- Webcam control - malware can turn on your webcam and record whatever it's aimed at.
- Password theft - Anything you type into the keyboard can be recorded and sent to criminals to be sold (identity theft)... this gives the criminals access to your online shopping logins, credit cards used online, etc.
- Ransomware - Your computer gets locked and everything on it is inaccessible until you pay the ransom
- File infection - Every file you care about gets infected with malware... meaning you have to throw those files away and may, in the meantime, be inadvertently infecting those around you.
- Social media - Your social media account (blog, facebook, etc) gets hijacked and used to send distasteful messages to everyone in your address book.
- Framed! - Distasteful images can be downloaded to your computer, making YOU look guilty of downloading them.
- Other - Your computer becomes a tool for attacking others, generating online currency, etc. The result is, at the very least, a slow computer.
First, the quick and easy stuff....
1. Baselining tools - I recommend that you always have a good idea of what your computer should look like so that when it changes, you know what changed. (and by "looks like" I don't mean aesthetics). To do this, use tools such as the following:
- hijackthis - With both Hijackthis and Autoruns, it's important to save a 'baseline' setting, where you expect the computer to be, so that you can compare against that later. Hit me with questions on that if it doesn't make sense.
- autoruns
- Acronis - Acronis is a backup software which takes a snapshot of your entire system and lets you put it back the way it was after an event. So, whether it's because of an infection, just Windows being Windows, or a hardware failure, you need to back up. People tend to put backups off until it's too late. If you store music, photos, etc. on your computer, you'll regret this. You don't have to use Acronis, but you have to back up. Many versions of Windows and Mac come with backup options built in. Use them.
- Kaspersky - Paid antivirus. Russian antivirus company. If it tells you anything about their quality, this is who the malware team at my company uses.
- Avira - Free antivirus. A good, free, antivirus. It has a bothersome daily popup to deal with in the free version, but I'm cheap and they make good antivirus. This is who I use on my home PC.
Now, the effective stuff...
1. Operating System - If you're not doing anything special (i.e. if you just surf the web and check email) you may be a candidate for using Linux. Without going into too much detail here, Linux is a bit less user friendly, but is almost completely untargeted by malware. If you must use Windows, use Windows 7 and turn User Account Control (UAC) up to the max. (do this by going to Start, and, in the little search field, just type UAC and hit enter... follow the settings in there to tell UAC to always notify you of changes to the system)
2. Sandboxie - Sandboxie is a sandbox. For those of you not familiar with this term, a sandbox is a place where code can be run separately from the rest of your computer. Sandboxie creates a place where your Internet browser(s) can run without fear of infecting the rest of the computer. Each time you close the browser, the slate is wiped clean. (My customized install instructions for Sandboxie and NoScript are here.)
3. NoScript - NoScript is a Firefox plugin which stops scripts from running. Scripts are what most exploits use to infect your system. Sandboxie and NoScript are both a bit clunky and cumbersome to use at times, but it's the price of being secure. NoScript stops most infections, but if, hypothetically, your Sandboxied browser got infected... once it's closed, you're clean and safe again! It's a beautiful thing.
4. Resources - If you have a questionable file (email attachment, or whatever), you can submit it to virustotal.com and every popular antivirus in the business will scan it right there on the spot. Also, use ME as a resource. Email me... call me... if you have questions on malware, contact me.
Lastly, a word on YOU. People are always the biggest threat to their own computers. A savvy person can stop most infections before they start. So, know your situations...
- Don't open attachments that you aren't expecting. If you get an attachment from a friend who wants you to watch a video, visit a link, etc., just know that they may be spreading that message without their own knowledge (if they're hacked)... so, email them back and ask if they meant to sent it. Or have Virustotal.com scan it. Just assume everything is hostile and you'll be fine. :)
- Don't visit websites with questionable content. Most malware is spread on these types of websites. Stick to well known, big-time websites. This is less of an issue if you're using my instructions from above, but still....
- If you see evidence that you're infected, note the websites you've visited (write them down if you must) and files you've run. As soon as possible, get your computer off the internet. That way no data can be transmitted.
No comments:
Post a Comment