“Malware”, short for “malicious software,” is the generic name for programs that infect devices for purposes other than those of the legitimate user. Malware is of no benefit to the user but seeks instead to accomplish some purpose for the perpetrator. Various types of malware include viruses, worms, Trojan horses, ransomware, spyware, adware, scareware etc. Today we will start with the basic malware defense strategies.
1. Anti-virus/malware software. Whether you use a free Antivirus program or a paid version you must keep it up to date and check it regularly to be sure it is active and running. You should also activate your Window’s or anti-virus program’s firewall.
2. Keeping Your System Security Current. With Win 10 updates are no longer optional, they are mandatory. With Win 7/8 updates are optional and you may either enable the automatic update feature or run them selectively. In the past we have recommended enabling “automatic updates.” We no longer make this recommendation because Microsoft updates for Win 7/8 have become more trouble than they are worth. Their security and bug-fix potential is now far outweighed by the disruptiveness of these “updates” many of which have little or no constructive value to the user and are implemented to gain Microsoft more access to your browsing patterns and personal data.
3. Secure Your Network & Keep Your Personal Information Safe. Many PCs access files, printers, or the Internet via your home or business Wi-Fi “hot spot.” Make sure your passwords are strong. Never broadcast an open Wi-Fi connection. Don’t broadcast your SSID (the password to your Wi-Fi network. Hackers may compile your information and personal data from account to account until they have enough info to access your bank acct. or steal your identity. Be cautious on chats and social media. Lock down all your privacy settings, and avoid using your real name or identity on “chats.” Use multiple passwords. When using open Wi-Fi hot spots like Starbucks, McDonalds, the library, and airports, never access your personal password protected sites. The bad guys are listening.
4. Think Before You Click. Avoid websites that provide pirated or questionable material. Do not open email attachments from unknown sources. Do not click on an unsolicited email links. Let your curser hover over suspicious links to see where it’s taking you before you click it. If you download a file from the Internet, an email, a file-sharing service or any FTP site (file transfer protocol), scan it before you run it. Your anti-virus software should do it automatically, but make sure it is being done.
5. Back Up Your Files. Files that are important to you should be backed up. Backing them up on an “always connected” storage device like external or internal hard drives is not sufficient. Malware that infects your PC will infect a back-up drive if it is connected. The safest back-up is one of the “cloud storage” services like Carbonite. Your files are safe and accessible, the cost is less than $60 a year and it is automatic. If you do use an external back-up, back it up frequently and disconnect it when you’re done. Don’t leave your back-up device connected.
These are basic practices everyone should follow but what do you do when you get that official looking screen that says your PC has a problem and you need to click on a link or dial a phone number for assistance? These are examples of “social engineering exploits”, next week’s topic.