However most malware is typically more subtle. A common sign of infection is when an internet browser (Internet Explorer, Edge, Chrome, Safari, etc.) displays a different website than the user types in. This can also happen to links clicked on from a Google search. The technical terms for this malware include a “browser redirect virus” or “browser hijacker.” It can also change the homepage, add new toolbars, display advertising, and create pop-up messages even when not online.
Other signs can include a computer that suddenly runs very slowly, constantly crashes / freezes, or if a user discovers new icons that appear on the desktop. Malware is a very complex topic, it can be difficult to detect and remove even for experts. Worse still, it can include spyware that steals passwords and emails itself to others so it’s obviously best to avoid getting it in the first place.
One key to avoiding malware is to think before clicking on any link online. Dangers can include free software downloads, links on shady websites of all types, downloading a “required” video player, and clicking on online ads. Even plugging in a friend’s USB memory stick can deliver malware. Another way it can be installed is through something called “social engineering” where a user is tricked into clicking on a dangerous link through a carefully written fake email, text, or instant message. These messages are also known as “phishing campaigns” and they can be VERY convincing (even coming from friends).
To summarize, here are a few tips for avoiding malware. Keep in mind that each of these suggestions could be expanded into an entire post!
- Make sure computer and phone software is kept up to date (if you’re still on Windows 95, you’re really in trouble).
- Never click on links or open attachments in messages from unknown sources. Unexpected messages from known sources should be also be treated with suspicion since some viruses can access a user’s email and send a message to friends in their entire address book.
- Never click on links in emails from banks, Apple, Google, Microsoft, etc. Access the website directly.
- Backup regularly! Backups are an effective way to recover from digital and physical disasters if the 321 rule is used: three full backups on two different types of media with one copy stored “somewhere else” (more details in a future post).
- On Windows, at least use Windows Defender (anti-virus software is a massive topic on its own).
- Use strong / unique passwords and a password manager. Two factor authentication is an advanced technique that is also very effective for securing critical accounts such as email, banking, and social media (another topic for a future post).
- Look for secure connections to websites (the padlock symbol = HTTPS) and logout when done. The padlock is in different places on different computers / browsers. Some examples are below.
- Glossary – https://www.f-secure.com/en/web/labs_global/terminology
- General Articles – https://www.f-secure.com/en/web/labs_global/articles
- Symptoms – https://blog.malwarebytes.com/101/2016/05/how-to-tell-if-youre-infected-with-malware/
- Google Safe Browsing – https://www.google.com/transparencyreport/safebrowsing/
- Google Malware Video – https://www.youtube.com/watch?v=uJRqZTNMCMo
- Antivirus? – https://arstechnica.com/information-technology/2017/01/antivirus-is-bad/
- Ransomware – https://www.f-secure.com/documents/996508/1030745/Ransomware_how_to_ppdr.pdf
- Phone Malware – https://arstechnica.com/security/2016/11/1-million-android-accounts-compromised-by-android-malware-called-gooligan/