Hackers or crackers or online criminals—whatever you call them—are working every minute of every day creating new malware that scam users more effectively. But most of these threats are new arrangements of old tunes. So with the right protection and a little savvy, you can avoid just about every digital threat you face.
(Note: This article is for busy Internet users who are looking for information on how to protect their PCs and their families from malware. For more about the technical side of malware, read Alia’s excellent series “A quick & dirty guide to malware”.)
What is the threat?
The first malware typically vandalized PCs and destroyed files. But since the early 2000s, the primary motive for malware creation has been profit. Online criminals are after your banking information or your credit card numbers or your computer’s processing power. In the worst case scenario, they may even be after private information that could be used to extort you or harm your business. And these sorts of attacks generally have both financial and psychological costs.
The true costs of malware can include your data, your content, your time, your effort and your heartache.
Want a few examples of malware mayhem? Spyware tracks you for advertising purposes and slows down your computer doing so. Keyloggers monitors your every keystroke in an effort to steal your credit card information. Scareware imitates anti-virus software in an attempt to extort a quick payment from you. Ransomware takes your files and demand a ransom in return. Rootkits can turn you PC into a zombie computer and use it to send out email spam or to host illegal materials or to join in attacks on websites. There’s even a malware that exists just to create a fake login page for your bank’s website to steal your account information.
How does malware end up on your PC?
Generally you end up with malware because you installed it. And whether you installed it or not, malware can only work if the program runs without being shut down or deleted.
Malware works like most scams — it requires some conscious or unconscious help from its victims. Thus online criminals have to know more than computer coding. They have to know what mistakes users are likely to make so they trick people who have probably NEVER fallen for a scam in their real lives. And the best criminals can convince even cautious users to make one wrong click.
How do you end up downloading and installing malware? Sometimes malware gets packaged in with more legitimate software. Sometimes simply clicking on a fake error message can trigger a drive-by malware download. And you’re certainly aware of the classic method of disguising malware in an email attachment.
You put yourself at risk when you’re downloading from a disreputable source or a peer-to-peer network of strangers. Seeking out “free” stuff on the Internet can cost you time and money. And this is especially true if you’re browsing and downloading without proper protection.
How to protect yourself from malware
1. Make sure your PC is updated and secure
I hope you’re reading this sitting down because I have quite shocking news for you: the software on your PC isn’t perfect. It may contain exploits or security holes that make it possible for your machine to be infected easily. Software companies know their programs are not perfect. That’s why they release updates. Microsoft, Apple and Adobe all release dozens of updates every year. You need to make sure you have these updates on your applications running or you’re increasing your risk of infection. Our free Health Check software is a quick and easy way to make sure your PC is protected.
Of course, we also recommend always running updated Internet security that includes anti-virus, spyware and firewall. Browsing Protection is another layer of security that can keep you from clicking on the wrong links. If you don’t have Browsing Protection, you can use ours. Check any link for free.
2. Be very skeptical of random pop-up windows, error messages and attachments
Modern browsers have reduced the burden of pop-up windows. But they do still exist. Most pop-ups are far more annoying than harmful. But you might think of pop-ups like broken windows into a neighborhood you were walking through at night. It’s a sign that you should be on guard.
Avoid clicking on any pop-ups that imitate your Windows error messages or error messages that come up when you try to close out of a page. (Force quit out of the program, if necessary.) If any software begins to install itself, close out immediately and run a scan of your Internet security software. You can also use our Online Scanner for free.
Avoid opening attachments at all unless you were expecting them and they come from a source you trust. If you can’t verify the source or feel anxious about a particular attachment yet have to open it, you can download it to your hard drive and have your updated Internet security scan the file before you open it.
3. Remove spam from your life
If you get a piece of spam, let your mail software know. Identify it as spam. You could also unsubscribe but unsubscribe link have been used on rare occasions to trigger a malware attack. Better to let your software handle it. If you have a friend on Facebook who spreads spam or bad apps, let them know. And if they continue spreading spam, unfriend them. You are responsible for your social network. Refuse to associate with those people who are not responsible for theirs.
4. Think thrice before installing any new software
Installing software should never be an impulse decision. Some people say think twice before downloading any software from a source you do not trust 100%. I say think three time.
At the very least, Google the name of a product you want to install. If you’re at all uncertain about whether to click download, consult with a tech savvier friend or your company’s IT guy.
When you install software, you could invite in a nasty predator that won’t leave until it’s done some serious damage. So think about installing software with a bit of the same sort of caution you use when deciding to let someone into your home.
5. Behave online as you would in real life
There’s an old saying in my family: “Don’t go licking the floors of a hospital.” What it means is: “Use your common sense.” You have a natural sensor in your brain that tells you when something feels dicey or unsafe. Trust your gut.
With the right software running and a willingness to step back when you feel uncertainty, you keep your PC and your life malware free.
CC image by Anonymous9000
“The cloud” is a big thing nowadays. It’s not exactly a new concept, but tech companies are relying on it more and more. Many online services that people enjoy use the cloud to one extent or another, and this includes security software. Cloud computing offers unique security benefits, and F-Secure recently updated F-Secure SAFE to take better advantage of F-Secure’s Security Cloud. It combines cloud-based scanning with F-Secure’s award-winning device-based security technology, giving you a more comprehensive form of protection. Using the cloud to supplement device-based scanning provides immediate, up-to-date information about threats. Device-based scanning, which is the traditional way of identifying malware, examines files against a database saved on the device to determine whether or not a file is malicious. This is a backbone of online protection, so it’s a vital part of F-Secure SAFE. Cloud-based scanning enhances this functionality by checking files against malware information in both the local database found on devices, and a centralized database saved in the cloud. When a new threat is detected by anyone connected to the cloud, it is immediately identified and becomes "known" within the cloud. This ensures that new threats are identified quickly and everyone has immediate access to the information, eliminating the need to update the database on devices when a new threat is discovered. Plus, cloud-based scanning makes actual apps easier to run. This is particularly important on mobile devices, as heavy anti-virus solutions can drain the battery life and other resources of devices. F-Secure SAFE’s Android app has now been updated with an “Ultralight” anti-virus engine. It uses the cloud to take the workload from the devices, and is optimized to scan apps and files with a greater degree of efficiency. Relying on the cloud gives you more battery life, and keeps you safer. The latest F-Secure SAFE update also brings Network Checker to Windows PC users. Network Checker is a device-based version of F-Secure’s popular Router Checker tool. It checks the Internet configuration your computer uses to connect to the Internet. Checking your configuration, as opposed to just your device, helps protect you from attacks that target home network appliances like routers – a threat not detected by traditional anti-virus products. So the cloud is offering people much more than just extra storage space. You can click here to try F-Secure SAFE for a free 30-day trial if you’re interested in learning how F-Secure is using the cloud to help keep people safe. [Image by Perspecsys Photos | Flickr]
F-Secure Labs reported this week on a new WhatsApp scam that’s successfully spammed over 22,000 people. Spam seems to be as old as the Internet itself, and is both a proven nuisance AND a lucrative source of revenue for spammers. Most people don’t see what goes on behind the scenes, but spammers often employ very sophisticated schemes that can expose web surfers to more than just ads for Viagara or other “magic beans”. Spam typically tries to drive Internet traffic by tricking people into clicking certain websites, where scammers can bombard unsuspecting web surfers with various types of advertising. Profit motives are what keep spammers working hard to circumvent spam blocks, white lists, and other protective measures that people use to try and fight back – and it can pay off. Numerous spammers have been indicted and suspected of generating hundreds of thousands of dollars in revenue from their spam campaigns, with one study projecting that spammers could generate in excess of 3.5 million dollars annually. While most spam circulates via e-mail, the popularity of services like WhatsApp is giving spammers new resources to exploit people, and new ways to make money. Here’s a few ways spammers and cyber criminals are using WhatsApp to make money off users: Following Malicious Links: One way that cyber criminals use WhatsApp to scam people is to trick them into following malicious links. For example, a recent scam sent SMS messages to WhatsApp users telling them to follow a link to update the app. But the message was not from WhatsApp, and the link didn’t provide them with any kind of update. It signed them up for an additional service, and added a hefty surcharge to victims' phone bills. Sending Premium Rate Messages: Premium rate SMS sending malware was recently determined by F-Secure Labs to be the fastest growing mobile malware threat, and WhatsApp gives cyber criminals a new way to engage in this malicious behavior. Basically the users receive a message that asks them to send a response – “I’m writing to you from WhatsApp, let me know here if you are getting my messages”, “Get in touch with me about the second job interview”, and various sexual themed messages have all been documented. Responding to these messages automatically redirects your message through a premium rate service. Spanish police claim that one gang they arrested made over 5 million euros using this scheme – leaving everyday mobile phone users to foot the bill. Manipulating Web Traffic: A lot of spam tries to direct web traffic to make money off advertising. As you might imagine, this means they have to get massive numbers of people to look at the ads they’re using for their scams. Scammers use WhatsApp to do this by using the app to spread malware or social engineer large numbers of people to visit a website under false pretenses. F-Secure Labs found that people were being directed to a website for information on where they could get a free tablet. In March there was a global spam campaign claiming people could test the new WhatsApp calling feature. Both cases were textbook scams, and instead of getting new tablets or services, the victims simply wasted their time spreading misleading spam messages and/or exposing themselves to ads. WhatsApp and other services are great for people, but like any new software, requires a bit of understanding to know how to use. Hopefully these points give WhatsApp users a heads up on how they can avoid spam and other digital threats, so they can enjoy using WhatsApp to chat with their friends. [ Image by Julian S. | Flickr ]
Espionage – it’s not just for James Bond type spies anymore. Cyber espionage is becoming an increasingly important part of global affairs, and a threat that companies and organizations handling large amounts of sensitive data are now faced with. Institutions like these are tempting targets because of the data they work with, and so attacks designed to steal data or manipulate them can give attackers significant advantages in various social, political and industrial theaters. F-Secure Labs’ latest malware analysis focuses on CozyDuke – an Advanced Persistent Threat (APT) toolkit that uses combinations of tactics and malware to compromise and steal information from its targets. The analysis links it to other APTs responsible for a number of high-profile acts of espionage, including attacks against NATO and a number of European government agencies. CozyDuke utilizes much of the same infrastructure as the platforms used in these attacks, effectively linking these different campaigns to the same technology. “All of these threats are related to one another and share resources, but they’re built a little bit differently to make them more effective against particular targets”, says F-Secure Security Advisor Sean Sullivan. “The interesting thing about CozyDuke is that it’s being used against a more diverse range of targets. Many of its targets are still Western governments and institutions, but we’re also seeing it being used against targets based in Asia, which is a notable observation to make”. CozyDuke and its associates are believed to originate from Russia. The attackers establish a beachhead in an organization by tricking employees into doing something such as clicking a link in an e-mail that distracts users with a decoy file (like a PDF or a video), allowing CozyDuke to infect systems without being noticed. Attackers can then perform a variety of tasks by using different payloads compatible with CozyDuke, and this can let them gather passwords and other sensitive information, remotely execute commands, or intercept confidential communications. Just because threats like CozyDuke target organizations rather than individual citizens doesn’t mean that they don’t put regular people at risk. Government organizations, for example, handle large amounts of data about regular people. Attackers can use CozyDuke and other types of malware to steal data from these organizations, and then use what they learn about people for future attacks, or even sell it to cyber criminals. The white paper, penned by F-Secure Threat Intelligence Analyst Artturi Lehtiö, is free and available for download from F-Secure’s website. [ Image by Andrew Becraft | Flickr ]