1. Compromised pages
Cyber-criminals attack Web servers to reach the code source of pages and inject malicious code to redirect you to fake sites or infiltrate malware on your computer.
Fake sites, known Phishing sites reproduce the identification pages of the most popular sites to steal your password and access your accounts. Fake Facebook pages, Twitter, eBay, Paypal, Apple, Gmail, Google Docs, abound on Internet. Of course all banks are also victims of this problem. Finally, do not forget that the Phishing can also be initiated from fake messages on social networks or email.
This is one of the biggest threats of the recent years. If your computer is infected with a “Bot” it turns into Zombie PC. Literally. It finds itself enrolled and controlled by cyber-criminals in a “botnet” network formed with millions of infected machines by bots. This network is then leased by the authors of criminal organizations who use them to introduce demos software on your PC to be massive attacks on sites to traffic banking, etc.. The “bot” are so advanced they are now difficult to detect, difficult to eradicate and can be used for any purpose.
4. Spyware and Trojans
It is always a classic. These malicious programs run as quietly as possible and may remain on your computer for months without you knowing. They open entrance doors on your machine (Trojans) and spy on your activities.
Beware of where you download the tools that your friends recommend. Always use the official websites of publishers and never go through a Google search. Many download sites offer “modified” versions of free software (CCleaner, antivirus, etc.). Installing parallel programs demos and advertising programs that pollute your machine and destroy your Web experience.
6. Toolbars and Search Bars
This is a special category of adware that settle in the heart of the browser. They divert your research to encourage you to visit the sponsored links. They display popups. Some are able to modify the Web pages you visit on the fly to present you with advertisements even on sites or pages that do not usually use advertisements.
This is one of the worst kinds of malware. The best known is called “CryptoLocker.” It hijacks your files by encrypting them. Then your files become unreadable. And you are asked to pay a “ransom” to get the decryption key. In addition to be extorting money, be aware that some victims never received the key they had paid. There are other tools of the same kind as “Cops”, which display a warning message when starting the computer and block all access to the desktop posing as the police, the FBI, the CIA or other government agencies. They will not give you access to your computer until you have paid the “fine” or “tax” required.
8. Incentives to download
Probably you already came across pages that tell you that Flash, Java, or that your video player is outdated. In 99% of cases, this message is a scam to get you to download and execute a malicious program. Once installed, it can then freely, without your knowledge, inject spyware, adware and bots on your machine.
9. Vulnerabilities and exploits
We keeps saying that it is important to make updates. It is not enough that your system is up to date (which is easily done through Windows Update). It is especially important that softwares and installed extensions are up to date (and older versions uninstalled) such as Java, Flash, Adobe Reader, QuickTime, Office, and all your web browsers. Or what the vulnerabilities of these tools will be used by malicious scripts located in the heart of Web pages to infect your machine. This is why it is now very dangerous to continue using a PC running Windows XP, Microsoft has discontinued updates.
10. Targeted attacks
This is one of the major trends of the moment. Cyber-criminals imagine attacks targeting a small number of individuals. They use websites or forums with specific topics or they use information found on social networks for attacks small spans so antivirus will have more trouble finding. In addition, targeting specifically the attack in a given population, they are more likely to convince these users to realize the irreparable (accept an infected file, redirect the navigation to a phishing site, etc..).