May 16, 2017 | 3:18 PM GMT+0800 Last Edit: May 12, 2020
KNOW YOUR ENEMY — This timeless piece of advice is especially relevant today as data privacy threats, both online and offline, have become as rampant as ever. Undetected attacks on our privacy may suddenly be leveraged to wreak havoc at any moment. While defenses and legislation struggle to catch up with fast-paced technological advancements, understanding the basic ways in which e-criminals and other ill-willed persons can prey on unsuspecting citizens becomes increasingly important for the common Filipino.
Attacks from identity thieves, hackers, unscrupulous marketers, and other devious actors usually take on a few common forms. Familiarizing ourselves with these forms is one of the best ways through which we can arm and protect ourselves against these attacks. The most common forms are as follows:
Viruses and worms are two of the most common forms of malicious software or malware. Malware can infect a system without the owner’s consent and create duplicates of their codes that can spread to other programs and computers. The effects of these small programs can range from being mildly annoying to being critically damaging to entire databases and software. Of their many uses, one of the most dangerous ways they threaten your data privacy is by opening a backdoor for attackers to access your passwords, IP addresses, banking information, and other personal data.
The crucial difference between the two is how they travel from one computer to another. Viruses are almost always attached to an .EXE or .COM file, through which it runs and can be spread. Worms, on the other hand, can stand alone, using to its advantage the vulnerabilities of systems or trickery.
Trojans, named after the infamous Trojan Horse of the Ancient Greeks, are characterized by their deception. This kind of malware is designed to mislead you into downloading it into your system and running it by disguising itself as a harmless file — perhaps as an e-mail about a promo enticing you to download the attachment to avail of a freebie or discount or as a routine form from a bank sent by an impostor. Like viruses and worms, the trojans can grant attackers access to your computer or phone, steal your personal information or download even more pieces of malware. The best defense against this kind of threat, aside from installing anti-virus software and setting up firewalls, is to be wary about opening e-mails sent to you or clicking on pop-ups from websites.
Phishing and Pharming have both been widely used to get enough personal information about a victim — their full names, addresses, credit card information, usernames, and passwords — to steal their identity online. Phishers use e-mails, instant messaging, and even SMS to lure you into entering your personal information on a fake website, while pharmers attack the DNS (Domain Name System) server of a legitimate website (often bank or e-commerce websites) to redirect its users to a similar website run by the pharmers. Phishing scams are some of the most common attacks on personal data privacy, as it uses simple bait (like its homophone fishing) to be able to extract personal information. While pharming is less common, each successful attack can simultaneously affect thousands of victims.
Short for advertising-supported software, adware is a piece of programming that displays advertisements for the generation of profit. While some forms of adware are legal and may even be built-into certain applications, some are illegal and are considered malware. These can take on the form of pop-ups or windows that cannot be closed or they can run other forms of malware through infected programs or websites. More covert forms of adware track your web habits while more invasive forms of adware may include key-loggers that track the passwords you type.
As the name suggests, spyware is a kind of program that spies on you. Not to be confused with “tracking software,” such as those in corporate computers or homes intended for parents to monitor what their children do on the internet, spyware finds its way into your computer without you knowing or consenting. It then sends your information to people you do not know. Smartphones, in particular, are popular targets for spyware attackers, as some forms of spyware can get information collected through your phone’s camera and microphone to monitor your location, listen in on your phone calls, or collect your personal information.
Ransomware is a type of malware that encrypts your files to hold them ransom, with attackers asking anywhere from a few thousand to millions of pesos to allow you to retrieve your files. These programs can get into your system through phishing scams or malicious websites, and ransomware attacks have become increasingly common, with the Philippines recording at least 17 attacks a day in 2015. The cost of these attacks tend to be much higher than the intended ransom, as security breaches can have long-lasting effects.