Every time I come across a client who has had some sort of malware infestation on their computer, I almost always get asked, “How did this get on my computer?” The bad news I have to give them is that its very difficult to find out exactly how a computer was infected. Sure I can easily see when a computer is infected and I can take measures to find the virus’s entries on the computer and remove them, but to find out where the virus came from and what was physically done by the user to put the virus on the computer, that’s nearly impossible in most situations to figure out with 100% certainty.
With that being said, how can end users avoid making the same mistakes in the future if they don’t know how they got infected in the first place? Well, there are guidelines that everyone who uses a computer needs to always practice to best prevent infections of any type. Here is a list of those guidelines.
1. YOU MUST HAVE SOME SORT OF ANTIVIRUS INSTALLED ON YOUR COMPUTER AND ITS LICENSE TO UPDATE ITSELF MUST BE ACTIVE!!! If you don’t know a thing about computers this is the one step that is the most necessary and fortunately it requires more money from your pocket then it does information technology know how. Antivirus programs can be purchased online or at your local technology retailer store. Personally I recommend purchasing your antivirus some where locally. You can easily compare products and you want an actual install CD with your install. There are several reasons why you may need to reinstall your antivirus later and you will need your original install to do this and having a local CD in your posession is the easiest way to do this.
Furthermore, an updated antivirus program will always help you look out for viruses when your mind is on other things. One extra note to consider is that with antivirus, the more it costs and the more features the antivirus package has does not mean it is necessarily better. Sometimes big bulky antivirus packages that cost more, slow down your computers performance. Just make sure what you are purchasing contains antivirus and antispyware. Everything else is at your discretion.
2. ALWAYS KNOW THE NAME OF YOUR ANTIVIRUS OR ANTISPYWARE PROGRAMS. Several virus/malware programs pose as antivirus programs trying to trick you into trusting them and thus doing what they ask you to do (like providing your credit card to renew their activation). By having antivirus installed and knowing the name of your antivirus package, you should know that for no reason should you have any other warning messages pop up on your computer regarding security risks, antivirus expiration, or infected computer warnings, if they don”t come in a pop up window that reads the name of your antivirus package some place. If they do then you are likely infected and do not interact with the warning messages.
3. WHEN BROWSING THE WEB, READ READ READ POP MESSAGES ON YOUR SCREEN AND CONSIDER WHAT THEY ARE SAYING. I personally think one of the largest reasons behind virus infection are oblivious users or simply CLICK CLICK CLICK their way around the web and click anything that they don’t want in front of them just to get the pop up off the screen.
If you get a pop up window that is seperate from your web browser and its message seems somewhat fishy (fishy meaning, advertisment, warning message of infection, or contains information that would seem to alarm you into clicking its contents), then try not to interact with it and close your browser as soon as possible. In these instances its a great idea to delete your temporary internet files right after an occurence. Deleting temporary files is different according to what browser you are using and directions vary for each (examples of browsers, Firefox, Google Chrome, Internet Explorer).
4. KNOW THAT MANY MALWARE/VIRUS INFECTIONS COME THROUGH EMAIL AND INSTANT MESSENGERS AND BE CAUTIOUS. Most people know malware can be carried through email. The first step you can take with email is to verify that with which ever email client you are using, that it has email protection built in at some level. For instance if you are using an email program on your computer like Outlook, Outlook Express, or Thunderbird a level of protection would be the antivirus package you installed on your computer. Verify your antivirus package says it does email protection when you purchase the software. The email protection antivirus programs are referring too are these types of email you use when you are using programs like Outlook or Thunderbird on your computer.
If you are using webmail there are normally malware and spam filters associated with these online webmail accounts. Each is different but most have some sort of protection. You should just look into what filter is associated with your webmail and if there is none try to to take steps to have one in place. ANTIVIRUS INSTALLED ON YOUR COMPUTER DOES NOT PROTECT YOU BY SCANNING YOUR WEBMAIL. Webmail is not actually stored on your computer but are stored on the webmail website so their is no way for Antivirus to scan those emails unless you download and attachment to your computer at which time the antivirus will scan the attachment, but clicking on webmail links can take you to undesirable websites that try to install malware on your computer.
Regarding how to recognize email attacks or instant messenger attacks, I always say to the user,”If the email sent to you is impersonal and seems like its an email or instant message that could be sent to multiple people and it would still make sense, then it might just be spam that is trying to get you to click on its links. Spam emails and instant messages are always trying to get you to either click on a link or download a file.” And understand that spammers and even SPOOF your friends email addresses and instant messenger names. This means that for instance you could receive and email or instant message from your mother that says something impersonal like “Hey, this picture is so funny of you: www.exampleoflink.com“. If its an instant message I will normally reply back to the message in question to see if my friend responds with something that makes sense. If not, your friend just got spoofed at your expense.
5. BROWSE WEBSITES THAT LOOK PROFESSIONALLY DONE. Most of the time this is pretty simple to follow. Most of the time reputable sites don’t have many pop up windows when browsing their sites. If you wind up in a place you’ve never been and the website is not impressive and information on the site seems fragmented or you see advertisements in every which direction, you could be in a bad place. This is a more general guideline but I simply state this as a guideline so you will make sure that you know websites you are visiting are reputable.
6. DON’T INSTALL A LOT OF FREEWARE FROM THE WEB. Downloading programs from the web that are free can sometimes be harmless but just understand that when you download any progam from the web and install it on your computer, you are at risk for infecting your computer. Any software company that needs to survive needs to sell their software and if their not selling it, they have another means of making a profit. ITunes is a good example of free software that makes a profit when people use their software, so they can otherwise give away their software for free. ITunes is also a very reputable program that anyone can tell you is legit. The less well known it is, the more risky.
Final Note: In the end, you can be as careful as possible and still get infected. Someone who stays in their house all day trying to avoid getting sick can still get sick after all. And antivirus is not a brick wall shielding you 100% from all possible infections and by getting infected doesn’t necessarily mean your antivirus software is bad. All antivirus programs are reactive for the most part. The programmers who make the antivirus programs have to wait for virus outbreaks to appear in the world before they can know how to issue updates to their software that will protect you from the viruses. Doctors don’t research cures for illnesses they don’t know exist. So having antivirus on your computer is like having a hospital in your home town. Its not going to cure all diseases but its definitely better than not having one at all.
If you do get infected, your first step should be to make sure your antivirus has the most recent updates and then run a full system scan using your antivirus package. If this does not seem to work, DO NOT install more and more antispyware programs trying to remove the virus. It is best to take our computer to a local IT professional to assist with removing the infection. The reason you do not want to install multiple antispyware or antivirus programs on your computer is because:
1. Your computer will slow in performance
2. Antispyware and antivirus programs will sometimes work against each other and actually see each other as possible infections and will try and dismantle each other in some cases.
I hope this blog helps you understand a few of the best practices to consider when using your computer in a way that prevents future infections. And if their were any possible topics I did not address, please feel free to leave additional comments.