Malware, viruses, and other internet nasties are a fact of Internet computing today. They are unavoidable on almost any platform which is why we’re such huge proponents of a solid backup solution. Stefan explained a few weeks ago why he doesn’t use an antivirus. While it’s all good advice, it fails to recognize the newest threats that are unavoidable.
Avoid Malware: Stay off The Internet
Although I disagree with Stefan, I have a computer in my home that has no antivirus. I agree it can slow down a computer and cause compatibility programs. This computer does one thing: Quickbooks. I don’t use a browser. In fact, to prevent any browser from launching, I disabled DNS on it.
Although XP has long since been vulnerable to unpatched security problems, you can still prevent malware from getting on it. Stay off the Internet. It’s not that hard. All you need to do is disable the Network Adapter and never connect it anywhere.
Malware Doesn’t Indicate Unsafe Activities
Many users think they get viruses and other malware from hanging out in the “after-hours” areas of the internet. Pornography, gambling, and other questionable activities are assumed to cause malware. That’s less about technology and more about judgment. If you are doing something that’s questionable, malware should be your punishment, right? Not necessarily.
Assumptions like this lead to a false sense of security. “As long as I keep to safe areas, I’ll be fine.” It also creates conflict when people do get malware. I’ve seen employees unfairly fired because a computer got a virus. That’s not fair.
Ad Injection Problems
Legitimate sites like the New York Times and Yahoo get infected due to the convoluted way ads appear on websites. When you see an ad, it’s usually through an ad network. A website owner works with a company that takes care of advertising on the site. That network then contacts advertisers or other networks to find ads and then pays the website owner. The problem is that somewhere in that network, scammers place ads. They might put an ad that your plugins are out of date or you need to upgrade your browsers.
These ads might only show for a few minutes or hours until the network shuts them down. That’s all it takes though to get infected.
Poisoned Ads and Search Results
One of the most dangerous websites on the Internet isn’t some pornography or free software company, but Google. Let’s say you’re having a problem with Gmail. Wouldn’t it be easy to call someone at Google?
When you search for “Gmail tech support” (Please don’t), every phone number you find isn’t for Google. Those companies are trying to offer you paid tech support. They’ll offer to download software to fix your problem or remote control your computer and fix the problem. Once you do that, your security is comprised.
It’s not just Google; it’s any search engine. When you try to download the latest version of iTunes, lots of third-party sites have installers that are riddled with adware or PUPS (potentially unwanted program). Google does a decent job of filtering those fake companies out–the only legitimate source of iTunes is Apple. If you look at these Yahoo results, the first one is an ad for another program that includes extra things besides iTunes (possibly malware, I’m not going to download it).
The latest variation of this threat is fake browsers. They completely replace your browser and make you think they are a official version of Chrome instead of just being another piece of sophisticated malware
Even with super-safe and secure internet browsing, emails can lead you astray. The adage was “never open emails from people you don’t know.” That was true in the dial-up days (anyone watches Halt and Catch Fire?), but not today. Email passwords get compromised, and fake emails get sent out. I think everyone has gotten the email about a friend being stranded in a foreign country and needing money.
Just this week I received an email from a “friend” telling me to click on the latest vacation pics. She did recently go on a trip, so I clicked it. Oops. It took me to a fake website, and a program started downloading. I called her to tell her the email was comprised. She used a hotel computer that was infected and it stole her password.
If you never browse the Internet or check your email, but just have it connected to the Internet, that’s enough to cause you problems. When you buy a computer new out of the box, it comes with software that needs updates. If you are security conscious, you do the updates to protect your system. That’s a problem. Along with those updates come automatically bundled crapware programs. For example, Java updates include the intrusive and annoying Ask Toolbar. Or when updating Adobe Flash, it tries to sneak in a trial for something you don’t want. If you read the terms of service for the update, you can disable it. As the meme says, ain’t nobody got time for that.
I’ll briefly mention the risks of Flash and the benefits of avoiding it: it’s a risk, avoid it.
Lenovo recently got caught installing software on new computers that comprised of owners’ security. That was a blatant and clear violation of user trust, but any bundled program can cause you problems.
What’s the Solution?
As Stefan pointed out, antiviruses suck. They create a layer between you and your computer. That’s intrusive, but also necessary. Windows 8 and Windows 10 include Windows Defender. That’s a good baseline defense and stays unintrusive. Windows 7 users can download the equivalent version of Microsoft Security Essentials (check the licensing requirements).
Programs like Malwarebytes for Mac and PC do an excellent job of removing threats but don’t always prevent them. Apple is great about coming up with security updates for the latest threats.
Let’s assume you decide protection just isn’t for you and you want to browse the Internet. There are a few ways you can avoid malware without running antivirus software all the time.
Those potentially unwanted programs are everywhere and install themselves by default. If you want to avoid remembering to read and uncheck options, Unchecky has you covered. It runs in the background and watches to make sure installers do what they say. They avoid too many extras.
Another excellent site that lets you install free software in bulk, and unchecks all the crapware and malware in the installers automatically is Ninite. We’ve covered Ninite in the past and have had years of success using it, especially when setting up a new PC.
Web Of Trust
Web of Trust is a browser extension and uses the classic green, yellow, and red lights to warn you of unsafe content. It installs in your browser of choice and tells you when a search result is a known hazardous site. If you stick to the green, you’ll be in the clean.
When you need a new version of a program or an update, searching for it might produce unsafe results. PatchMyPC scans your computer for traditional programs that are out of date. It then does the updates directly. If you want to add a program to your computer, just check the name of the list. The program installs in batch and without intervention.
Enhanced Mitigation Experience Toolkit
EMET from Microsoft prevents a myriad of attacks. It won’t actively seek out problems like antiviruses or antimalware. It does prevent software programs from modifying your system using standard attack vectors.
OpenDNS replaces your ISP’s DNS server and creates a more protected surfing environment. It includes customized family security protection but also prevents you from going to sites known to cause problems.
While I agree with Stefan that in an ideal world, we don’t need protection against malware, but the reality is a little bit different. It’s dangerous to go alone on the Internet, take this guide with a few tips.
What’s your take? How do you protect your system against malware? Leave a comment below and tell us about it.