Checkup #2: Protect Your Home Computers
Antivirus Protection and How to Avoid Viruses on Windows Computers
Is your computer running more slowly than usual? Does it stop responding, freeze often, or display other odd behavior? It might have a virus. Fortunately, if you update your computer regularly and use antivirus software, you can help permanently remove unwanted software and prevent it from being installed in the first place.
Windows Defender (built in to Windows 8), Microsoft Security Essentials, and other antivirus software programs download the latest updates over the Internet to fight new malware. Windows Defender Offline helps protect against advanced malware that can’t always be detected by antivirus software.
How to Remove Viruses
If you can connect to the Internet
Follow the instructions below based on the operating system that your computer is running. To find out which Windows system your computer is running simply start it up and as it boots it will show you your system.
Windows 8
If your computer is running Windows 8, you can use the built-in Windows Defender to help you get rid of a virus or other malware.
Scan your PC with Windows Defender
Here’s how:
1 From the Search charm, search for defender, and then open Windows Defender.
2 On the Home tab, choose a scan option, and then tap or click Scan now.
In addition to the color codes for your PC’s overall security status, Windows Defender applies an alert level to any suspected malware it detects. You can decide whether to remove an item entirely, research it further, or let it run because you recognize it.
Review quarantined items
If Windows Defender can’t determine whether a detected item is malware or something that you intentionally installed, it prevents the software from running but quarantines it on your PC so that you can decide later.
Windows 7 and Windows Vista
If your computer is running Windows 7 or Windows Vista, do the following:
▪ Run the Microsoft Safety Scanner. The scanner works with the antivirus software that you already have on your computer, regardless of whether the software is from Microsoft.
▪ Download Microsoft Security Essentials for free, and then use the software to run a scan of your computer. For more information, see Help protect your PC with Microsoft Security Essentials. (Note: Some viruses will prevent you from downloading Microsoft Security Essentials. If you can’t download the software, follow the instructions below for using Windows Defender Offline.)
▪ Some malicious software can be difficult to remove. If your antivirus software detects malware but can’t remove it, follow these steps.
Windows XP
Windows XP does not include virus protection.
Click the security icon on the taskbar, or click Start, select Control Panel, and then double-click Security Center to find out if you have already installed antivirus protection from a third party.
Note: On April 8, 2014, Microsoft ended support for Windows XP. This means that there will be no new security updates available through automatic updating for computers that are still running Windows XP. Also on this date, Microsoft stopped providing Microsoft Security Essentials for download on Windows XP. (If you already have Microsoft Security Essentials installed, you will continue to receive antimalware signature updates for a limited time, but this does not mean that your PC is secure because Microsoft no longer provides security updates to help protect it.)
If you can’t connect to the Internet
Windows Defender Offline works with Windows 8, Windows 7, and Windows Vista.
Use another computer to download Windows Defender Offline and create a CD, DVD, or USB flash drive with the software on it. Then use the media to restart your infected computer and scan it for unwanted software.
Learn how to avoid viruses
Nothing can guarantee the security of your computer, but there is a lot you can do to help lower the chances that your computer will become infected.
Use a firewall
Using a firewall is like locking the front door to your house—it helps keep intruders (in this case, hackers and malicious software) from getting in. Windows Firewall is included in Windows and is turned on by default.
Update your software
Microsoft releases security updates on the second Tuesday of every month. Open Windows Update to confirm that you have automatic updating turned on and that you’ve downloaded and installed all the latest critical and security updates.
Adjust Internet Explorer security settings
You can adjust the security settings in your Internet Explorer web browser to specify how much—or how little—information you want to accept from a website.
Microsoft recommends that you set the security settings for the Internet zone to Medium or higher. (If you use Windows 8, Windows 7, Windows Vista, or Windows XP Service Pack 2 and you use Internet Explorer to browse the web, your browser security settings for the Internet zone are set to Medium by default.) Internet Explorer also includes a number of features, such as SmartScreen Filter, to help protect against viruses, spyware, and many other kinds of malicious, deceptive, or unwanted software.
Download and install antivirus software
Microsoft Security Essentials helps protects your computer from viruses, spyware, and other unwanted software. It is available as a no-cost download for Windows Vista and Windows 7.
Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or if you clicked a suspicious link online or in an email message.
Surf and download more safely
The best defense against spyware and other unwanted software is not to download it in the first place. Here are a few tips that can help you avoid downloading software that you don’t want:
▪ Download programs only from websites you trust. If you’re not sure whether to trust a program you are considering downloading, enter the name of the program into your favorite search engine to see if anyone else has reported that it contains spyware. Files that end in the extensions .exe or .scr commonly hide malware. However, even files with familiar extensions such as .docx, .xlsx, and .pdf can be dangerous.
▪ Never click “Agree” or “OK” to close a window. Instead, click the red “x” in the corner of the window or press Alt + F4 on your keyboard to close a window.
▪ Be wary of popular “free” music and movie file-sharing programs, and be sure you understand all of the software that is packaged with those programs.
▪ Use a standard user account instead of an administrator account.
▪ Don’t click links on suspicious websites or in email messages. Instead, type the website address directly into your browser, or use bookmarks.
▪ Don’t automatically trust that instant messages, email messages, or messages on social networking websites are from the person they appear to be from. Even if they are from someone you know, contact the person before you click the link to ensure that they intended to send it.
Virus Prevention on Mac Computers
Do Macs get viruses? Do Macs need antivirus software? The short answers are yes, and yes – but it is a bit more complicated than that. So let’s look at the dangers faced by Mac users, and the pros and cons of using Mac antivirus software.
The Mac is generally considered to be safe and secure, and there are a number of reasons why Macs are considered more secure than PCs. Malware writers are less likely to target Mac users because of the perception that it has a far smaller market share than Windows. There is also the fact that the Mac operating system is Unix-based, and Unix offers a number of security features built in. In addition, Apple has included a number of security measures that make attacking a Mac particularly challenging. These include Gatekeeper, which blocks any software than hasn’t been digitally signed and approved by Apple from running on your Mac without your agreement. Most of what you’ll read about Mac’s and viruses is overblown fear mongering hype, and practically all Mac malware has come through third party utilities and applications. What that means for the average user is that it is very easy to completely prevent infections and attacks from occurring in the first place, especially when combined with some general security tips. So here are eight simple ways to secure a Mac to help prevent viruses, trojans, and malware from effecting you:
1) Disable Java
Flashback and other malware has installed through Java security breaches. Apple has already released several updates to patch the Java security holes that allowed Flashback to spread (you should install those), but you can also go a step further and completely disable Java on the Mac. Frankly, the average person doesn’t need Java installed on their Mac let alone active in their web browser, disable it and you don’t have to worry about security holes in older versions of the software impacting your Mac.
1a) Disable Java in Safari
• Open Safari and pull down the Safari menu, selecting “Preferences”
• Click on the “Security” tab and uncheck the box next to “Enable Java”
Disabling Java in the Safari browser is reasonably effective, but why not go a step further and disable it in Mac OS X completely? Chances are high that you won’t miss it, let alone notice it is disabled.
1b) Disable Java System-Wide in Mac OS X
• Open the Applications folder and then open the Utilities folder
• Launch the “Java Preferences” application
• Uncheck the box next to “Enable applet plug-in and Web Start applications”
• Uncheck all the boxes next to “Java SE #” in the list below
2) Update Apps and OS X Software Regularly
Apple regularly issues Security Updates and many third party apps do as well, therefore regularly updating both your OS X System Software and OS X apps are one of the single best preventative measures you can take to keep a Mac secure. We’ve hammered home about this repeatedly as a general Mac OS X maintenance tip because it is important and so easy to do:
1Open Software Update from the Apple menu and install updates when available
2Open the App Store and download available updates
3) Disable or Remove Adobe Acrobat Reader
Adobe Acrobat Reader has had multiple security breaches recently, therefore you’ll be safer without it in your web browser. There’s little reason to have Reader installed on a Mac anyway, OS X includes Preview for viewing PDF’s. Uninstall Adobe Acrobat Reader by running the bundled uninstaller app, or locate the following file and remove it to uninstall the Acrobat browser plugin: /Library/Internet Plug-ins/AdobePDFViewer.plugin
4) Install Anti-Virus Software for Mac OS X
Using anti-virus software on the Mac is likely overkill, but it is worth mentioning again. We’ve talked about the free Sophos anti-virus here before, and though you probably won’t ever need it, it’s a free and effective way to fight viruses that may end up on the Mac. If you’re the cautious type and you’d rather be safe than sorry there isn’t much harm to using it as a preventative measure:
•Download Sophos Anti-Virus for Mac
5) Disable Adobe Flash
Flash has been used as an attack vector in the past, and Macs stopped shipping with Flash installed for a reason; basically it’s a crash-prone battery hog that has occasional security breaches. Many sites use Flash for video and games though, so instead of uninstalling Flash completely we’ll recommend using a Flash block plugin for your web browser. This causes all Flash to be disabled by default until you click to allow individual plugins and instances of the Flash plugin to run, preventing unauthorized Flash from running in a web browser completely. These plugins are free and available for every major browser:
6) Disable Automatic File Opening After Download
Safari defaults to automatically opening “safe” files after they’re downloaded. For added security, disable this feature and manage the opening of downloads yourself:
• Open Safari preferences and click the General tab
• Uncheck the box next to “Open ‘safe’ files after downloading”
7) Double-Check Anti-Malware Definitions are Enabled
OS X automatically downloads and maintains a malware definition list which is actively used to combat potential threats and attacks. This is enabled by default, but you can double-check to make sure you’re getting the updates as they arrive by insuring the feature is turned on:
• Open System Preferences and click on “Security & Privacy”
• Under the General tab look for “Automatically update safe downloads list” and make sure it is checked
You can also check the update list manually if you’re concerned the latest version hasn’t been installed, but as long as you have the feature enabled and have regular internet access, it probably is.
8 ) Don’t Install Random Software You Didn’t Ask For
If you see a random pop-up window asking you to install random software you didn’t request, don’t install it! This may sound like common sense, but it’s actually how some Mac malware propagated in the past. Apple patched the hole that allowed for that to happen a while ago, but the overall message is still relevant: if you didn’t download or request an app to be installed and you’re suddenly confronted with an installation dialog, don’t install it.
The Risk of Using USB Drives
Because USB drives, sometimes known as thumb drives, are small, readily available, inexpensive, and extremely portable, they are popular for storing and transporting files from one computer to another. However, these same characteristics make them appealing to attackers.
- One option is for attackers to use your USB drive to infect other computers. An attacker might infect a computer with malicious code, or malware, that can detect when a USB drive is plugged into a computer. The malware then downloads malicious code onto the drive. When the USB drive is plugged into another computer, the malware infects that computer.
- Some attackers have also targeted electronic devices directly, infecting items such as electronic picture frames and USB drives during production. When users buy the infected products and plug them into their computers, malware is installed on their computers.
- Attackers may also use their USB drives to steal information directly from a computer. If an attacker can physically access a computer, he or she can download sensitive information directly onto a USB drive. Even computers that have been turned off may be vulnerable, because a computer’s memory is still active for several minutes without power. If an attacker can plug a USB drive into the computer during that time, he or she can quickly reboot the system from the USB drive and copy the computer’s memory, including passwords, encryption keys, and other sensitive data, onto the drive. Victims may not even realize that their computers were attacked.
- The most obvious security risk for USB drives, though, is that they are easily lost or stolen. If the data was not backed up, the loss of a USB drive can mean hours of lost work and the potential that the information cannot be replicated. And if the information on the drive is not encrypted, anyone who has the USB drive can access all of the data on it.
How can you protect your data?
There are steps you can take to protect the data on your USB drive and on any computer that you might plug the drive into:
• Take advantage of security features – Use passwords and encryption on your USB drive to protect your data, and make sure that you have the information backed up in case your drive is lost.
• Keep personal and business USB drives separate – Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer.
• Use and maintain security software, and keep all software up to date – Use a firewall, anti-virus software, and anti-spyware software to make your computer less vulnerable to attacks, and make sure to keep the virus definitions current Also, keep the software on your computer up to date by applying any necessary patches.
• Do not plug an unknown USB drive into your computer – If you find a USB drive, give it to the appropriate authorities (a location’s security personnel, your organization’s IT department, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.
• Disable Autorun – The Autorun feature causes removable media such as CDs, DVDs, and USB drives to open automatically when they are inserted into a drive. By disabling Autorun, you can prevent malicious code on an infected USB drive from opening automatically.
What is spam?
Spam is the electronic version of “junk mail.” The term spam refers to unsolicited, often unwanted, email messages. Spam does not necessarily contain viruses—valid messages from legitimate sources could fall into this category.
How can you reduce the amount of spam?
There are some steps you can take to significantly reduce the amount of spam you receive:
• Don’t give your email address out arbitrarily – Email addresses have become so common that a space for them is often included on any form that asks for your address—even comment cards at restaurants. It seems harmless, so many people write them in the space provided without realizing what could happen to that information. For example, companies often enter the addresses into a database so that they can keep track of their customers and the customers’ preferences. Sometimes these lists are sold to or shared with other companies, and suddenly you are receiving email that you didn’t request.
• Check privacy policies – Before submitting your email address online, look for a privacy policy. Most reputable sites will have a link to their privacy policy from any form where you’re asked to submit personal data.
• Be aware of options selected by default – When you sign up for some online accounts or services, there may be a section that provides you with the option to receive email about other products and services. Sometimes there are options selected by default, so if you do not deselect them, you could begin to receive email from lists those lists as well.
• Use filters – Many email programs offer filtering capabilities that allow you to block certain addresses or to only allow email from addresses on your contact list. Some ISPs offer spam “tagging” or filtering services, but legitimate messages misclassified as spam might be dropped before reaching your inbox. However, many ISPs that offer filtering services also provide options for tagging suspected spam messages so the end user can more easily identify them. This can be useful in conjunction with filtering capabilities provided by many email programs.
• Report messages as spam – Most email clients offer an option to report a message as spam or junk. If your has that option, take advantage of it. Reporting messages as spam or junk helps to train the mail filter so that the messages aren’t delivered to your inbox. However, check your junk or spam folders occasionally to look for legitimate messages that were incorrectly classified as spam. You can also report SPAM to the U.S. Government at [email protected]. (Be sure to forward the SPAM email to them.)
• Don’t follow links in spam messages – Some spam relies on generators that try variations of email addresses at certain domains. If you click a link within an email message or reply to a certain address, you are just confirming that your email address is valid. Unwanted messages that offer an “unsubscribe” option are particularly tempting, but this is often just a method for collecting valid addresses that are then sent other spam.
• Disable the automatic downloading of graphics in HTML mail – Many spammers send HTML mail with a linked graphic file that is then used to track who opens the mail message—when your mail client downloads the graphic from their web server, they know you’ve opened the message. Disabling HTML mail entirely and viewing messages in plain text also prevents this problem.
• Consider opening an additional email account – Many domains offer free email accounts. If you frequently submit your email address (for online shopping, signing up for services, or including it on something like a comment card), you may want to have a secondary email account to protect your primary email account from any spam that could be generated. You could also use this secondary account when posting to public mailing lists, social networking sites, blogs, and web forums. If the account start to fill up with spam, you can get rid of it and open a different one.
• Use privacy settings on social networking sites – Social networking sites typically allow you to choose who has access to see your email address. Consider hiding your email account or changing the settings so that only a small group of people that you trust are able to see your address. Also, when you use applications on these sites, you may be granting permission for them to access your personal information. Be cautious about which applications you choose to use.
• Don’t spam other people – Be a responsible and considerate user. Some people consider email forwards a type of spam, so be selective with the messages you redistribute. Don’t forward every message to everyone in your address book, and if someone asks that you not forward messages to them, respect their request.
Where the danger lies – Hackers use a technique called “Phishing to try and get you to download adware, malware and viruses. Phishing is particularly dangerous because once criminals get a victim’s password for one Web site they can often use it to get into other accounts where people have re-used the password.
What is phishing?
Phishing is an attempt, usually via e-mail, to trick people into revealing sensitive information like usernames, passwords, and credit card data by pretending to be a bank or some other legitimate entity. The e-mails typically include a link to a Web site that appears to be legitimate and which prompts users to provide information. Sometimes, the phishing e-mail will include a form in an attachment to fill out. One common tactic phishers use is to pretend to be from the fraud department of a financial institution or online retailer like PayPal and ask for information to be provided to prevent identity fraud. In one case, a phishing e-mail purporting to be from a state lottery commission asked recipients for their banking information so their “winnings” could be deposited into their accounts. Phishers also are increasingly exploiting interest in news and other popular topics to trick people into clicking on links. One e-mail purportedly about swine flu asked people to provide their name, address, phone number, and other information as part of a survey on the illness. And users of social networks are becoming popular targets. Twitter users have been directed to fake log-in pages.
Here are other examples of phishing attacks?
• An e-mail scam asks PayPal customers to provide additional information or risk getting their account deleted because of changes in the service agreement. Recipients are urged to click on a hyperlink that says “Get Verified!”
• E-mails that look like they come from the FDIC include a subject line that says “check your Bank Deposit Insurance Coverage” or “FDIC has officially named your bank a failed bank.” The e-mails include a link to a fake FDIC site where visitors are prompted to open forms to fill out. Clicking on the form links downloads the Zeus virus, which is designed to steal bank passwords and other information.
• E-mails that look like they come from the IRS tell recipients that they are eligible to receive a tax refund and that the money could be claimed by clicking on a link in the e-mail. The link directs visitors to a fake IRS site that prompts for personal and financial information.
• A legitimate-looking Facebook e-mail asks people to provide information to help the social network update its log-in system. Clicking the “update” button in the e-mail takes users to a fake Facebook log-in screen where the user name is filled in and visitors are prompted to provide their password. When the password is typed in, people end up on a page that offers an “Update Tool,” but which is actually the Zeus bank Trojan.
Tell-tale signs of a phishing attempt?
Many phishing attempts originate from outside the U.S. so they often have misspellings and grammatical errors. Some have an urgent tone and they seek sensitive information that legitimate companies don’t typically ask for via e-mail.
Identifying a Phishing email?
- Check the sender information to see if it looks legitimate. Criminals will choose addresses that are similar to the one they are faking. For instance, phishers have used “[email protected]” However, legitimate PayPal messages in the U.S. come from [email protected]” and include a key icon.
- Most phishing e-mails come from outside the U.S. so an address ending in “.uk” or something other than “.com” could indicate it’s a phishing attempt. The e-mail address may also be obscured. Hitting “reply all” may reveal the true e-mail address. You can also set your e-mail preferences to show “full header” to see the full e-mail address and other information. If you are at all unsure whether the e-mail is legitimate, go to the company’s Web site to see the address listed.
- Legitimate companies tend to use customer names or user names in the e-mail, and banks often will include part of an account number. Phishing emails typically offer generic greetings, like “Dear PayPal customer.
- Inspect the hyperlinks inside the body of the e-mail. Phishers typically will use subdomains or letters or numbers before the company name, and sometimes the words in the links are misspelled. For example, www.BankA.security.com would link to the ‘BankA’ section of the ‘security’ Web site. Often, it’s difficult to tell if the link is legitimate just by looking at it. By mousing over the link you can see the real address on the bottom of most Web browsers. (Do not try this on a mobile device as it will probably open the link.)
- In addition, PayPal, Amazon, banks, and many other businesses use the SSL (Secure Sockets Layer) protocol which is designed to ensure that customers are visiting the real site. That means https:// will be seen in the URL address bar instead of just http:// and usually there will be some other change in the address bar. For instance, PayPal displays a “P” and its name is highlighted in green at the front of the URL. The major browsers have antiphishing measures designed to detect malicious sites. Some phishers also try to hide the real Web address they are sending victims to by using URL shortening services.
- If the e-mail has an attachment, be wary of .exe files. Scammers like to hide viruses and other malware there so it executes when opened.
- Do not be fooled by the look of the Web site you may be directed to. The Web site may look just like a real bank or PayPal page, including the use of the real logos and branding. It could be a good fake page or it could be a legitimate page with a phishing pop-up window on top.
How can phishing attacks be avoided?
• Try to stay off spam lists. Don’t post your e-mail address on public sites. Create an e-mail address that is less likely to get included in spam lists. For instance, instead of [email protected], use [email protected].
• If an e-mail looks reasonable contact the company directly if you receive an e-mail asking you to verify information. Type the address of the company into the address bar directly rather than click on a link. Or call them, but don’t use any phone number provided in the e-mail.
• Don’t give out personal information requested via e-mail. Legitimate companies and agencies will use regular mail for important communications and never ask customers to confirm log-in or passwords by clicking on links in e-mail.
• Look carefully at the Web address a link directs to and type in addresses in the browser for businesses if you are uncertain.
• Don’t open e-mail attachments that you did not expect to receive. Don’t open download links in IM. And don’t enter personal information in a pop-up window or e-mail.
• Make sure you are using a secure Web site when submitting financial and sensitive information.
• Change passwords frequently. Don’t use the same password on multiple sites.
• Regularly log into online accounts to monitor the activity and check statements.