absolutely sure it comes from a trusted source. In fact, many

               companies strictly prohibit the installation of any software not
               prescreened by the IT department. These policies serve to minimize
               the risk that an organization’s network will be compromised by a
               Trojan horse—a software program that appears benevolent but carries
               a malicious, behind-the-scenes payload that has the potential to wreak
               havoc on a system or network.

               Trojans differ very widely in functionality. Some will destroy all the

               data stored on a system in an attempt to cause a large amount of
               damage in as short a time frame as possible. Some are fairly
               innocuous. For example, a series of Trojans appeared on the internet
               in mid-2002 that claimed to provide PC users with the ability to run
               games designed for the Microsoft Xbox gaming system on their
               computers. When users ran the program, it simply didn’t work.
               However, it also inserted a value into the Windows Registry that
               caused a specific web page to open each time the computer booted.

               The Trojan creators hoped to cash in on the advertising revenue
               generated by the large number of page views their website received
               from the Xbox Trojan horses. Unfortunately for them, antivirus
               experts quickly discovered their true intentions, and the website was
               shut down.

               One category of Trojan that has recently made a significant impact on

               the security community is rogue antivirus software. This software
               tricks the user into installing it by claiming to be an antivirus package,
               often under the guise of a pop-up ad that mimics the look and feel of a
               security warning. Once the user installs the software, it either steals
               personal information or prompts the user for payment to “update” the
               rogue antivirus. The “update” simply disables the Trojan!

               Another variant, ransomware, is particularly insidious. Ransomware

               infects a target machine and then uses encryption technology to
               encrypt documents, spreadsheets, and other files stored on the system
               with a key known only to the malware creator. The user is then unable
               to access their files and receives an ominous pop-up message warning
               that the files will be permanently deleted unless a ransom is paid
               within a short period of time. The user then often pays this ransom to

               regain access to their files. One of the most famous ransomware