Our tech bench at Calibre Computer Solutions always has at least one computer (usually more) on it that’s been infected with some type of virus or malware. Nasty infections requiring specific removal tools and processes have increased dramatically over the past year.
The number one question I’m asked is, “How did this get on my computer? I have antivirus protection.”
In today’s column, I would like to dispel five common myths most computer owners believe about viruses and spyware. Learn these, make the recommended changes, and your risk of infection will be greatly reduced.
MYTH #1 – If I have an antivirus program, my computer is safe.
Unfortunately this is not entirely true. Having a good antivirus program, such as our recommended Managed VIPRE Antivirus, is an important step in the right direction.
However, malware creators work hard to sidestep the common protection programs either by exploiting newly discovered security holes before they’re patched or by using “social engineering” to trick users into opening infected files directly.
While there is no guarantee of total safety, experts recommend a combination of the following for reasonable protection:
• Professional antivirus software – NOT the free AVG or Microsoft Security Essentials
• Regular software updates for your operating system (Windows or Mac OSX), Java, Adobe products, and Internet browsers
• User education (e.g. “If you don’t recognize the sender, don’t open the attachment”)
• Perimeter defense (firewall, hosted spam filtering, DNS protection)
• Regular, automated backups
MYTH #2 – If I use a Mac, I don’t have to worry about viruses.
Once upon a time this was mostly true. When Macs were a tiny slice of the overall market, it just wasn’t worth the malware writer’s time to learn how to infect Apple computers.
With the growing popularity of the Apple Mac though, comes a growing interest from online criminals. In 2012, over 600,000 Mac computers were infected with the Flashback malware, and security maker Sophos currently tracks over 4500 Mac-specific viruses and malware currently in use around the world.
Like PC users, the time has come for Mac users to add antivirus software and make sure they are being diligent with software updates and backups.
MYTH #3 – My mobile devices can’t get infected.
Also not true! As of 2012, the fastest growing segment of both malware quantity and malware profitability (for the criminals creating these things) is the smartphone and tablet market – more specially, Android-based devices.
iPhones and iPads are still largely malware-free, though a June 2012 article in Forbes magazine titled “There is too malware on the iPhone!” makes the point that iDevice users should not assume they are completely invulnerable.
With the rise in Android malware, it is important to install protection software on your mobile phone or tablet. I recommend using VIPRE Mobile Security.
MYTH #4 – No one would be interested in hacking into my computers.
Really? I hear this a lot, often from people who:
• Have a reasonably powerful computer, and
• Have a high-speed internet connection
That’s really all criminals need.
With that computer infected and under the control of a malware-enabled criminal botnet, it can be used to send thousands of spam messages per day, attack other computers on the Internet, or control other infected computers so that authorities can’t trace the real controller’s point of origin.
They can also watch every keystroke you enter in the computer, looking for patterns that might be credit card numbers, social security numbers, bank accounts, and passwords. These can be bundled and sold on the online black market. Since the entire process is automated, it’s common for thousands or even hundreds of thousands of infected computers to be under the control of just a handful of people.
The take-away here is, no matter how unimportant you think your computer might be, you should still take precautions to protect yourself AND others.
MYTH #5 – If I do get infected, it just means I’ll get some error messages or pop-up ads.
Unfortunately this is also wrong. As I mentioned above, malware is a serious, money-making business for the creators. We already talked about some of the ways they can make money – hijacking your computer to send spam or to capture your credit card information for example. In those cases, people generally have no idea their computer is infected until they notice problems on their credit report.
A more aggressive version of malware is becoming more common though.
Imagine this scenario – You turn your computer on one day. Instead of the normal startup screen, you get a message saying that your computer’s files are encrypted and the only way to get them back is to wire $300 to the hackers. After they receive the money, they will give you the password to get all your data back. (Although they’re more likely to just demand more money).
These are increasingly common strategies that these online criminals use to make money.
To fight back, use these three tips:
• Use strong protection (see point 1 above)
• Backup regularly
• Use strong passwords and change them often
Make sure any hosted email accounts you may have, including Gmail or Hotmail, include a second authentication method such as a cell phone or alternate email account. Usually with this in place, you will be notified whenever your primary password is changed, and you can contact the service provider immediately if you weren’t the one who changed it.