Avoid Malware: Stay off The Internet

Although I can’t entirely agree with Stefan, I have a computer in my home with no antivirus. I agree it can slow down a computer and cause compatibility programs. This computer does one thing: Quickbooks. I don’t use a browser. In fact, to prevent any browser from launching, I disabled DNS on it.

Although XP has long since been vulnerable to unpatched security problems, you can still prevent malware from getting on it. Stay off the Internet. It’s not that hard. All you need to do is disable the Network Adapter and never connect it anywhere.

Malware Doesn’t Indicate Unsafe Activities

Many users think they get viruses and other malware from hanging out in the “after-hours” areas of the internet. Pornography, gambling, and other questionable activities are assumed to cause malware. That’s less about technology and more about judgment. If you are doing something questionable, malware should be your punishment, right? Not necessarily. Assumptions like this lead to a false sense of security. “As long as I keep to safe areas, I’ll be fine.” It also creates conflict when people do get malware. I’ve seen employees unfairly fired because a computer got a virus. That’s not fair.

Ad Injection Problems

Legitimate sites like the New York Times and Yahoo get infected due to the convoluted way ads appear on websites. When you see an ad, it’s usually through an ad network. A website owner works with a company that takes care of advertising on the site. That network then contacts advertisers or other networks to find ads and then pays the website owner. The problem is that somewhere in that network, scammers place ads. For example, they might put an ad that your plugins are out of date, or you need to upgrade your browsers. These ads might only show for a few minutes or hours until the network shuts them down. That’s all it takes, though, to get infected.

Poisoned Ads and Search Results

One of the most dangerous websites on the Internet isn’t some pornography or free software company, but Google. Let’s say you’re having a problem with Gmail. Wouldn’t it be easy to call someone at Google?

When you search for “Gmail tech support” (Please don’t), every phone number you find isn’t for Google. Those companies are trying to offer you paid tech support. They’ll offer to download software to fix your problem or remote control your computer and fix the problem. Once you do that, your security is compromised. It’s not just Google; it’s any search engine. When you try downloading the latest version of iTunes, many third-party sites have installers riddled with adware or PUPS (Potentially Unwanted Programs). Google does a decent job of filtering those fake companies out–the only legitimate source of iTunes is Apple. If you look at these Yahoo results, the first one is an ad for another program that includes extra things besides iTunes (possibly malware, I’m not going to download it). The latest variation of this threat is fake browsers. They completely replace your browser and make you think they are an official version of Chrome instead of just being another piece of sophisticated malware.

Dangerous Emails

Even with super-safe and secure internet browsing, emails can lead you astray. The adage was “never open emails from people you don’t know.” That was true in the dial-up days (anyone watches Halt and Catch Fire?), but not today. Email passwords get compromised, and fake emails get sent out. I think everyone has gotten the email about a friend being stranded in a foreign country and needing money.

Just this week, I received an email from a “friend” telling me to click on the latest vacation pics. She did recently go on a trip, so I clicked it. Oops. It took me to a fake website, and a program started downloading. I called her to tell her the email was comprised. She used a hotel computer that was infected, and it stole her password.

Vulnerable Software

If you never browse the Internet or check your email but have it connected to the Internet, that’s enough to cause you problems. When you buy a new computer out of the box, it comes with software that needs updates. If you are security conscious, you do the updates to protect your system. That’s a problem. Along with those updates come automatically bundled crapware programs. For example, Java updates include the intrusive and annoying Ask Toolbar. Or, when updating Adobe Flash, it tries to sneak in a trial for something you don’t want. If you read the terms of service for the update, you can disable it. But, as the meme says, ain’t nobody got time for that. I’ll briefly mention the risks of Flash and the benefits of avoiding it: it’s a risk. Lenovo recently got caught installing software on new computers that comprised of owners’ security. That was a blatant and clear violation of user trust, but any bundled program can cause you problems.

What’s the Solution?

As Stefan pointed out, antiviruses suck. They create a layer between you and your computer. That’s intrusive but also necessary. Windows 8 and Windows 10 include Windows Defender. That’s a good baseline defense and stays unintrusive. In addition, Windows 7 users can download the equivalent version of Microsoft Security Essentials (check the licensing requirements). Programs like Malwarebytes for Mac and PC do an excellent job of removing threats but don’t always prevent them. However, Apple is great about coming up with security updates for the latest threats. Let’s assume you decide protection isn’t for you, and you want to browse the Internet. Then, there are a few ways you can avoid malware without running antivirus software all the time.

Unchecky

Those potentially unwanted programs are everywhere and install themselves by default. If you want to avoid remembering to read and uncheck options, Unchecky has you covered. It runs in the background and watches to make sure installers do what they say. As a result, they avoid too many extras.

Ninite

Another excellent site that lets you install free software in bulk and unchecks all the crapware and malware in the installers automatically is Ninite. We’ve covered Ninite in the past and have had years of success using it, especially when setting up a new PC.

Web Of Trust

Web of Trust is a browser extension that uses the classic green, yellow, and red lights to warn you of unsafe content. It installs in your browser of choice and tells you when a search result is a known hazardous site. If you stick to the green, you’ll be in the clean.

PatchMyPC

When you need a new version of a program or an update, searching for it might produce unsafe results. PatchMyPC scans your computer for traditional programs that are out of date. It then does the updates directly. If you want to add a program to your computer, check the name of the list. The program installs in batches and without intervention.

Enhanced Mitigation Experience Toolkit

EMET from Microsoft prevents a myriad of attacks. It won’t actively seek out problems like antiviruses or antimalware. However, it does prevent software programs from modifying your system using standard attack vectors.

Open DNS

OpenDNS replaces your ISP’s DNS server and creates a more protected surfing environment. It includes customized family security protection but also prevents you from going to sites known to cause problems. While I agree with Stefan that we don’t need protection against malware in an ideal world, the reality is a little bit different. It’s dangerous to go alone on the Internet; take this guide with a few tips. What’s your take? How do you protect your system against malware? Leave a comment below and tell us about it. Personally, my mom is 70 and I tell her to only use her IPad for these very reasons. Every time I went to her house for “dinner”…. I spent the first 2 hours cleaning all the crapware from it. I finally said – screw it! You are banned from a pc on the net. iPad only! Overall, it’s been a perfect solution to PC and Mac internet issues. Now, what are your thoughts? Is there something I should do n addition now that she’s online with an iPad only? Not normally in the mainstream apps however, one must still be careful. One reason I don’t like “Free” apps… Of course even there you can get a phishing scam. But, I’ve done a good job educating them about that and what to look out for. My mother recently fell for the “Microsoft Tech” who called her and said her computer was infected and her identity had been stolen. He then had her run a command on the system to “confirm” what was infected. The only thing that saved her was when she was transferred to their malware specialist, she called me on her mobile phone. So yeah, in some cases the telephone can be even more dangerous than an unpatched XP box! To our readers — remember, Microsoft does NOT call you, nor does Apple to tell you that your Phone, Computer, Tablet has been infected. Also, if you are called, get their name and phone # so you can call them back. That’s when most will probably hang up. For low-end older PCs, cloud antivirus is a possible alternative. Panda has a free version of it’s cloud antivirus. A good practice, is to not installing everything cracked (eg. from torrent trackers), if you don’t exactly know what are you doing. And of course, for sensitive actions (eg. for ibanking), you must have a Linux installation, or at least, a Live CD. As the last line of defense, common sense is a necessity. Just my 2 cents. G. It sounds like you were victim of the poisoned ads and search results. Sometimes the top search result is NOT the real program. Patch My PC prevents this problem. backed up with SAS and MBAM (Super AntiSpyware and Malwarebytes AntiMalware respectively) … and voila no Virus since 2000 (only started using Windows at around that time, other OS’s before that) btw. there is no mention of the usage of adblockers, which in my opinion are a must these days when one peruses the internet… PS: using a third party firewall, can also be of substantial help in curbing the little nasty critters that can maltreat a machine. Comment Name * Email *

Δ  Save my name and email and send me emails as new comments are made to this post.

Why Everyone Needs Protection Against Malware - 22Why Everyone Needs Protection Against Malware - 51Why Everyone Needs Protection Against Malware - 63Why Everyone Needs Protection Against Malware - 86Why Everyone Needs Protection Against Malware - 60Why Everyone Needs Protection Against Malware - 35Why Everyone Needs Protection Against Malware - 82