Wednesday, February 17, 2010

Computer Safety Tips

Malware hits all-time high in January

By Vivian Yeo ZDNet Asia
Posted on ZDNet News: Feb 10, 2010 5:33:13 AM

The amount of unique malware tracked by security vendor Fortinet, reached an all-time high in January.

Its distinct malware volume soared to over 9,000 last month, more than twice that in December, the company said in a statement Wednesday. Headquartered in Sunnyvale, Calif., Fortinet collects data from its FortiGate network security appliances and intelligence systems located globally, and compiles monthly threat statistics from the data. ( http://news.zdnet.com/2100-9595_22-392235.html)



Does this sound like it's getting tougher to keep your computer free of malware? You bet it is, and not only are there more things to attack you, but the bad guys have been putting a lot of effort into social engineering.

What's social engineering? Basically it's the crafting of a web site to get the innocent to click on a link that's been built to infect your computer with some kind of malware. It may do something a simple as changing your home page to some porn page, or as nasty as a link to install a Trojan horse that will download and install any number of nasty programs that can render your computer basically useless.

I worked on a computer earlier this year that was infected by malware named Additional Guard. It was installed when he was searching for information on a problem he was having with his refrigerator. It created a shortcut on the desktop and would pop-up whenever he opened a webpage, saying the machine was infected with x number of viruses and offered to clean things up for just $30 dollars.

We checked in control panel to see if it could be uninstalled with no luck. I ran a number of free spyware and virus scanners without any luck. I was able to find uninstall instructions but the problem was this malware uses a number of different hidden directories and registry keys to disguise and hide it self. After many hours of work and frustration we rebuilt the laptop to get things working again. Almost all viruses and malware can eventually be removed, but more times than not it is much quicker to rebuild and reload the machine. At some point you have to say enough is enough and just bit the bullet.

No software can protect you 100%. You may have the honor of being the first person to be infected by a particular virus. Current virus software looks for a virus signature to detect the virus, and until a signature can be created everyone is vulnerable. Here are some tips to minimize your exposure and pain when something does infect your machine.

  • Make sure you are at the minimum running virus software and keep the signatures updated.

  • Run a firewall, at least what comes with your OS, or better yet put a router between you and the internet.

  • Backup critical files regularly BEFORE you get infected.

  • Be sure all your OS's fixes and security updates are applied. Most of the updates are to correct security issues that have been identified. If you don't want to rely on windows update there are programs designed to check the software on your machine to make sure everything is up to date not just the operating system. Secunia PSI is a free and recommended application.

  • Never open an email attachment from someone you don't know.

  • Avoid opening attachments from someone you know unless you know exactly what the attachment is.

  • Use a standard user account unless you need to use an administrator account.

  • Whatever you do, please do not turn off UAC in Vista or Windows 7. That little popup that is so irritating could be your only clue that the web site you just visited is trying to silently install malware on your computer.

OS – Operating System

Malware – malicious software, anything from a key logger to spyware to a virus.

Router – a hardware firewall that goes between your computer and the internet.

UAC – User Account Control, notifies you when changes are being made to your computer, such as installing a program, changing registry keys or changes to your browser.