What are the risks of getting infected by malicious software?

Have you ever thought of what is going to happen when you are infected by a computer malware? About a decade ago, computer virus aims were to replicate themselves and destroying key operating system functions. If you got a computer malware infection at that time, most probably your operating system will be corrupted by the malware and you will need to format your hard disk to solve your problem.

Today, malicious software behaves a little different. We have more than 10 types of computer security threats such as virus, trojan, worms, spyware and many more. Each type of malware has their own speciality and here are top 3 risks of getting infected by a computer malware.

1. Having your login credentials stolen

It is very popular today that a keylogger/keystroke logging is used to log a victim’s login credentials. Once the keylogger has a set of your username and password, they can login into the account and do almost everything unless your account is protected by a two factor authentication.

2. Losing hard disk space

Hard disk space today can be very cheap but we should not waste it on storing malicious software. Malware such as worms will replicate in your operating system and take up your hard disk space. You will not feel the burden at the beginning but as the process gets longer, you will start to feel the pain of having insufficient disk space.

3. Spending money on unnecessary stuff

There is also a type of malware where they scare you off by telling you that your computer has hundreds of infections which you actually don’t have. Upon scaring you, they urge you to purchase a bogus antivirus which claims that can clean all the mentioned infections. All in all, you end up actually paying for nothing.

4. Being part of a minion for DDoS attack

Have you ever thought of how DDoS can bring thousands to millions of traffic to a server? It is actually all the computers which are infected with some sort of trojan that explains how the attacker can have such massive amount of traffic. By getting a malware infection, you are at risk of becoming part of this big project which you do not want to be.

5. Losing your privacy

Another form of malware which is known as spyware is built to spy your daily activities. By knowing your daily activities, the attacker will be able to understand you better before attacking you. For instance, if you regularly surf to adult sites, the attacker will probably start off with some fake adult material to lure you into their trap.

Looking at someones internet usageBack to you now, are you able to take all the risks mentioned? If you are not, be sure you have a good habit when it comes to internet and computer security and always remember that having an antivirus and firewall is not sufficient for a good security.

5 Most Popular Two-Factor Authentication Security Devices

As we had discussed before, one-factor authentication is not sufficient in order to have good security. Especially when we talk about sensitive transaction such as banking transactions, it is not secure anymore today if it were done only using username and static password.

Two-factor has to come into the IT security field to ensure that the correct person is authenticated. The items below are the five most popular methods used for any two-factor authentication.

1. Mobile OTP

Mobile One-Time Password

Mobile One-Time Password (OTP)

A very popular and cost saving method is to use a SMS gateway and send OTP (one-time password) to a mobile phone user. This method is used widely simply because everyone has a mobile phone today which means everyone can use two-factor authentication as long as the host of the application willing to invest and provide this service.

2. OTP Token

One-Time Password Token

One-Time Password (OTP) Token

OTP token works more or less the same as the Mobile OTP. The difference is that this is a separate device and the OTP can be generated immediately instead of waiting for the SMS gateway to send. As a result, it is more reliable than the Mobile OTP but additional cost needed to have this device.

3. PKI USB Token

Public Key Infrastructure Token

Public Key Infrastructure (PKI) Token

PKI USB Token offers the second best security in the market by beating off man in the middle attack such as phishing attack. However, PKI implementation needs an infrastructure where it is going to be costly. Due to the cost matter, PKI is not well known in certain countries as people will go for OTP to have the balance of security and investment cost.

4. EMV Cap OTP with Signature

Europay, MasterCard and VISA Cap One-Time Password with Signature

Europay, MasterCard and VISA (EMV) Cap One-Time Password (OTP) with Signature

EMV Cap OTP offers the best security around as it not only beats off the man in the middle attack, but also the man in the browser attack. This is simply because the user needs to sign the transaction using the EMV card reader instead of the web browser. As a result, the Trojan of the man in the browser will no longer work. The drawback is that, signing with transaction device can be a tedious thing to do. The user needs to enter correctly the recipient’s account number and the amount in order to perform the transaction successfully.

5. Out of Band Transaction Detail Verification

Out of Band

Out of Band

This method provides the best security similar to the above and solves as well the weakness of the EMV Cap OTP. What this method does is to send the user the details of the transaction such as the recipient’s account number, amount and the OTP code via non-internet channel such as voice call or SMS. The user will verify those details given and confirm the transaction by submitting the OTP code into the web browser. This gives great security but not anything more after that. Unlike PKI, that piece of digital certificate can do not only authentication signing, but also document signing, PDF signing or even data encryption.

Nothing is perfect in this world where everything has its good and bad. You have to clearly define what you want and I’m sure you can find the device that is suitable to you.