Malware: Is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software.
The term “malware” is a compound word from two other words “Malicious” and “software” and describes software created by hackers to disrupt computer operations, gather sensitive information, or gain access to private computer systems.
Malware includes computer viruses, worms, trojan horses, spyware, adware, most rootkits, and other malicious programs.
Some forms of malicious software are:
Spyware is a type of malware installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally to monitor users.
While the term spyware suggests software that monitors a user’s computing, the functions of spyware can extend beyond simple monitoring. Spyware can collect almost any type of data, including personal information like internet surfing habits, user logins, and bank or credit account information. Spyware can also interfere with user control of a computer by installing additional software or redirecting Web browsers. Some spyware can change computer settings, which can result in slow internet connection speeds, unauthorized changes in browser settings, or changes to software settings.
Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam
Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing e-mails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details on a fake website which looks are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
Spear-phishing is a more targeted form of phishing. Ordinary phishing involves malicious emails sent to any random email account, but spear-phishing email is designed to appear to come from someone who recipient knows and trusts — such as a colleague, business manager or human resources department — and can include a subject line or content that is specifically tailored to the victim’s known interests or industry. Phishing attacks are so successful because employees click on them at an alarming rate, even when emails are obviously suspicious.
Pharming is a hacker’s attack intended to redirect a website’s traffic to another, bogus site.
The term “pharming” is a compound term based on the words “farming” and “phishing”. Phishing is a type of social-engineering attack to obtain access credentials, such as user names and passwords. In recent years, both pharming and phishing have been used to gain information for online identity theft. Pharming has become of major concern to businesses hosting e-commerce and online banking websites.