How to Keep Your Computer Safe from Malware, Ransomware, and Viruses
You've read the title and might be thinking.....
How is it possible?
Of course it is possible.
And you might be saying.....
But I keep my Anti-Virus Software updated, I scan for Malware regularly and still my PC gets infected occasionally. True – that's not enough though.
Ok – you might not prevent infections completely.
But if you follow more precautions, apart from keeping Anti-Virus Software updated and scanning for Malware regularly, there's a bigger chance that your PC will stay clean.
How?
You just need to follow a few protocols or rules.
You have to be extra careful yourself first.
Always remember – you hold the key to your computer's security.
And this is the purpose of this Blog.
We want to help you exercise more caution when using your computer.
Rest assured that, by following these tips, the chances of your computer getting infected will be much less!
Malware, Ransomware, and Viruses have increased at an alarming level nowadays – it's no big news.
Everyone is aware.
Unfortunately, not everyone is aware that most infections are a result of our own negligence.
We just have to pay attention to our actions when on the Internet, while checking our e-mails and when performing other tasks on the computer.
A combination of the above – exercising more caution – and keeping our Anti-Virus / Anti-Malware updated + scanning regularly, will be the best way of defence.
Ready to explore?
Let's go.....
Rules to Follow When Using The Internet, Reading E-Mails or Performing Other Tasks
Granted – most of us don't like rules, right?
However, as you undoubtedly are aware, rules make our life easier.
More peaceful.
Less stressful.
Which one do you prefer?
(a) A clean, pop-ups free and better performing computer?
Or
(b) A slow computer, full of pop-ups and various infections?
Without a doubt, your choice is option (a).
So, to achieve result (a), we are going to give you five rules to follow.
1. Do not click on links before making sure they're legitimate and NEVER click on suspicious links while browsing the Internet, on Social Media or when reading e-mails
What do we mean by this?
Look at the example below.....
Do you think it's safe?
If you're answering yes, we don't blame you.
At first glance it looks like something legitimate from Microsoft.
However, it's not!
Why?
The Anchor Text (the clickable text in the blue and underlined hyperlink) says that, once we click, it will take us somewhere (we're assuming a Microsoft website) to increase the mail storage.
BUT ... when moving our mouse on the link without clicking (also known as hovering over a link), we discover that it will actually take us to a completely different website.
See for yourself.....
Moving the mouse over the Anchor Text "Click here to increase your mail storage" reveals the actual destination – http://sarwarsca.com/increase (do not click on this link).
Definitely not a Microsoft website, right?
Because, if it was a Microsoft website, then the link would look something like this – http://microsoft.com/outlook/increase (this is just an example; link doesn't exist) – or similar.
It would surely have the word "microsoft" in its URL, no?
This is an example of Phishing.
Phishing schemes are attempts to steal personal information and money through fraudulent e-mails, websites and Social Media sites that look legitimate.
Sometimes, identity thieves use phone calls as well.
These e-mail messages, websites, etc. often provide links to fraudulent websites where you are asked to disclose Credit Card numbers, Social Security numbers or other private information.
Furthermore, as you can see from the image above, phishing is often easily recognisable due to poor grammar and/or spelling (highlighted in red).
Cybercriminals are not known for their grammar and spelling. On the other hand, professional companies or organizations usually have a staff of copy editors that will not allow mistakes like these.
This means that you always have to be on alert. If you notice mistakes in an e-mail or even a website, it might be a scam.
Therefore, first lesson learnt – move the mouse on the link without clicking to make sure that the link is going to take you where it actually says!
It's a precautionary measure that involves only a few seconds but that will help you avoid certain malicious websites.
And this applies to Internet browsing, Social Media like Facebook and e-mails.
In addition, always keep in mind that illegitimate links often contain a series of numbers or unfamiliar web addresses.
Thus, if you notice suspicious links, DO NOT click on them. It's better to be safe than sorry!
Hovering over a link with a mouse applies to desktop computers or laptops. You can't hover over a link on touchscreen devices like tablets and smartphones.
Worry not though – there's still a way!
With most iOS (Apple) and Android devices, you can preview a link's URL before opening it. Just tap and hold the link until an actions screen appears with multiple options and look at the top of the pop-up box to see the link URL.
This way, just like hovering over a link, you can make sure that you're going to a legitimate website.
2. Avoid clicking on a Pop-Up Advert unless you're absolutely sure it's a legitimate advert
Picture this.....
You're browsing and you see an Ad for the shoes you've been longing for a long time or that you're the winner of some competition without even taking part!
Source: PAK’nSAVE
And you click.....
But the fake Ad takes you to a porn site or other malicious website.
You close the page and you think it's fine – it's gone.
You're wrong.
Very wrong.
By simply clicking on that pop-up, you've just 'subscribed' to many more pop-ups and Malware, to mention a few.
These fake Ads are commonly known as online scams.
Now, what about this alternative?
You see an Ad for the shoes you've been wishing and instead of clicking on the pop-up, you go to search for those particular shoes on Google or eBay, for example.
Isn't that more safe?
Of course it is.
And you have avoided additional pop-ups, Malware and the lot!
Now, there are certain Ads that are safe, of course.
Like these.....
These Google Ads (marked with the word "Ad" beside the website link) are approved by Google and they are absolutely safe.
As you can see, they don't come in the form of pop-ups but they make part of Google's Search Engine Results Page – SERP in short.
Needless to say, not all Pop-Up Ads are malicious or fake.
But it's extremely important that you're absolutely sure before clicking to avoid trouble.
3. Never open e-mail attachments from persons you don't know (and sometimes, even from persons you know!)
E-mail attachments are the most common source of Ransomware infections.
And, as you already know, a PC infected with Ransomware is practically unrecoverable – including the data, if you don't have a backup.
So, why go all through this hassle when you can avoid it?
How?
By making sure that any attachment you open is coming from a source you know and that it's safe to open.
Look at the example below.....
What should you do when you receive this type of e-mail?
First things first – check the Sender.
Do you know him or her?
This e-mail was sent to me and the answer to the above question is NO!
A no for an answer is already a warning sign.
Ok, occasionally you might receive e-mails from people you don't know.
But, most of the time, you already know the people who send you e-mails because you either gave them your e-mail address yourself or you subscribed to their newsletter in the case of companies – no?
If you didn't give them your e-mail address, how did they get it?
That's another red flag!
Next step.
Check the Subject and contents of the e-mail.
In our example, the Subject is the Invoice number and in the contents, Ms Julie Ray is saying that she's sending me the Invoice that I "requested"!
What? I definitely didn't!
Other e-mails similar to this would be those in which they send you an Invoice for some works carried out for you.
If you receive these types of e-mails, ask yourself: Did I have some works carried out lately?
Unfortunately, certain people STILL open the attachment even when they know that they didn't have any works carried out recently!
Where's the common sense?
We still haven't mentioned the type of attachment and we already know that the e-mail in our example is dangerous and malicious!
Last step.....
The Attachment!
Now, let us for a moment ignore the Sender, Subject and contents.
Take a closer look at the attachment.
Did you ever notice that an attachment ends with two, three or four letters after the '.'?
That's called a filename extension.
Each filename ends with an extension.
To give you some examples: .docx and .doc for Microsoft Word documents, .jpg and .png for image files, .pdf for – oh well – PDF files.
PDF files are their common name but PDF stands for Portable Document Format and is the most common type of attachment used in e-mails.
Why?
Because, generally, it's the safest type of document that can be sent via e-mail.
Look closer at the above attachment.
Its extension is .7z.
Now, before jumping to conclusions, files with the extension .7z are compressed archive files created with 7-Zip open source software. The 7-Zip compression is similar to .zip (Winzip), which is the most popular file compression or archive format.
Therefore, a file with the .7z extension is not harmful 'per se'. It's a file compression used by many people around the world.
However, unfortunately, Cybercriminals are using 7-Zip (and sometimes even Winzip) compressed archive files to store malware, malicious programs or viruses in them. This is done in an attempt to prevent Anti-Virus Software from detecting them.
So, what should you do if you receive an e-mail with a .7z attachment?
DON'T OPEN the attachment and follow the 'first things first' recommendation – check the Sender and his/her e-mail address. Keep in mind that, any attempt to open a malicious attachment like the one above, will result in an infected computer!
If you don't know the Sender and the e-mail address is totally unknown, you can just delete the e-mail.
If, on the other hand, you know the Sender or the e-mail address sounds familiar, then follow a cautionary approach. Call the Sender to make sure that he/she sent the e-mail and the attachment. This will also confirm that the Sender's PC is not infected and sending out e-mails on its own.
Another type of malicious attachment that you need to keep an eye out for is that with a double extension, such as receipt.pdf.js or receipt.pdf.zip.
Do you think these types of attachments are normal or safe?
Definitely not!
Always remember that the extension is the last period and the characters that follow it.
Therefore, the receipt.pdf.zip attachment is trying to fool you by making you believe it's a PDF file, when in fact it's a ZIP file containing Malware.
The receipt.pdf.js attachment is also trying to make you believe it's a PDF file, when in fact it's a JavaScript file. JavaScript is used to write programs and, if used as it should, it's a great tool.
However, JavaScript files hidden in attachments can be very dangerous and, unfortunately, Cybercriminals are increasingly turning to JavaScript attachments.
As a result, if you ever receive an attachment with a double extension, don't even think about opening the attachment and delete the e-mail immediately.
Even if the Sender is someone you know.
That might mean that the Sender's PC is infected with Malware or Viruses and the e-mail program is sending out e-mails to people in the address book, like we mentioned a few seconds ago.
The person who owns the PC won't be aware of this, so it would be a good idea to inform him or her if you receive these types of e-mails from them.
Other dangerous attachments include .exe files, and Microsoft Excel / Word files.
Files with an .exe extension are executable files for DOS and Windows Operating Systems and, as most of you know, they are the most dangerous of all. Just knowing that it's an executable, it's enough of a hint that you should not open the attachment!
Certain mischievous e-mails similar to the one above will send an .xls or .xlsx file (Microsoft Excel extension) as an attachment and in that spreadsheet there would be malicious Macros (i.e. they would include Viruses) which will come into effect as soon as you open the spreadsheet and enable Macros.
Microsoft Word documents can contain Macros as well.
Source: Sophos
For security reasons, Macros don’t run by default. But, an outright block on Macros can get in the way, because many legitimate Word and Excel files use Macros for perfectly good purposes, such as helping you fill in forms or perform complex calculations.
This means that users can enable Macros if they think they need to and it could lead to Ransomware, or any other Malware infections.
Fortunately, Microsoft has added a new policy option into Office 2016 that allows finer control over documents with Macros.
You can now limit the functionality of the Macro programming system so that, even if users normally have the chance to enable Macros, they can’t if the Macros came in an Office file from the internet.
As Security Researchers have discovered lately, even some PowerPoint files received as an attachment may be dangerous!
You don't believe us?
Read this article. We'll be here when you come back.
As you can see, you need to have a healthy suspicion when opening any type of e-mail attachment.
Sometimes, PDF files as well – even if they are considered the safest!
There are certain Anti-Virus Software that scan each attachment as soon as it's received and, obviously, it's good to have such a program.
However, you must not rely on a program completely and blindly – you must do your homework as well.
4. Try not to use P2P (Peer-to-Peer) streaming sites to watch Movies, Live Sports or TV Channels, if possible
Yes, we know ... in today's Internet world, avoiding P2P (Peer-to-Peer) is very difficult.
Most P2P streams are free and, evidently, the majority of us prefer to use them instead of paying a lot of money for a quarter (or less) of what can be seen on these streams.
But, choosing to watch TV or movies via P2P has its repercussions as well.
First of all, you might be accessing illegal material.
Streaming technology like P2P isn't illegal. However, the nature of the content you're receiving might be.
If a site streams movie trailers or short music/video clips that have been approved by the copyright holder for promotional purposes, then this is obviously an authorised usage and there's nothing illegal.
However, websites that illegally upload and stream copyrighted material and/or Live TV Channels, are infringing on copyright and therefore you should not use these.
This offense is punishable by law in most countries, so you have to be careful.
Legalities aside, more often than not, the most annoying thing of P2P streaming sites are definitely pop-ups and 'tempting' ads running continuously on the sites ... a lot of them in fact.
And remember, by just closing a pop-up, it doesn't mean that it's 'gone for good'.
Each time a pop-up comes to greet us, by the time we close it, it leaves its traces in our computer (usually as a cookie) and it will be displayed over and over again every now and then.
Not only.
Certain pop-ups are also malicious and they might leave Malware or Potentially Unwanted Programs (PUPs) in your system.
You might be asking: But why all these pop-ups?
Simple: P2P companies need revenue to share TV streams for free. This revenue comes from pop-ups ... because pop-ups are Adverts, of course.
Marketing tools if you wish.
Nobody gives you something for free.
Yes, you are accessing them without paying anything.
But these P2P companies, instead of collecting money from you to provide the streaming service, they collect them from other companies and websites that pay to place an advert (pop-up) on these P2P streaming sites.
Another problem with these P2P sites is the visibility of your IP Address.
What is an IP Address?
To put it simply, it's an identifying number for a piece of network hardware.
To help you understand better, it's like the address you write on the envelope when sending a letter by mail to another person.
Computers use the unique identifier (IP Address) to send data to specific computers on a network, like the Internet.
When browsing the Internet, you are assigned a Public IP Address by your Internet Service Provider (ISP).
Therefore, with your IP Address public – hence, visible to everyone – it's very easy for the authorities to track you down and charge you for accessing illegal material via P2P sites, like we explained earlier.
In fact, nowadays, P2P streaming sites suggest that you use a VPN (short for Virtual Private Network) to hide your IP Address – at a cost of course.
While using VPN will make you anonymous by hiding your IP Address, keep in mind the legalities we mentioned earlier.
If you're watching illegal material, you're still breaking the law – with or without VPN.
5. Be careful when using USB Flash Drives (or Pen Drives), especially when they've been used on another computer
Years ago, we had to be careful when using Floppy Drives.
At that time, most Viruses used to spread via Floppies. The Internet wasn't the same as it is today.
Thankfully, Floppy Drives are a thing of the past.
But ... in the modern age, we have USB Flash Drives. Some prefer to call them Pen Drives. The meaning is the same.
And Flash Drives still pose a risk.
We like to call them the Floppies of the 21st Century!
Why are they risky?
Because, like Floppy Drives, they can also spread Viruses or Malware.
If your computer is clean and you use a Flash Drive for your own personal use, such as to back up files for example, then you don't need to worry. There's no risk at all.
Conversely, if your Flash Drive is used on another person's computer, then you are risking.
How can you be sure that the other person's computer is not infected?
We had cases where clients took their Flash Drive to Stationery shops to print some school documents and, when they inserted it back in their computer, it activated a Virus.
The shops' computers were infected, the Virus placed itself into the Flash Drive and it triggered as soon as the clients inserted the Flash Drive back into their computer.
Do you see now how careful you have to be?
Mind you, we're not blaming the shops here. Far from it. We have no doubt it wasn't done on purpose.
In fact, most probably, the people managing the shops didn't even know that their PCs were infected.
And that is why everyone must follow the rules that we mentioned in this Blog and make sure that their Anti-Virus / Anti-Malware Software are up-to-date.
By being more vigilant, we will reduce infections considerably.
You might be saying: So what now, I can't take my Flash Drive to a Stationery shop if I need to print documents?
No ... we're not saying that.
Not everyone has a Printer at home and if you have school projects or any other documents, you have to print them somewhere.
Apart from that, some people prefer to print long documents at a Stationery shop even if they have a Printer because, most of the time, it's more cost effective.
We're just advising you to be more careful.
The first step – make sure that you have a good Anti-Virus installed, that it's updated and that it can detect threats as soon as you insert a Flash Drive.
Source: Into Windows
This way, if your Flash Drive gets infected from someone else's computer, you can put your mind at rest that your Anti-Virus will be able to detect it and clean it accordingly.
We are going to recommend some of the best Anti-Virus and Anti-Malware solutions in a while.
The second step – use a separate Flash Drive just for these printing situations and copy only the files that you need to print.
Flash Drives are very inexpensive nowadays and you don't need one with a large capacity if you're just going to put documents on it. A 4GB or 8GB one would be more than enough.
This way, if the Flash Drive gets infected and your Anti-Virus Software is not able to clean it, you can just reformat it and you won't lose other important data which was stored on the Flash Drive.
Of course, you will lose the document/s that needed printing.
And that brings us to.....
Step three – always keep a copy of the data you put on a Flash Drive on your computer and, preferably, on another Flash Drive as a precaution.
We've encountered situations where clients transferred their data from the computer to the Flash Drive and didn't leave a copy on the computer.
Guess what?
The Flash Drive got damaged or infected and they lost everything!
Now that's a disaster, right?
So you must always have your data in at least 2 other places (PC, Flash Drive, etc.) to be on the safe side.
That's not enough though!
It's extremely important that you also back up your data regularly so that, if your PC gets infected as well and you need to reinstall from scratch, you can restore everything from your backup copy.
It might seem like a lot of work – trust us, it's not.
And at the end of the day, you will not regret it. All these suggestions will provide you with peace of mind, if disaster strikes.
Some Anti-Virus and Anti-Malware Software Recommendations
Following the rules without having protection is useless anyway.
If, by any chance, you forget to practice one of the rules, you need another line of defence.
Sometimes, even if you follow all the rules!
For this reason, here's a list of some of the best Anti-Virus and Anti-Malware solutions around:
- Microsoft Windows Defender – Free and built-in to Windows 10.
- Kaspersky Anti-Virus / Internet Security / Total Security – Starting from around €33 for Windows PCs and €50 for Macs per year. Very reasonable prices and excellent value for money.
- Kaspersky Ransomware Decryptors – If your PC ever gets infected with Ransomware (we hope never), these Decryptors can be downloaded for free.
- Malwarebytes AdwCleaner – A free and awesome tool used to remove Adware and other unwanted programs.
- Malwarebytes Anti-Malware – The free version detects and removes Malware and advanced threats but you must run the scan manually. The Premium version costs €39.99 per year (€59.99 instead of €79.98 for 2 years) and you will benefit from real-time protection, Anti-Ransomware technology and malicious website protection; amongst others. Highly recommended.
- Sophos HitmanPro – You can opt for the 30-day trial and during this time it will remove Malware for free. After 30 days, product must be purchased to remove Malware. A 1-Year License for 1 PC will cost you €19.95 only. You can also choose a 3-Year License for €39.90, 3 PCs 1-Year for €29.95 and 3 PCs 3-Years for €59.90. Highly recommended as well.
Summary
Keeping our computers safe from Malware, Ransomware, and Viruses might seem an impossible task.
In reality, it isn't.
Yes, fair enough, the Internet how it is today makes it a bit more difficult – but not impossible.
What we must always remember is that WE must be the first line of defence.
Our actions.
It doesn't make sense that we purchase the most expensive and sophisticated Anti-Virus Software and then, we are careless in our actions – we click on any links that we see, we open attachments without checking what type they are, etc.
After all, regardless of how sophisticated our Anti-Virus is, it's still a computer program.
Therefore, far from perfect!
If, for example, the Anti-Virus is lacking some updates and we open an attachment that contains one of the latest Viruses, the probability is that it won't be detected due to the lack of updates.
Meaning?
Well, you know the answer – right? An infected PC or Laptop.
Caused by?
Our negligence, of course!
Follow the rules that we mentioned, start exercising more caution when using your computer and your digital life will be much less stressful – guaranteed!
What about you?
Do you practice these rules or some of them when using your computer?
Are there any other tips which we missed that will help keep a computer clean?
Which Anti-Virus and Anti-Malware solutions do you use? And why?
Let us know in the Comments section below!
About the author
Anthony Grima
Anthony has been in the Information Technology industry for more than 22 years and specialises in Digital Marketing. His passion for helping people in all aspects of IT and online marketing flows through in the expert industry coverage he provides. Anthony also enjoys watching football.