Tutorials‎ > ‎

How To Avoid Computer Malware

posted 12 Mar 2013, 05:14 by Alistair Hamilton   [ updated 18 Mar 2013, 06:53 ]
Even if you have never had the misfortune of seeing a computer infected by malware, you need to read this.

Malware: the generic term used to describe computer viruses, adware, spyware, scareware, trojans, hijackers, keyboard loggers, worms, root-kits, rogue security software and dialers. In essence, any application installed on your computer that does usually non-beneficial things without your knowledge.

I won't go into the definition of each and every one of those pieces of software. Suffice to say, you do not want them on your computer.

There's only one way to guarantee that your computer never picks up an undesirable application.

That's clearly impractical, so the next best thing is to use an operating system that is not as susceptible as Microsoft Windows to such attacks. I'd recommend the use of Linux.

Assuming those last two suggestions are not desirable and you insist on using your Windows based computer, what do you do to minimise the risk of getting such infections, keeping in mind that it is impossible to guarantee you will stop everything?

Such infections are generally caught by one of two ways:

  • Email - Specifically opening a compromised email attachment or clicking on an internet link contained within the email.
  • Compromised website - visiting a, how shall I put it, 'questionable' website and you may find yourself inadvertently and unknowingly downloading and installing all sorts of nasties.

So, how does one avoid these?

Well, the first line of defence is not your computer, but you, the user. Always exercise caution and due diligence. It only takes a single click, a momentary lapse in concentration, to initiate a download/installation of something that may end up costing you money. Try and follow these tips at all times.

  • In everyday computer use, try and avoid logging on as a user with administrative privileges. Use the administrative account for doing just that - administering your computer.
  • Never click on a link contained within an email, especially if it is from someone you do not recognise. Even then, exercise caution as email addresses can be readily forged. Please note, NO LEGITIMATE FINANCIAL ORGANISATION will send you an email asking you to log on to your account via a link in an email. Always go directly to the site by typing the address in your web browser.
  • Make sure your email program does not automatically display images. Whilst disabling images makes your emails look unattractive, it stops the sender logging your email address as valid - a common technique used by spammers.
  • Stick to well known and recognised brands when shopping on line. If in any doubt, do not buy.
  • If you must visit 'questionable' sites do so by booting your computer into Linux running from a USB or CD. If you do get compromised, your Windows installation on your hard disk will remain untouched.
  • Make sure your Windows installation is kept update by making sure Automatic Updates is turned on.
  • Install suitable anti-malware software, but only from a reputable supplier. There are many fake anti-malware tools out there so stick to products from companies such as Avast, AVG, McAfee, Norton etc. I recommend Microsoft Security Essentials as it is a simple, straight forward application and does just as well as the free versions from any other supplier - indeed, it is recommended by Which? Magazine. (Note, Windows 8 comes with Windows Defender which does everything MSE does).

The criminals that create these pieces of software are sophisticated and they use equally sophisticated techniques to compromise your computer.

By far and away the most successful mechanism they use is social engineering. They employ numerous social tricks to fool you, the user, into giving them access to your computer either directly or by installing a piece of software. Frequently, you will not even be aware that their software has been installed on your machine.

Remember, keep your machine up-to-date with security patches; run your anti-malware software regularly; above all, be vigilant. You are the first defence against such software. Don't make it easy for malware to infiltrate your machine.

A malware infestation can manifest itself in a variety of ways. Some of the tell tale symptoms are:

  • Your computer running very slowly.
  • Your computer seems to take an age to start up.
  • Seemingly random windows, usually containing some warning message about viruses, repeatedly pop up and you find it difficult to get rid of them.

If you think you have an infected computer, seek professional help as soon as possible.