Web site compromises and exploits are projected to become more frequent in 2013
Your site whether hosted by TruMedia or not, is under increasing pressure to be vigilant against malicious attacks.
A brief summary of the types of exploits hitting sites all over the world are as follows:
A drive-by download is computer code that takes advantage of a software bug in a Web browser to make it do something that the attacker wants—such as run malicious code , crash the browser, or read data from the computer. Software bugs that are open to browser attacks are also known as vulnerabilities .
A phishing attack occurs when an attacker displays Web pages or sends emails that claim to be from a trusted company. These pages or emails solicit sensitive information from an unwitting customer. Symantec Security Response has more information on phishing here .
Spyware is any software package that tracks and sends personally identifiable information or confidential information to third parties. Visit our Spyware Topic Center and the section on spyware in our Viruses & Risks area.
Viruses are a type of malicious code, or malware , typically spread by other computers through email, downloads, and Web sites that are not safe. See the Malware Topic Center for more detailed information.
A heuristically-detected virus is found based on the malicious behaviors that it exhibits. These behaviors may include attempts to steal a person's sensitive information such as passwords or credit card numbers
A worm is another type of malicious code, or malware , that focuses primarily on spreading to other vulnerable computer systems. It typically spreads by sending out copies of itself to other computers, either via email, instant messages, or some other service. See the Malware Topic Center for more detailed information.
Unsolicited Browser Changes
An unsolicited browser change occurs when a Web site or program changes the behavior or settings of the Web browser without the user's consent. This may result in the home page or search page changing to another Web site, often one that is designed to serve ads or other unwanted content to the user.
Suspicious Browser Changes
A suspicious browser change occurs when a Web site attempts to modify the list of trusted Web sites. A Web site may be trying to get your Web browser to automatically download and install suspicious applications without your consent.
A dialer is any software package that changes modem settings in order to dial a high cost toll number, or requests payment for access to particular content. The result of this attack is that the owner of the phone line is charged for services were never authorized.
Trackware is any software package that tracks system activity, gathers system information, or tracks customer habits and relays this information to third-party organizations. The information gathered by such programs is neither personally identifiable nor confidential.
Hacking tools are programs used by a hacker or unauthorized user to attack, gain unwelcome access to, or perform identification or fingerprinting of your PC. Some hacking tools are used by system or network administrators for legitimate purposes, but the power they provide can also be misused by unauthorized users.
A joke program is one that alters or interrupts the normal behavior of your computer, creating a general distraction or nuisance. Joke programs are programmed to perform various actions like causing the CD or DVD drive of your PC to open at random.
A security risk is a condition in which a computer is more vulnerable to an attack. This condition can be created when an otherwise innocent program contains an error that reduces the security of your computer. These errors are usually unintentional. Using such a program could increase the risk that your PC will be attacked.
A suspicious application is one with behavior that represents a potential risk to a computer. The behavior of such a program has been examined and determined to be unwanted and malicious.
Cybersquatting is the practice of acquiring a site name to attempt to deceive people about the identity of the organization running the site. Cybersquatting makes use of deceptive practices to mimic trusted brands or otherwise confuse users. Typosquatting is one form of cybersquatting in which name spelling variants are used.
Hard to Uninstall
These programs are difficult to uninstall. When they are uninstalled, they may leave behind files along with registry keys that cause the files to be run even after uninstallation.
Items such as viruses and worms that load directly on your computer, with the potential to do harm to your computer.
Items such as spyware or keyloggers that attempt to steal personal information from your computer.
Ecommerce safety threats
Suspicious ecommerce activities, such as selling counterfeit goods.
Items that don't necessarily do harm, but are a nuisance, such as joke programs or a site that isn't what it seems.
Pay per Click site
This indicates a Web site that includes the brand name in the Web site name, but is not affiliated with the brand owner and contains mostly advertisements or links to pages containing advertisements.