Malware is a category of malicious code that includes viruses, spyware, worms, and Trojan horses. Destructive malware will utilize popular communication tools to spread, including worms sent through email and instant messages, Trojan horses dropped from web sites, and virus-infected files downloaded from file sharing programs. Malware will also seek to exploit existing vulnerabilities on systems making their entry quiet and easy.
Malware typically strike people when they are surfing the web. There is not a single type of website where these applications are found, but they are more common from sites offering pirated goods and adult content, as well as blogs and forums. They can even sneak into advertisements on legitimate sites, usually through banner ads at the top of Web page. In order to get installed onto a system, a person is usually either tricked into downloading the program (thinking it’s something else) or a small program called a “Downloader” is installed by the attacker through an un-patched flaw in the person’s web browser. This is often known as a “drive-by” install.
Here are some tips to help protect yourself from malware:
- Never open email attachments from people you don’t’ know. Unless you know exactly what the attachment is, don’t open email attachments from people you DO know. The sender may not know the attachment is infected.
- Don’t click on any links inside email unless you know for sure they are safe. If you do, you may install software on your computer.
- Don’t click on links in spam that claim to offer anti-spyware software. Some software offered in spam actually installs spyware.
- Know the standard look of your system alerts. Stay away from the “No Thanks” buttons if you can help it, and instead close the window with the default “X” at the corner of the toolbar. For an even more reliable option, use the keystroke combination ALT+F4 for “Close window” built into Windows.
- Don’t install any software without knowing exactly what it is. Take the time to read the end-user license agreement (EULA) before downloading any software. If the EULA is hard to find or difficult to understand, think twice about installing the software.
- Never respond to financial or other offers, no matter how legitimate they appear to be: legitimate companies do not request confidential information such as credit card or Social Security numbers by e-mail; any sweepstakes or other offer that looks too good to be true should be ignored
- Limit use of personal email or IM: Your business email is filtered, your personal email may not be.
In summary, follow these simple steps and use common sense. If you think you are already infected call Design One.