Malware Tips - Fighting Viruses, Trojans and Spyware
Posted by Dan Shelton, Last modified by Dan Shelton on May 29 2019 05:46 AM
Malware (bad software) includes a broad range of threats like viruses, worms, trojan horses and spyware that can vary in their severity from the merely annoying to the incredibly damaging. Although ProCirrus deploys an enterprise level, multilayered approach to security, end-users play a vital role in security. The following tips will help users protect themselves and their firms from the risks associated with malware.
Anti-virus software is not fool proof
Anti-Virus software uses a constantly evolving library of signatures and heuristics to identify threats. These signatures are developed in response to vulnerabilities when they are discovered by the software vendor. The time frame from when a bad actor (i.e. "hacker") develops and releases an attack until the software vendor recognizes and updates its software signatures is a period of vulnerability known as the zero-day.
Malware programmers rapidly develop their attacks to take advantage of this window and are very effective at concealing their intentions to the unwitting user. Zero-day threats and malware in general are most commonly executed by users either by downloading an infected document or by clicking an infected link.
If the email doesn't look right or you didn't expect it - DELETE IT
Malware is most commonly distributed by shady websites and through email. If you receive an email that looks shady, even if it's from a recognized person - delete it without opening it. It is very common for external users to have their email accounts hijacked allowing bad actors to send on their behalf. Don't be curious, if you are not 100% sure delete the email, or at a minimum call the sender.
Also, use a little common sense when opening emails or clicking on links. If you have received emails from a sender in the past, does this new one look different? Here's a common example that seems to go around every year.
Avoid shady websites and malicious links
Never open links to webpages that you don’t recognize or that are sent from people you don’t know. If you are uncertain about a link, you can right click on it to see the actual URL - if you are not 100% certain of where its taking you - DON'T CLICK IT. Malicious websites can also install malware on your PC when you visit them. Use caution – If you view a website that doesn’t look quite right, or unexpected things happen when you visit, close your browser,. If you are not on a computer managed by ProCirrus, download the latest updates for your security software and run a quick scan on your PC.
Don't download software from unknown publishers (Free can be costly)
What is a publishers incentive to offer free software? Be very wary of free software as it is a common vector malware, especially spyware.
Don't fall for ScareWare
A scareware is a form of malware that poses as a security program, pretends to scan for threats and malware on your computer, and then lures you into paying real money in exchange for solving the imaginary threats. When a scareware appears on your computer, the best response is to shut down the browser immediately. Don’t click on either the “Close” or the “No” buttons on the pop-up screen as some scareware variants have been designed to send computer users to a malware distribution site when these buttons are clicked.
Ransomware - one of the worst!
Ransomware is a type of malware which tries to frighten or force the computer users into paying a ransom. Ransomware is divided into two basic groups: encrypting and non-encrypting. Some variants in the first group use a commercial-grade encryption to encrypt files and force the victims into paying for the decryption key. CrytpoLocker and CryptoWall are common names for this type of virus. Once this system has begun encryption the only option is to pay the ransom or recover from backups. Ransoms can run in the thousands of dollars and are usually paid in Bit coins. Even when the decryption key is purchased the recovered data is often corrupted.
Due to the profitability of ransomware, it is commonly mutated to take advantage of the zero-day window. Users must be vigilant and maintain frequent backups to protect against this malware.