1. The one with the keylogger and the $1M in debit card charges
Did you hear about the six-year-old girl who hacked into the computer system of the British House of Lords? That’s a funny one.
Did you hear about the guy who had nearly one million dollars sucked out of his bank account in merchandise, gambling and other charges, who lost his savings and retirement, and whose credit score is shot to pieces because of online hackers? That’s a terrifying one.
Keyloggers are the Regina Georges of the online world.
Both stories really happened, and both have one thing in common: a keylogger. Also known as keystroke malware, it records everything you type into your computer — every word you write to your dad, every username and password combination, every login you make into your online banking service — and sends what it finds to whoever put it there: your ex, your boss, or a criminal with fingers that reach deep into your savings.
How does a keylogger find its way into your PC? Sometimes, someone directly plugs a little keylogging device into it. More often, you get them like you do any other kind of malware: by opening the wrong attachment, clicking on the wrong link, or even visiting the right website that’s unknowingly showing you malware-infected ads (more on this also-terrifying thing later).
2. The one with the airline email that’s really a one-way ticket to hell
American Airlines has had one. And Delta. And Qantas. And Jetstar. You name the airline, someone’s misused its good brand to attack people’s computers and gain access to their personal data.
He’s not kidding.
It started with an innocent-seeming email from an airline (which was not from an airline), containing a PDF attachment (which was not a PDF) with a flight itinerary (which was not a flight itinerary) or a clickable link leading to the airline’s own website (which was not the airline’s own website).
Many people who received these emails were naturally curious enough to open the attachment or click on the link. Wouldn’t you? After all, a reputable airline had just sent them a legit-looking email telling them they’d bought a flight ticket they couldn’t possibly remember buying, because they hadn’t. You’d like to know whether you’d been drunk-booking again, too.
But the attachment that looked like a PDF was really a piece of malware, devilishly labelled pdf.zip. And the site people were led to after clicking on the link was brimming with viruses and other malware that infected their computers and left them — and their emails, chats, photos, credit card details and bank accounts — completely exposed.
3. The one with the online ads that are really horcruxes
Oh! Oh! This is a good one. Have you heard of malvertising? Basically, it’s that thing when you visit a popular, otherwise unproblematic website, and the online ads attack and infect your computer. And it happens a lot.
But you didn’t even click on ANYTHING!
It has happened to the good readers of The New York Times. It’s happened to Yahoo, and Youtube, and the Reuters news agency. It’s even happened — this will hurt — to The Onion.
It’s not the sites themselves that are trying to hack and harm you, of course. They don’t even know until it’s too late. Cyber criminals buy online ad space on these sites through intermediaries, and by the time anyone’s clocked what they’re up to, millions of people have been exposed to viruses, spyware and all kinds of other garbage.
And we saved the scariest bit for the end: there are strands of malvertising that don’t even require you to click on any of the ads in order to harm your computer. They just start running malicious code the moment you open the infected site.
Good thing you’re protected, right?
Fortunately, you don’t have to worry about things like these happening to you because you have a good, trustworthy and up-to-date antivirus running on your computer and your smartphone. Stories of this sort really just remind you of how reckless and dangerous it would be for you to go online even for a minute without the proper protection.
Why are you crying?
What!? You don’t have antivirus? OK, breathe. Easy fix.
You can get an excellent one right now — it’s completely free, installs in seconds and it’s trusted 400 million users worldwide — by clicking here. It couldn’t be simpler. And you can turn these horror stories into something that only happens to… other people.
(You can read more about that six-year-old cyber hacking wunderkind here; learn about the man who suffered a devastating attack on his personal finances here; and find out more about those airline scams here, here, here and here)