Preventing the Spread of Malware
Malware is a term used to describe all types of malicious software. Malicious software includes, but is not limited to, Viruses, Trojans, Worms and Spyware. Malware is primarily designed to infiltrate systems and the information stored on them for criminal, commercial or destructive purposes. This article outlines common ways malware is spread, how to prevent a malware infection and what to do if you suspect your computer has been infected.
Malware varies greatly in both form and functionality. Some malware is used to steal information such as credit card numbers, identities or sensitive business information from the computer it infects. Other malware may take over your computer and use it for attacking other systems. Alternatively, the malware may just be malicious, with a sole purpose to destroy or corrupt information on your computer. Either way, prevention is better than cure, so it pays to understand how you can prevent malware from spreading to your computer.
How is Malware Spread?
Criminals continually come up with new and innovative ways to get malware onto your computer. Here are some of the more common ways in which malware is spread and the preventative measures you can take to stop this from happening.
Malware is often present in email attachments, or can be automatically downloaded and installed on your computer when you click on links within emails.
- Be suspicious of all email attachments – even those sent from friends or co-workers. Scan all attachments for malware before opening them.
- Never open attachments or click on links in emails sent from unknown or untrusted senders.
Malware can be inadvertently downloaded from websites, or automatically downloaded when visiting some websites.
- Be suspicious of requests to download applications or to install ‘Add-Ons’, such as suspicious ActiveX components or strange media players.
- Never download or install software from unknown or untrusted websites.
A fairly new tactic to spread malware is through the use of cleverly disguised pop up adverts that appear as legitimate looking Windows alerts or messages.
- Never buy software in response to unexpected pop-up messages or emails.
- Be especially wary of hoax adverts that claim to have scanned your computer and detected malware.
Social Networking Sites
Malware is increasingly spread through social networking sites by installing dubious 3rd party add-on applications or by clicking on web links in messages. There is a false sense of security when using these sites, so you must remain vigilant at all times.
- Only install 3rd party social networking applications that are well known and trusted.
- Never click links in messages from unknown or untrusted contacts, and avoid clicking on message links sent from trusted contacts unless you are certain where it will lead you.
Malware located in legitimate looking software is one of the most common ways it is spread. Peer to Peer software and cracked or pirate software (e.g. ‘warez’), often facilitates the spread of malware.
- Never install unauthorized, unlicensed or unapproved software on your computer.
- Be suspicious of all free software – ensure you read and understand the licensing terms and privacy policies before installing.
Malware can be easily spread through the shared use of computer storage media such as DVDs, CDs, and USB drives.
- Do not insert untrusted computer media into your computer.
- Always scan files stored on shared computer media for malware before copying or opening them.
Malware has been known to spread through mobile devices such as cell phones. As devices become more and more like mini computers, the threat of malware on these devices will increase.
- Never install unverified or unsigned software on your mobile device.
- Be alert of unsolicited text or other message requests for software installs or links to unknown or untrusted locations.
What Controls will Help me Prevent Malware?
Malware is a very real and constant threat to the security of information. Consequently, specific security controls can be put in place to help protect against malware. The following controls will help prevent malware from getting onto your computer.
Use Anti-Virus Software
- Install a good anti-virus and anti-spyware program and ensure it is activated. There are many good, free malware prevention programs that can be used such as Microsoft Security Essentials, Comodo Anti-Virus and AVG Free.
- Configure the software to perform daily updates in order to keep up to date with the latest virus definitions.
Update all Software
- Configure your Operating System is to automatically download and install all updates.
- Regularly check that all other software on your computer is updated with the latest security updates
Use a Firewall
- Install and activate a personal firewall on your computer.
- Ensure the firewall is configured to block all uninitiated incoming traffic.
- Do not simply allow every connection request – try to understand what is trying to connect through the firewall and disallow anything you don’t know or trust.
Do not use the Administrator Account
- Never use an administrative user account for your daily computing, as this will prevent malware from obtaining administrator rights on your PC and aid in limiting any potential damage caused.
- The default user account on Windows usually has local administrator rights and should not be used. Instead, create or use a different user account with basic user rights.
Pro-Actively Scan for Malware
- Scan all downloaded files, copied files or email attachments for malware before opening or running them.
- Perform regular (at least monthly) scans of your computer for viruses, spyware or any other malware infections.
Turn on Spam & Phishing Filters
- Ensure you have activated the Spam and Phishing filters for your email and your Internet browser.
- Delete all spam that gets through. Never reply to, or click the links in, suspected spam or phishing emails.
Turn on Pop-Up Blockers
- Ensure you have your Internet browser pop-up blocker turned on and only disable it for sites that you know and trust.
Help, I think I have a Virus!
You should continually monitor your computer for unusual or irregular behaviour. If you think your computer may have be infected with malware, you should do something about it immediately. Firstly, do not perform any further activities that involve the transmission of sensitive information (e.g. online shopping or banking), then follow the steps below to check, identify and fix malware infections.
- Update your anti-virus, anti-spyware and any other malware prevention software with the latest updates and definitions.
(Note: some malware may prevent you from performing this first step).
- Disconnect your computer from the internet (i.e. unplug the network cable or turn off your wireless)
- Scan your computer for malware using your installed anti-virus, anti-spyware and adware programs
- If malware is detected, delete or clean the files in question
- Reboot the computer.
- Run a second scan for malware to ensure no further viruses are detected.
- Once you are certain the computer is clean, you can reconnect to the internet.
Follow the preventative measures outlined in this article to help ensure you do not get further malware.