Tips to avoid malware
Malware (viruses, spyware, trojan horses etc.)
Malware refers to all programs (virus, spyware, adware, trojan horses, boot viruses etc) that slows down your computer, spys on you or steals your data. Wikipedia.org has a great article about malware and what they are.
There have been many questions about how to avoid malware on a computer. In some cases it is impossible to avoid all of them, but in 99% of the cases there are some very simple steps that can be taken.
- Do NOT click on anything online that says you are infected, and click here to remove it. Most likely you will then install spyware that will then install even more malware. And then they will start asking you to pay them money in order to get rid of them. There is NO way any web site can know if you have an infected computer or not. These are typical names of scam programs: WinFixer, Windows Antivirus XP 2009, XP Antivirus 2008, XP Antivirus 2009 and FixyourPC. Another example is 180 Search Assistant which is a spyware.
- Do not go to any web sites that are suspicous. Many anti-malware packages today include a web link check that will try to see if any of the links on the page you are on lead to phishing or malware infested pages. That feature has saved me more than once. And the page that was the problem was supposed to be a legitimate site for downloading anti-spyware software!
- Create a user WITHOUT administrative rights (a limited user). And use that login for your normal daily work. 88% of the security threats that were big last year, would not affect a Windows XP computer if the user had been limited. On Windows 7, only 1% of them would have infected the computer.
- Download software from known sites. The following is a good example of what you DON'T WANT on your computer.WARNING: you may find it is even advertised on several sites:
"Security Essentials 2010" is NOT a Microsoft product. Their product is named Microsoft Security Essentials. It looks very similar, but it will install two programs, Fakeinit and Alureon, which will create a whole lot of problems on your computer. They will stop processes in the computer, stop you from going to certain web sites, change security settings and change the background of your computer. Your background will say "Your system is infected!" with red letters on a black background. You will also be asked to pay for an upgraded version of Security Essentials 2010 which is your first indication that this is malware. Microsofts program is FREE!
Another tip is to wait for a couple of days after you have downloaded software. I have downloaded some free software and left them on my computer for a while (so that my antivirus solution gets updated in the mean time), and then scanned them. Yes, I did all of that to find out if they were infected with spyware.
- Emails are used for phishing attempts and spyware. What I do is to let the mouse hover over the link so that I can see where the link goes. I have received emails with links to Microsoft, but when I hover over it, it says that the link points to microsoft.xxxx.ru etc. The same with bank emails. You learn what global banks exist through phishing attempts.
- Never open any attachments that come from big companies. They would never send you attachments without telling you beforehand.
- Do not download unauthorized software, music or pictures from the internet. JPG or JPEG pictures can be infected with malware code that will be run while you are looking at them. Files ending in .exe are programs and when you double click on them you start the program (not the video or music file you thought you downloaded). If they are malicious they will quickly take over your computer.
- Make sure that you have at least one firewall (most dsl modems have one built-in) in your home. A physical router/firewall helps, but I also prefer to have a software firewall on my computer. Windows XP, Vista and Windows 7 have firewalls built in to the operating system. All windows versions before that will need one. It depends on your network setup. Normally your network connection (dial-up, dsl, cable etc) is attacked 1000-1600 times in a week.
Other general security recommendations:
- Always make sure you have a backup of your data.
- Don't use passwords based on pets, persons or other important parts of your life.
- Never tell your password to anybody. Whatever they tell you they represent.
- Make passwords that combine letters (a-z), both upper and lower case, numbers and other characters (!@#$%^&*?-+). This way it will be more difficult to break in to your accounts. Find a safe place to store them for reference. (ie safety deposit box etc. Treat them like your social security card!)
- Make sure your computers' software is updated.