What is a “bot”
Short for robot, a “bot” is a script or application that succeeds at completing repetitive actions on command.
Malicious bots allow an attacker to gain control over a computer so that it can be controlled remotely, likely for criminal activity.
What can bots do?
When it comes to malicious bots, criminals create a code that creates a bot, which can then be sent out in an email to a number of email addresses.
When an unsuspecting computer user opens the infected email, the bot code begins to look for and attack certain vulnerabilities on the computer.
Afterward, the bot looks through the network in hopes of finding another computer to attack.
The bot code uses various means to get to other computers, which then become “zombies.”
Security firm Distil Networks has estimated 40% of bots are malicious.
What kind of damage can a bot cause?
Those who use bots for criminal activity specifically use bots to collect enormous amounts of information from computers.
Bbecause bots can spread to many computers, criminals are able to control them all and perform widespread attacks to garner sensitive data from their victims.
Cybercriminals can use bot networks to send out spam, phishing attacks and scams in order to get money from victims.
They can also commit identity theft, or make unauthorized charges using a victim’s bank account information or other personal data.
Others use bots to attack a company’s network by increasing the volume of traffic flooding into the network.
With traffic high, the company could be overwhelmed and crash the server.
When this happens, criminals also use the attack to hold the company’s network at ransom: they demand the company pay money to prevent their network from being destroyed.
Some bots mimic human activity, making it difficult to determine whether an online interaction might be with an actual person or an automated bot.
On the flip side, good bots are prominent in many of today’s technological advances.
They help people shop online or order food from a computer or smart phone, or they show you what the weather is like in your area.
How to avoid malicious bots
Security experts believe security software is perhaps the best and first line of defense against malicious bots.
Ensure that you keep your security software – anti-virus and anti-spyware programs – turned on and set to automatically install the latest updates.
Also, avoid suspicious sites that aren’t familiar.
Bot attacks can derive from these websites; in fact, even when opening email from someone you know, if their system has been left unprotected, your computer is at risk of being attacked.
If you operate a website, consider installing a “CAPTCHA” script.
This is used to stop bots from spamming your pages and forms by requiring a user to type in a word or combination of letters and numbers to prove the user isn’t a bot.
Avoid unauthorized access to your computer through sources like Internet Relay Chats (IRC) and File Transfer Protocols (FTP).
This is possible by turning of IRC and FTP programs when you are not using them.