What Is a Botnet, and Why Is It an Identity Theft Risk?
A "bot" is an infected computer controlled by a hacker, who can use the computing power of the infected machine to perform all sorts of illegal and destructive acts. A "botnet" is a network of infected computers remotely controlled by a hacker, who uses them to commit identity theft and a wide range of other crimes.
A bot can also be a type of computer virus or malware that turns computers into bots so that a hacker can remotely control them. Botnets are a relatively new and growing threat to computer users around the world.
The criminals who create and use botnets to turn computer users into unsuspecting identity theft victims are becoming increasingly sophisticated. With a few keystrokes, the authors of botnets, called "bot-herders" or "botmasters," can harness an enormous amount of processing power and wreak havoc on a grand scale.
Most owners of computers enslaved by botnets have no idea that their machines are infected. It might seem a bit slower, crash occasionally, or display a seemingly random string of characters on the screen, but the botmasters want owners of the machines enslaved in their botnets to remain oblivious to the fact that they're identity theft victims.
Bots are spread by other bots, programs that are constantly searching for weaknesses in home and business computer networks. Using the computing power of the botnet, they're capable of millions of "sniffs" per second in their search for security weaknesses. When they find a way into a new host, they infect it, scour it for personal information, and add its computing power to the botnet.
Botnets are capable of several different kinds of crimes, including the following:
• Sending e-mail spam, computer viruses, and a wide range of others kinds of malware across the Internet
• Stealing the personal information of the infected host, and using the processing power of the botnet to attack networks and create even more identity theft victims
• Using the processing power of botnets to attack the server of a website via millions of "requests" sent at the same time, essentially overloading the server with too much traffic, creating a Denial of Service (DoS) attack
• Downloading antivirus programs and keeping them updated
• Installing a firewall on their home and business networks
• Keeping their operating system updated
• Never opening or clicking on links in unsolicited e-mail