The original Trojan horse tricked Troy’s residents into allowing Greek warriors access into their city. In a similar way, malicious software programs known as Trojan horses try to trick you into letting them onto your computer by purporting to be something else.
While Trojan horses are often mentioned in the same breath as viruses, they are different. While computer viruses replicate and spread among computers, Trojan horses do not. They require computer users to (unwittingly) activate them.
And that’s where the deception comes in. No one would knowingly launch a program that promised to erase data, corrupt files, spy on them while they browsed the Web, or steal their confidential information. So instead, Trojan horse programs claim to have something computer users might want: MP3 files, photos, games, or other types of programs.
But because Trojan horses must be executable programs, and not simply files, writers of Trojan horses generally hide the filename extension that tells you what kind of file you’re dealing with. Programs are designated by extensions like .exe, .bat, or .pif, but the computer hacker can mask these extensions so their Trojan horse program appears to be a text, audio, or photo file.
As noted above, Trojan horses can do extensive damage to your computer, and can even steal or “phish” your confidential information. Here is a partial list of the damage Trojan horses can do:
- Erase or overwrite files and other data;
- Observe how a computer is used and report it back to the hacker (spyware);
- Steal confidential information, including account numbers, passwords, and credit card information;
- Take over your computer to send spam e-mail or hack other computers.
Making a small distinction between virus and a Trojan horse, some hackers use Trojan horses as a way to spread viruses. When used in this way, the horse program is considered a “dropper.”
The most common way for Trojan horses to be spread is via e-mail, but they can also be included in software programs downloaded from the Internet. Here are some other precautions to take to prevent becoming a Trojan horse victim:
- Never click on or run an e-mail attachment unless you have verified that it came from a trusted source. Just seeing a familiar name in the “From” line isn’t enough; some programs are spread by hijacking people’s address books. So while a message may look as though it’s from someone you know, it may be a Trojan horse or virus. Make sure your e-mail client does not automatically launch attachments.
- Install an antivirus program, and update its virus definitions regularly. Many antivirus programs have an auto-update feature. If yours does, enable it.
- Make sure your operating system is up to date and has all current patches. When a new security threat surfaces, be it a virus, worm, or Trojan horse, software developers issue software updates that close up the security hole the malicious program has exploited.
- Be wary when installing any new software, especially programs you download from the Internet. This includes programs downloaded from peer-to-peer file-sharing, as well as freeware and shareware programs.
Trojan horses can do extensive damage to your computer, but the good news is that they need your help to do it. By following the steps outlined above, you can withhold that help, ensuring that you don’t end up like the original Trojans.