The Computer Gal Logo - Laptop with coffee and plants
Articles Computer Tips Links About
How to Get a Trojan Horse and How to Fix It
The Computer Gal on Facebook
Ask to receive tips and handouts to your email.

What is a Trojan Horse?

  • A Trojan Horse is malware. It is a program written to attack a computer. A lot of people would call it a virus, but viruses typically make copies of themselves to send out to other unsuspecting people.
  • A Trojan Horse is a program written to do something on your computer that someone else wants it to do. This is a problem because you have your computer to do what you want it to do. It is also a problem because what that someone else wants is probably a bad thing for you.
  • A Trojan Horse lets someone else get into your computer to 1) steal user names and passwords, 2) steal your files, 3) use your computer for some dubious work, such as attacking other computers or sending out spam, 4) capture your keystrokes.
  • A Trojan Horse does this by opening a backdoor into your computer. The programs that allow you to send something out of your computer only send what you ask them to send: your email client sends your emails when you hit send; your email client send files when you attach them; your browser sends your files through a form when you click the Browse button, etc. A backdoor sends when someone elses tells the computer to send.
An Example of a Specific Trojan Horse

"IDG News Service - Cyber-criminals have started preying on Verizon Wireless customers, sending out spam e-mail messages that say their accounts are over the limit and offering them a "balance checker" program to review their payments.

The e-mail messages, which look like they come from Verizon Wireless, are fakes; the balance checker is actually a malicious Trojan horse program"
Read full story

How to Get a Trojan Horse
Here is a real case scenario of how The Computer Gal carelessly invited a Trojan Horse into her computer. I received 4 of these emails through out 11/13/09, starting at 12:28 pm. The emails changed from the first to the last. Starting with the first email:
  1. Check your email while you are trying to do other tasks. This will help you be careless and click on things you shouldn't.
  2. Don't check an email carefully before clicking a link. This is especially true, if the email is from a source you normally receive invoices, statements or other business emails from. Here is what the email looked like:
    1. Sender: Verizon Wireless
      This is trusted source because I receive monthly statement notices from them.
    2. The subject line: Your credit balance is over limit.
      Trusted because I actually have a credit balance on one of my phone bills.
    3. To: jjparker@jjparker*
      If I would have been paying attention, this would have put up a red flag.
    4. Body:
      Dear Verizon Wireless customer,

      Your credit balance is over its limit. Please use the attached Verizon Wireless Balance Checker Tool to review and analyze your payments.*

      Yours sincerely,
      Verizon Wireless Customer Services*

      - If I would have been paying attention, I should have realized that Verizon Wireless has no reason to send me a "Checker Tool" when I have an online account. If the email were legitimate, they would have just told me to log in to my account.
      - It would be Verizon Wireless Customer Service - singular!
    5. AVG:
      No virus found in this incoming message.
      Checked by AVG - www.avg.com
      I was one of the lucky few who got the email before AVG found out about it. This is the second time I've experienced getting a virus before the virus protection software caught up.
    6. The Attachment *
      The attachment was a Zip file containing a very old-style icon for an executable - balancechecker.exe. Just the look of it should have waved a red flag in my face!

How the Emails Changed from the First to the Last

  1. The backdoor that was opened by the Trojan Horse was enough for them to change the email address to my email address.
  2. AVG started showing the emails as spam - too late for me to notice!

What to Do About Your Trojan Horse

  1. Have updated anti-virus software.
  2. Realize you have a problem - I realized what I had done as soon as I clicked. Also, the fact that my computer slowed way down was another clue.
  3. Disable your wireless and unplug any network cables from your computer. With a Trojan Horse, if they can't get to your computer, they can't get anything out of your computer.
  4. Do a full system scan with your anti-virus software. If you don't have updated anti-virus sofware, see #1.
  5. Change the passwords on your online bank accounts and other important accounts. This is one thing that the attackers are trying to steal through the backdoor they created in your computer. However, don't change your passwords through the infected computer or the attackers could have your new password too!

 

Related Topics and Resources

  1. go.google.com Browser Hijack
  2. Wikipedia topic: Trojan Horse
  3. How to Recognize a Trojan Horse on your Website
  4. Domain Name Scam from China
Nora McDougall | Missoula, Montana 59801 | 406.253.4045 | Contact Nora
© 2010, Nora McDougall-Collins