trojans.
  7. Use security precautions for your PDA, cell phone, and Wi-Fi devices. Viruses and Trojans arrive as an email/IM attachment, are downloaded from the Internet or are uploaded along with other data from a desktop. Cell phone viruses and mobile phishing attacks are in the beginning stages, but will become more common as more people access mobile multimedia services and Internet content directly from their phones. Always use a PIN code on your cell phone, and never install or download mobile software from an unknown source.
  8. Configure your instant messaging application correctly. Make sure it does not open automatically when you fire up your computer. Turn off your computer and disconnect the DSL or modem line when you're not using it. Beware of spam-based phishing schemes—don't click links in emails or IM.
  9. Be certain a Website is safe before you go there. Use software like McAfee SiteAdvisor,which gives you Website safety ratings. Also look out for the designation McAfee Hacker Safe on ecommerce sites. You can also check the validity of individual Web addresses (URLs) with a WHOIS search such as www.DNSstuff.com.
  10. Back up your files regularly and store the backups somewhere besides your PC. If you fall victim to a Trojan attack, you can recover your photos, music, movies, and personal information like tax returns and bank statements. McAfee Total Protection for Small Business provides essential protection from viruses, spyware, and hackers along with automatic backups of your hard drive.
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054, 888.847.8766, www.mcafee.com

McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. © 2008 McAfee, Inc. All rights reserved.
Access Your Accounts
Next Steps
Call 877.906.7500 to speak with an Identity Theft Assistance Center Representative if you believe you've been a victim of online fraud
Call 877.768.1145 to speak with a Business Customer Contact Center Representative if you have a question about your account
How May We Help You?
Search Our Site
Related Resources
View a video on how to protect your business from viruses and hackers
FREE McAfee® Total Protection Trial
Clicking on this link will take you from Sovereign Bank's site to this organization's own Website, which is governed by that organization's own Privacy Policy. Protect your business against viruses, spyware, hackers, and more.
Learn MoreClicking on this link will take you from Sovereign Bank's site to this organization's own Website, which is governed by that organization's own Privacy Policy.
Find an ATM/Branch  |  Customer Service  |  Contact Us  |  Site Map  |  Email Offers
Site Preferences  |  Security Center  |  About Sovereign  |  Careers
Privacy Policy  |  Terms of Use  | Copyright 2009 Sovereign Bank. All rights reserved.  Equal Housing Lender Equal Housing Lender - Member FDIC