Protect yourself from malware
Posted On Tuesday, September 23, 2008 at at 8:10 AM by amethystMalware vulnerability is on of the few reasons I stay away from my Windows PC when surfing the net. While some of these can be just common annoyances like tracking cookies or keyloggers, some are very malicious and can wreak havoc on your system and your important files.
What is Malware?
Malware is a type of software designed to take over and/or damage your OS in one way or another. Once installed, it can be difficult to remove but that depends on the severity of the malware program as well as the degree of damage it brings which can range from being annoying to rendering your PC inoperable.
The most common types of malware include:
* Virus - A program written intentionally to enter a computer without the users permission or knowledge which then attaches to files or boot sectors and replicates and spreads. Other viruses can cause serious damage to your files and system.
* Worms - they are stand-alone software that modify their host operating system, and are likely to be started as part of the boot process.
* Wabbit - Self-replicating malware. Unlike viruses, they do not infect host programs but repeatedly replicates itself on a local computer. They’re really something more of an annoyance than a threat
* Trojan - Harmful software that is disguised as legitimate software.
* Backdoor - Software that allows remote access to the computer system without the user’s permission
* Spyware - a Software that collects and sends information. Keyloggers are a prime example
* Browser Hijack - a script or program that alters a computer’s browser settings
How does malware spread?
The most common way malware spreads on the net is via email or blogspam. These seemingly random messages contain links to sites that, once opened, either runs a script that downloads or installs malware or presents a link to a file with a very tempting filename.
Here are other ways on how malware spreads:
* Downloading infected files using Peer-to-Peer file sharing programs (e.g. Kazaa).
* Downloading infected files from an untrusted source.
* Putting an infected computer disk (floppy, CD, USB Memory stick, or DVD) into your computer.
* Clicking on a web site dialog box.
* Connecting an unsecure computer to the network.
* Clicking random links from Instant Messaging (IMs)
* Randomly opening sites from any SERP (search engine results page)
How do you spot a malware site?
Take this example:
If you search for: ‘drunk dogs site:.cn’ chances are, you’ll get one of these:
Malware site from Google SERP
Congratulations, you’ve just found a malware site.
There are a number of reasons why that site is suspicious:
* The plethora of “keywords” you see as the description. If you notice, a lot of comment and trackback spam nowadays are full of these. If you’ve ever wondered what they were for, you’re looking at the reason now.
* The seemingly random domain name. If you’re a legitimate person and not just a bot, would you register your site as www.ldwasdadwad.cn?
* The .cn TLD (top level domain). Although I’m not branding ALL .cn sites as malware sources, statistics and and security bulletins prove that most malware sites are hosted with .cn TLDs. If you want to read more on the read Computer World’s article on the subversion of Search Engines.
How do I protect myself?
* Never open a file from an unknown source. Although it’s probably over kill, I suggest that you mark all recently downloaded or installed items on your computer without your prior knowledge to be malware.
* Update your OS. If possible, download and install all security fixes. No matter how much you have Windows it’s always good practice to patch up your OS to prevent others from exploiting it’s holes.
* Install security software like AVs and ASs. Although some people don’t recommend using them, it’s better to be over cautious especially if you’re not the only one using your computer. There are tons of free security software out there like AVG, Avast and Adware to name a few. Try them out and see which works for you.
* Activate the Guest account. If multiple people are using your PC, restrict their access by using a guest account or equivalent. Sure, you may end up editing the Policies so they can save and edit files but at least they won’t be able to install malware behind your back, unintentionally or otherwise.
* Stop look and read that URL! Taking my example above, you’ll note how easy it is to spot if a site is legit or dupe. Just read the URL.
* Use common sense. The spread of most malware relies on carelessness on the part of the victim. If a sudden message pops in your IM that looks as if it’s screaming “Hey click me I’m a spam site”, do yourself a favor and close the window.
Minimizing the Effects of Malware on Your Computer
Posted On at at 8:08 AM by amethystMalware is short for “malicious software;” it includes viruses — programs that copy themselves without your permission — and spyware, programs installed without your consent to monitor or control your computer activity. Criminals are hard at work thinking up creative ways to get malware on your computer. They create appealing web sites, desirable downloads, and compelling stories to lure you to links that will download malware, especially on computers that don’t use adequate security software. Then, they use the malware to steal personal information, send spam, and commit fraud.
It doesn’t have to be that way. So says a website with tips from the federal government and the technology industry that is helping consumers be on guard against Internet fraud, secure their computers, and protect their personal information. Indeed, OnGuardOnline.gov says consumers can minimize the havoc malware can wreak, and reclaim their computers and their electronic information.
Computers may be infected with malware if they:
- slow down, malfunction, or display repeated error messages;
- wont shut down or restart;
- serve up a lot of pop-up ads, or display them when youre not surfing the web; or
- display web pages or programs you didnt intend to use, or send emails you didnt write.
If you suspect malware is on your computer
If you suspect malware is lurking on your computer, stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information. Malware on your computer could be sending your personal information to identity thieves.
Then, confirm that your security software is active and current: at a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. You can buy stand-alone programs for each element or a security suite that includes these programs from a variety of sources, including commercial vendors or from your Internet Service Provider. Security software that comes pre-installed on a computer generally works for a short time unless you pay a subscription fee to keep it in effect. In any case, security software protects against the newest threats only if it is up-to-date. Thats why it is critical to set your security software and operating system (like Windows or Apples OS) to update automatically.
Some scam artists distribute malware disguised as anti-spyware software. Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. Thats a tactic scammers have used to spread malware, and that has attracted the attention of the Federal Trade Commission, the nations consumer protection agency, as well as a number of state law enforcement agencies. Visit OnGuardOnline.gov to find a list of security tools from legitimate security vendors selected by GetNetWise, a project of the Internet Education Foundation.
Once you confirm that your security software is up-to-date, run it to scan your computer for viruses and spyware. Delete everything the program identifies as a problem. You may have to restart your computer for the changes to take effect.
If you suspect that your computer still is infected, you may want to run a second anti-spyware or anti-virus program. Some computer security experts recommend installing one program for real-time protection, and another for periodic scans of your machine as a way to stop malware that might have slipped past the first program.
Finally, if the problem persists after you exhaust your own ability to diagnose and treat it, you might want to call for professional help. If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you’ve installed, and a short description of the problem. Your notes will help you give an accurate description to the technician.
If you need professional help, if your machine isn’t covered by a warranty, or if your security software isn’t doing the job properly, you may need to pay for technical support. Many companies — including some affiliated with retail stores — offer tech support via the phone, online, at their store, or in your home. Telephone or online help generally are the least expensive ways to access support services — especially if there’s a toll-free helpline — but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a technician or repair person to come into your home.
Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do to avoid it in the future. If your security software or operating system was out-of-date, download the newest version and set it to update automatically. Use the opportunity to back up important files by copying them onto a removable disc. Other ways to minimize the chances of a malware download in the future:
- Don’t click on a link in an email or open an attachment unless you know who sent it and what it is. Links in email can send you to sites that automatically download malware to your machine. Opening attachments — even those that appear to come from a friend or co-worker — also can install malware on your computer.
- Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
- Talk about safe computing. Tell your kids that some online activity can put a computer at risk: clicking on pop-ups, downloading free games or programs, or posting personal information.