Lee: Today’s topic is a fun one: Malware (aka, Viruses).
Bob: Many of you have had at least some experience with a virus – most of which were merely called to your attention as your anti-virus software caught it. However, some of you have suffered the ill effects of actual damage caused by the malware. How is it related to the lesser genomes of slugs, fleas and paramecium?
Lee: I define “malware” (of Greek origin: mal- = “icky, or dastardly” and –ware = “software”) as any computer program that is intended to do harm to your computer, cause hair loss or reduce your net worth (financially or otherwise.) Using the term “malware” instead of “virus” indicates to your peers that you are techno-hip.
Bob: Can you explain the difference between malware and a virus – without putting me to sleep or inspiring me to whack you up-side the head with this keyboard?
Bob: Okay. Let me give it a try. Consulting my Biology Field Guide: a computer virus is like a head cold - designed to be spread; Trojans are like Ebola - designed to destroy and conquer; worms are like, um, worms; spyware are like that gossipy neighbor. (Yes, she's in the Biology Field Guide.)
Lee: Nicely done. And while the above computing threats can be serious, the newest threats tend to be the most dangerous. That’s because it takes time for the good guys to catch up with the bad guys and close the security loopholes. Phishing is where the hackers drop a bunch of hooks in the water and see if any suckers take the bait. It’s done with fake e-mails and websites that try to trick you into forking over your usernames, passwords and juicy stuff. Fortunately, many anti-phishing measures have already been implemented.
Bob: I always try to keep an eye on the status bar at the bottom of the browser or e-mail window to see where a link is really going to take me. I also check the address bar above so I know where the web page is really coming from.
Lee: The latest scourge of malware is called scareware, or fake anti-virus. It flashes and sounds the alarms that you have serious computer problems. It then tries to bully you into forking over money to correct the problems. “No”, “Cancel” and “Close” are the only correct answers to this. Whatever you do, don’t install anything and DO NOT give them your credit card information. If you can’t get rid of it using reputable software (e.g., Malwarebytes Anti-Malware), call a professional.
Bob: So what do you tell all these unlucky folks to do once they are infected?
Lee: If so, assume the worst and get it professionally cleaned. No single malware removal tool can eliminate all possible infections. And once that door has been cracked, there’s no telling what has crawled in and is hiding under the proverbial carpet. Data loss can be a real bummer, but that’s not the worst of it. I have spoken with people who have suffered serious identity theft. Believe me when I tell you that you don’t want it to happen to you.
Bob: Also, there is often residual damage left behind even if your system was effectively cleaned. It’s not uncommon to need to wipe your entire hard drive and rebuild Windows from scratch. This is more involved because first you need to save all your data (pictures, letters, etc.) onto a jump drive, or more likely, an external hard drive. Reinstall Windows from the original disks or from the Recovery Partition on your hard drive. Then you have to clean off all the bloatware (lousy, consumptive, useless software that nobody actually uses) that your computer manufacturer was kind enough to pile on your system, reinstall all your software (Microsoft Office, etc.) and re-integrate your data.
Lee: And the result is better because you’ve cleaned out all that system corruption that inevitably happens over time. You’ll likely end up with a faster, more reliable machine.
Bob: I hear people complain, “But, hey, I have anti-virus and anti-spyware software and got infected anyway!”
Lee: Yup. Most of the folks that come to me with malware damage are in the same boat. It stinks. However, once cleaned and set up with the right preventative tools, you can very effectively avoid further problems.
Bob: And remember, even if you are clean and well protected, you can always manage to get infected or have your private information stolen. One of the most common ways is from “free downloads”. DO NOT download programs unless they come from trusted sources, like an Apple App Store. Use common sense and ask yourself “how are those expensive software engineers getting paid?” Very few malware hackers write software attacks purely out of malice. Profit is the name of the game.
Lee: Some folks mistakenly think their Firewall protects them from bad downloads.
Bob: Nope. It’s not the firewall’s job to stop something that the user has invited in. The firewall, whether it’s in your router or in Windows, turns away unfriendly strangers (e.g., the Big Bad Wolf) who come a-knockin’.
Lee: Also, unless you have absolute confidence in the site that is asking for it, never give up your user names, passwords, social security number or credit card information. Also, remember that your bank will rarely, if ever, include a log-in link in an e-mail. Always log into accounts directly from their website – which you can know is indeed the real website if it looks like http://blah.mybank.com/blahblah in the address bar of your web browser. You can be sure that your connection is secure if you see “https” at the beginning of the address. It’s also a good idea to set up bookmarks (or Favorites) for your trusted sites so you know you’re always going to the right one.
Bob: Does a Mac owner need to install anti-malware?
Lee: Probably not. Macs have been nearly immune to malware, largely because they are a far less desirable target for the hackers. While Macs are growing in popularity, there is still only 1 in 10 amongst PC’s. As a Mac user, you are over 200 times less likely to experience an infection. Many experts argue that Mac users are better off with no added anti-malware. However, in theory, the more Mac users there are in the world, the more appealing they become as a target for hackers.
Bob: Are you suggesting that Windows doesn't have an inherent, abhorrent, propensity to be hacked?
Lee: I'll stop you when you're lyin'.
Bob: There’s a bajillion anti-malwares out there. How the heck do you know which one to use?
Lee: Choose your anti-virus software wisely, Grasshopper. Most of it is inferior. In addition to giving a false sense of security, many anti-malware programs can do more harm than good. Any good, experienced professional geek should be happy to offer worthy advice on the subject. But be cynical. If they have ulterior motives, such as their employer has a deal with certain providers, you may get a bum steer.
Bob: Don’t you need more than just anti-virus software? Anti-Spyware? Anti-Adware? Internet Security?
Lee: No. Not anymore. Strong anti-virus packages now cover most threats that Windows doesn’t. The browsers have also gotten better at warning you of bogus web content. Just ONE good anti-virus program is all I recommend these days.
Bob: There are so many free anti-virus packages. Why not just use them?
Lee: Well you get what you pay for. The only free one I recommend is Microsoft’s Security Essentials – and that’s with caution. If your machine is used for business, online transactions, or other critical tasks, I highly recommend paying for the strongest anti-virus programs available. They should cost about $30 per year, but that can drop to $15 if you get a multi-user, multi-year activation.
Bob: What about this ridiculous torrent of updates these days? Microsoft, Adobe, Java, Apple – the list goes on. It seems like there’s always something warning me that it needs to update itself, usually for security.
Lee: Suck it up dude. Keep all those legitimate programs UP TO DATE. Make sure your Windows Updates are set to occur automatically. It’s an important and integral part of maximizing your security.
Bob: I suppose now you’re gonna pull out the soapbox and speak of reliable Back-ups in case of malware damage.
Lee: Um. Yup. But that’s a whole ‘nother topic worthy of its own Tech Talk.
Bob: My head hurts.
Lee: Here, this should help.
Bob Gilson is CodeSail.com. He has been building software for more than 20 years. His favorite areas of creativity involve large databases, e-commerce, real time networking and large scale web hosting.
Lee Hall is PeakWestPC.com (Lyons Chamber of Commerce Member). He has been an enthusiastic Lyons resident for over two years. He has been working with PC’s for over 20 years – since earning degrees in both hardware and software.