As technology advances, every person must know how to protect themselves from malware. For almost as long as computers and networks have been in use, malware has existed, attempting to compromise, sabotage, and damage these systems. Initially, viruses and worms spread through infected floppy disks and security holes in server-based applications. As technology has changed, so have the methods of attack. Now malware is spread through email and files placed on websites as a common way to trick users into installing the malicious software on their systems. And with the rise of mobile device usage, the industry is seeing a dramatic increase in fictitious mobile apps masquerading as legitimate applications.
Who Should Be Concerned About Malware?
The stay-at-home mother with a hard drive full of pictures.
The author with a hard drive full of stories.
The laboratory technician in charge of electronically processing and storing test results.
The CEO who saves company sensitive information on his computer.
The retail shop that installed new Point-of-Sale (POS) software on their computer.
What do these unlikely candidates all have in common? Whether it was via a website they visited, an email attachment they opened, a link they clicked on, or poor software configuration—one way or another, they have all fallen victim to malware.
- 390,000 malicious programs are registered every day by AV-Test Institute
- According to the Department of Justice, in the US alone, 2,500 cases of ransomware were reported to the Internet Crime Complaint Center in 2015, costing victims over $24 million
- Lastline Labs reported that the average number of evasion techniques used per malware sample is 10
- According to Webroot, 15% of new files are malicious executables
- Proofpoint research shows that there was a 600%+ increase in attachment-based vs. URL-delivered malware attacks from mid-2014 to 2015
What can you do to protect yourself from malware?
The statistics are all too real and a definite cause for concern. When faced with grim facts, end users are often afraid to perform many of the activities they are used to doing on the web. But, with proper education and smart decisions, the Internet can be a safe and useful place to visit without worrying about what is lurking around the corner. Utilizing the following best practices will protect yourself and your data from hackers and viruses and keep your computer running more smoothly and reliably.
Your username and password are your virtual identity and should be treated carefully. Protect all your devices with strong passwords. Don’t share your passwords, and avoid writing them down. Use passwords that can’t be easily guessed. Avoid using real words or personal information like names of family members, pets, birthdays, hobbies, etc. A strong password should be at least eight characters long and contain a mixture of upper and lower-case letters, numbers, and symbols.
Practice Social Media Security to Protect Against Malware
Limit personal content on social media. Online criminals use social media information to tease out security question answers and other information that can be used for identity theft. Make sure you know who can access your social media profile. Limit the information available and verify that your security settings are stringent to avoid unwanted access.
Keep Your Devices Secure
Secure laptop computers and mobile devices at all times. Phones and laptops get stolen from cars, houses, and offices all the time. Whether in your office, coffee shop, airport, etc., lock them up or carry them with you. Before leaving your devices unattended, be sure to lock them or log yourself off and configure them to require a secure password to start or wake up.
Use a Firewall and Anti-Virus Software
Firewalls and anti-virus are absolutely essential if you want to remain secure. Luckily, most modern operating systems come with a firewall built in, and there are 3rd party firewalls you can use as well. However, you’ll need to find an anti-virus to use since most operating systems don’t come with one. There are plenty of good anti-virus programs to choose from, some free and some that cost. Just be sure to do some research on the anti-virus program before you install it.
Keep Your Devices Updated
In order to stay secure, you need to keep everything updated. The reason for this is that most updates to programs will be security updates. This is especially important for your web browser, firewall, anti-virus, and operating system, but it is also a good idea for other programs you use, especially if they impact your security in any way.
Don’t Install or Download Unknown Programs or Apps
Software and apps masquerading as legitimate offerings can harbor behind-the-scenes viruses or open a “back door,” giving others access to your devices without your knowledge. Oftentimes, scammers create fictitious apps that look identical to what you’re looking for. A recent example of this is when scammers scrambled to get infected versions of Pokémon Go into the app stores for download. You should always closely inspect the publisher, the number of downloads, and other data for signs of fraud before installing to protect yourself from malware.
Never Access Private Information Over Free Wi-Fi
Free Wi-Fi can be incredibly handy but can also be very dangerous if you don’t watch what you’re doing. Since anyone can connect to free Wi-Fi, this can include computer hackers who have the ability to intercept the information you send over a wireless network easily. This is why it’s important never to access important information such as bank or email accounts when using free Wi-Fi. Auto-connecting to unknown networks could also put your device and data at risk. Check your wireless preferences/settings on mobile devices to ensure you aren’t set up to auto-connect to any wireless network they detect.
Backup Your Data and Securely Store it
Backing up your data is not necessarily a way of keeping your computer safe, but it is a way of keeping your data safe. Recent malware, called ransomware, infects users’ machines by encrypting all the documents stored there and then demanding a ransom for the decryption key. The only way to restore hours of work or precious baby photos is to either pay the ransom—and hope they send the keys to you—or restore the data from a backup. Often times it’s a lose/lose situation for the end user or company who becomes infected with this malware. This makes backups a great way to protect yourself from the negative impacts of malware like ransomware.
Beware of Scams
Scams come in various forms, but regardless of the method, you need to be careful who you share your private information with. Here are some basic principles to follow:
- Don’t send restricted data via email, text, or instant message (IM). These are not generally secure methods of communication.
- Only click on links from trusted sources. Never click on an unfamiliar link unless you have a way to verify that it is safe independently. This includes tiny URLs and any link where you can’t tell where it will take you.
- Only use trusted, secure web pages when entering personal or sensitive information online. Don’t log in to websites or online applications unless the login page is secure, meaning the URL starts with “https” instead of “http.”
- Don’t open attachments sent via email from someone you do not know. If you receive an attachment from someone you know well, ask the person if they did, in fact, send you something to view.
- Phone scams are becoming more common. They involve receiving a phone call from someone pretending to be from Google, Microsoft, or another large company telling you that your computer is infected. Other variations include someone pretending to be from the IRS and threatening you with a judgment for tax fraud. Companies like these will never call you out of the blue and do this. If you do receive a call like this, say “No thanks” and hang up.
Protect Yourself and Your Business From Malware
Practicing safe computer habits will go a long way to protecting your data. M.A. Polce offers managed cybersecurity services in New York to businesses looking to protect themselves from malware and other cyber threats. Contact us today for more information on how we can help train your end users in safe computing practices and other ways we can better your network security.