1. Trojans and system monitors. Traditionally, Trojans (or Trojan horses) have been programs that posed as something useful, but in reality were malicious. Common usage of the term has expanded to cover any program placed surreptitiously on a computer.Often, Trojans are downloaded to computers through a hole in Windows XP. Known flaws in Windows have been fixed and patches distributed by Microsoft ages ago. But many, many computer owners do not update their machines. They are playing a dangerous game (but they could be greatly helped by updating their operating system to Windows XP Service Pack 2, which makes it easier to get Windows updates).Once on a computer, Trojans open a communications port and report back to a computer through the Internet. The Trojan might be used to download another program, such as a keylogger. Or the Trojan could include a keylogger.These system monitors track everything the computer's owner does. That includes collecting passwords, credit card numbers and other sensitive data. That information is stored in a file, where it can be retrieved from the Internet. The information could also be e-mailed.Trojans can also be used to install spam servers. Some authorities estimate that 80% of all spam is sent from compromised computers. Your computers could be spewing spam, and you might not know it. These machines also are sometimes used to attack other computers. Criminals are now renting zombie networks over the Web.Your Internet service provider could cut you off if your network is used to spam or attack others.Protecting yourself is easy. If your network router has a firewall, it should protect you even if Windows in not updated. People who access the Internet from the road should have a software firewall installed in their laptops.Antivirus software will knock out most of these pests. But it's not enough to install antivirus programs; you must update them. Most offer automatic updates.And, again, update Windows XP to Service Pack 2. You can set up automatic updates in XP by clicking Start > Control Panel. Double-click System and select the Automatic Updates tab. Or you can check for updates manually in all Windows versions. Open Internet Explorer and click Tools >Windows Update. Let Microsoft scan your computer. Install everything under Critical Updates and Service Packs.

2. Somebody looting your bank account. One of the truly great inventions of the Web is online banking. I'm sure there must be something more convenient than paying bills over the Internet. But I don't know what it is (see my related article).However, as the Gartner study shows, online accounts make a juicy target. So far, banks have generally made good on account losses. But they don't have to.We take for granted credit and debit card protections, which were mandated by Congress. Online bank accounts are much more vulnerable. If someone loots your account, you could be out of luck.All someone needs to get into your account is a user name and password. A keylogger program could acquire those. Or, you could be victimized by a phishing scheme. These are distributed via spam, often from Asia or Eastern Europe.Phishing schemes carry logos of banks or other organizations, along with a link to a Web site. The Web site will request user names, passwords and other confidential data. Phishing schemes are often given away by their poor English. But they are growing in sophistication.Once people have access to your account, they have carte blanche to write checks. In some cases, criminals have set up dummy companies, then written checks to them. Obviously, you must watch your account for suspicious activity.Protect yourself by never, ever replying to spam, including spammers' "unsubscribe" links. And don't fall for a phishing scam.

3. Sabotage by an employee. A knowledgeable employee can easily put a malicious program on your network. It then could be used to steal information that the employee could not otherwise access.No one should have sole access to any area of your network. You should keep an eye on things, too. If your antivirus software is not working properly, you may have an internal problem. Same goes for firewall failures.You should have more than one person who is familiar with the network, in addition to yourself. This is similar to accounting controls, where no one person can access the money. Two employees should be watching things. You should be watching, too.If you have customer files with credit card numbers or other confidential data, you need to know who is accessing them. Log files should maintain a record of who accesses confidential records. Watch those logs, and have trusted employees watch them.I do not hire anyone without a background check. I use a private investigator. Computer networks make it easier for a dishonest employee to reach sensitive areas. I'm interested in network security, and I've made it my business to learn it. Like it or not, you, too, must learn at least the basics. Your company's future could depend upon it.