Crimeware

A new word and a new attitude for internet crime

By Matthew Stibbe

The public's perception of the risks they face online lag behind reality by a couple of years. For example, most people have grasped the concept that they should not open attachments in emails from strangers. In reality, this kind of email worm accounts for about four per cent of attacks these days.

In fact, Panda Software, an antivirus company, has found that the most common problem on people's machines is spyware accounting for over 40 per cent of detections. But many people don't even know what spyware is.

Perception and reality

Earlier this year, I was involved in a series of focus groups with different kinds of home and small business users. The results were depressing: most of the people we interviewed simply don't protect themselves properly.

Their insouciance in the face of obvious threats rests on three big myths.

•	They think that it is complicated and time-consuming to protect themselves. They find the jargon confusing. Many popular security products are very intrusive with regular popups asking the user to make choices that they don't really understand.
•	They think that being attacked - mainly by irritating spyware and popup adverts - is more or less inevitable. So why bother?
•	They perceive malware as a kind of toll for using the internet. It's like a traffic jam or getting a cold. In their minds, it is written by nerdy teenagers for vainglory but not for malice or profit.
•	Consequently, they think that the consequences of an attack are trivial. Their computer might slow down a bit. Buying a new computer is a popular 'antidote' to computer security problems.

The reality is very different. Malware is all about crime and making money at your expense. They even want to steal your online computer game characters. When confronted with this reality the people in our focus groups were genuinely surprised.

Time for a change

In my opinion, it's time for a new word that will capture this change and end the confusion created by having a dozen words for computer threats. Forget about spyware, malware, viruses, Trojans, worms, key loggers, phishing and all the rest. Let's call it what it is: crimeware.

If you're reading this newsletter, this isn't going to be news to you but you have a valuable part to play in getting this message out to everyone else.

The second critical message to get out is that it is easy to protect yourself. A good place to start is Microsoft's UK security centre or Get Safe Online.

What does all this have to do with business IT security? Two things: First, infected home computers are a jumping off point for attacks on business. If we can drain the swamp, we can make the internet safer for everyone. Second, if home users stop trusting the internet, they'll stop buying online and they'll stop visiting your website.

What next?

•	You can get free security training with Microsoft Small Business+ right now. (Free registration required).
•	Learn how to stop identity thieves targeting your business.
•	Matthew writes a new column every fortnight. Subscribe and get each edition direct to your inbox.

Sign into Microsoft Small Business+ for free web-based training, online chat help and software support.

More info >

Our free newsletters are packed full of business advice and ideas - plus all the latest news

See an example

Get the latest bulletins and updates direct from Microsoft

All recent updates

Internet Explorer update