Be Safe Online – Avoiding Malware
Following my blog entry on spyware and other scams, I’ve had a few questions from people about how to stop spyware or malware being installed on their computers in the first place, and generally how to use the Internet more safely.
The bad news is, there’s no single, fool-proof solution – anyone can end up with spyware or a virus on their computer. It’s an ongoing arms race between the malware manufacturers, and the anti-virus & anti-malware programs.
The good news is, there are a lot of small things we can do to minimise the chances of it happening to us.
There are three main areas where I find malware tries to sneak onto my computer – web browsing, email and downloading. This is how I try and minimise it.
- Use anti-virus or anti-malware software which includes a link scanner or web shield. This feature will scan links on web pages for malware, and warn if a link contains malicious software. I use the free version of AVG, but there are several other anti-virus products which include a similar feature.
- Block popups. Most web browsers have a feature which will block popups – those annoying windows which open up and try to get us to click on different links. Make sure that’s turned on, and only allow popups for sites you trust or you want to use them on. Here are instructions for blocking popups on Internet Explorer, Firefox and Safari.
- Watch out for adverts or links offering free things. That link saying “Run a free scan on your computer” could actually exist to download malware or trick us into purchasing something we don’t need. There’s a common scam which offers a “free” computer scan, reports viruses, then sells a “tool” to remove them. The “tool” turns out to be the malware.
- Beware of social engineering. The majority of malware needs to trick us into doing something – clicking on a link, downloading software, running something, making us click a ‘close’ button which actually does something else, etc.
- Beware unknown email attachments. One of the most common ways to spread malware, is via email. If you receive an email you’re not expecting, from someone you don’t know, and it contains an attachment, you may not want to open it. One option is to save it to disk and run a virus scanner over it, but I tend to just delete them unopened if I don’t recognise the sender, or the subject of the email.
- Watch out for fraudulent or ‘phishing’ emails. These are emails designed to get us to click on a link or reply with personal information (passwords, etc). Bank accounts are the most commonly ‘phished’ – if you get an email from your bank asking you to confirm your details, the link in the email will almost certainly take you to a fake site which will capture your details. If in doubt, visit the bank website directly, via a bookmark or by typing it in your browser, don’t trust the link in the email. Likewise if you get an email from your ISP claiming you need to email your password to reactivate or confirm your account, it’s probably a ‘phish’ – don’t reply!
- Be on guard against social engineering. As with web browsing, social engineering is one of the biggest ways to trick us into downloading something, buying something or sending off money. If it sounds too good to be true, it’s probably fake. It’s almost certain that we didn’t win millions of dollars in the lottery we didn’t enter, we’re not really the long lost relative set to inherit a large sum of money (but only if we send some money or our bank account details to ease the paperwork through), and dictators (or their agents) with billions of US dollars aren’t really going to pay us millions to launder their money – they’re all scams.
- Virus scan. When you download freeware or paid programs off the internet, make sure you run your virus scanner over it before you install it – it could contain malware.
- Always try and download software from a known & trusted source. I follow the link from a software company web page to one of their official downloads. That way I get the latest version, and it’s less likely to have been maliciously tampered with.
- When you install software, take a minute to read what you’re installing. Some software (particularly free software) includes adware or other annoying programmes if you don’t deselect them when installing the software.
By taking a little extra time and caution in general internet use, we can minimise the amount of malware which gets through onto our computers, and reduce the risks of using the Internet.
That said, don’t forget to run regular scans for malware in case some of it has snuck through!
Got any other tips? Leave them in the comments!