Early computer attacks, such as the widespread Melissa virus of 1998, incapacitated computers or clogged mail servers with very heavy traffic. Such ploys inconvenienced victims but didn't enrich culprits. Now attackers increasingly go after valuable confidential information, whether credit card numbers or government documents. They're "hacking for fortune," as Symantec's Oliver Friedrichs puts it. Mystery writers like Jackont might prefer to say that the culprits have the classic motive—money. They also have means and opportunity.

The ubiquitous Windows PC, with its history of security problems, presents an enticing target. "A couple of years ago, or even last year, most of the attacks were basically targeting Web servers," says Ullrich. But as software companies and system administrators create better firewalls for servers, attackers are moving on to smaller but more vulnerable prey. Because many antivirus programs recognize only threats that security experts have already seen and defined, unique Trojans go undetected as they enter a system.

Once a Trojan has duped a user into allowing it onto a desktop, a well-configured firewall may later notice the Trojan intruder when it communicates with the outside world through unusual ports or addresses. But if a clever Trojan sends confidential information over the same port used for Internet access, no firewall can tell the difference between normal Web-surfing and nefarious activity.

The insidious Trojan attack is no longer a work of black art. When Trojan horses first appeared in the early 1970s, only programmers knew how to craft them. Now, however, crooks can just point and click to alter basic designs, thwarting antivirus software. They can add hidden instructions—"Get me passwords and anything called 'Top Secret'"—to ordinary files, be they Microsoft Word documents or PDFs. Crooks can even create Trojans that, by taking advantage of security flaws in Web browsers, install themselves automatically when a victim visits a deceptive Web site.

"So, should Company A decide that it doesn't have any scruples and wants to get something inside Company B," says Mark Sunner, chief technology officer of MessageLabs Ltd., an e-mail security company in Gloucester, England, "the tool kits...are now available to accomplish what three or four years ago would have been a very complex technical thing to pull off."

To detect a Trojan intruder lurking on a hard drive, it helps to make sure that firewalls are optimally configured, even if they can't be counted on to catch every targeted attack. Under development, says Symantec's Friedrichs, are methods of identifying Trojans by tell-tale file modifications and other suspicious behavior. A common clue for users is a computer's suddenly performing ordinary tasks much more slowly than normal.

To stop a Trojan from breaking and entering in the first place, companies have recourse to proxy servers. They essentially download files for a test run before passing them on to a user's desktop, scanning each attachment for potentially malicious software.

Yet truly avoiding infection, says Ullrich, "really comes down almost exclusively to user education." Users should regularly install software update patches offered by software suppliers to minimize the flaws that Trojan horses and other threats sometimes take advantage of. Of course, it also helps to avoid keeping valuable information on Internet-connected machines. Most important, they should steer clear of unsolicited attachments, links, and even disks and CDs.

Ordinary computer users may not enjoy greeting every e-mail with skepticism. Pain, regrettably, often proves to be the most effective teacher. Not long after the Jackonts' novel appeared prematurely on the Internet, their former son-in-law mailed Amnon a disk that supposedly came from a student in Jackont's writing class. "This disk, I never put in my computer," Jackont says. "I gave it to the police."