10 steps to make your PC safe for 2013 (fight Malware)
New malware continues to be introduced at an alarming rate, rising by approximately 5,000% in the last five years. Such growth rates would be a shareholder’s dream but in this case they are simply evidence of the immense profitability of the hacker industry. Your personal data, online connections or even access to your PC make the cash registers ring. This makes it more and more lucrative for resourceful programmers to develop increasingly sophisticated and less easily detected malware. However there’s no need to panic, as we’ll show you in this article how to avoid unnecessary risks and prepare your computer to surf the web safely in 2013!
1 – Keep Your System up-to-date
While it’s true that update notifications can be irritating, it is nevertheless important that your PC and all installed programs remain up-to-date. Malware programmers often use newly discovered software weaknesses (so-called “vulnerabilities”) to smuggle their malware onto your PC via exploits. Therefore it is pertinent to update your software regularly (especially if it is popular) in order to close potential security holes as soon as possible. In particular, the following software on your PC should always be kept up-to-date:
OS (Windows operating system)
Your browser: MS Internet Explorer, Firefox, Chrome, Opera, etc.
Adobe Acrobat Reader
Adobe Flash Player
Apple Quicktime Video Player
Your media player (VLC, iTunes, Windows Media Player)
2 – Use Secure Passwords
Use safe password Even if your PC is as secure as a safe, this is useless if an unauthorized person gets their hands on the keys. Regardless of whether it’s your Windows login, your email account or a website login: always use secure passwords! A secure password consists of at least eight characters and contains a number, an uppercase letter and a special character, such as “ApL47bAk!”. Avoid commonly used words and names and create different passwords for each of your accounts or logins. If you use the same password everywhere and a hacker gets their hands on it, they can instantly gain access to all of your data. To keep track of multiple passwords, we recommend using a password manager.
3 – Use a Router
It’s common these days for Internet connection packages to include a router. A router enables several devices to simultaneously use the same Internet connection. From a security perspective this is a huge advantage, as your PC isn’t connected directly to the Internet which makes it difficult to directly address and attack it. If, for whatever reason, you still don’t have a router, you should consider it a good investment. The same rules apply to your router – always keep it up-to-date with regular firmware updates and use a secure admin password.
4 – Avoid File Sharing Websites
Besides the fact that they mostly offer illegal content, file sharing websites are among the most common sources of malware infections. Cracked programs or so-called key generators (“keygens”) in particular, are often infected with malware. It is safer to download software from the manufacturer’s website or from a well known download portal.
5 – Use Restricted User Accounts
Many Windows users use the administrator account. As an administrator, you have unrestricted access to all aspects of the system, which allows malware executed as an administrator to spread with ease. If you have Windows XP you should use an account with restricted user rights for working and browsing the web. Windows Vista, 7 and 8 come with a built-in and redesigned User Account Control (UAC). Any process likely to cause damage or be a threat to the security of your system needs the administrator’s permission to do so. Never grant administrator rights to any unknown or suspicious programs!
6 – Avoid Dubious Websites and E-mail Attachments
Today, most malware is spread via so-called “drive-by downloads”. Modern websites use technologies that enable continuous communication between your browser and the web server without asking you, the user, for confirmation. Programmers of criminal websites rely on this technology to take advantage of security weaknesses in various browsers. We recommend staying away from any questionable or shady websites (particularly those that offer file sharing, warez or adult content) and to keep your browser up-to-date as described in point 1.
E-mail attachments are another popular way of spreading malware. Use of a good spam filter is the most effective solution. Always remain wary of e-mails from unknown senders and pay particular attention to any attachments before opening them; executable files like .exe are often disguised as documents or images. E-mails with password-protected zip archives attached almost always contain malware and can’t be checked by virus scanners due to the password protection. For more information on this topic and fake e-mails please refer to our article Current E-mail traps.
7 – Use WiFi with caution
Use WiFi securely There are many public WiFi hotspots available free of charge that allow you to check your e-mails and surf the Internet when you are using your laptop or smartphone away from home. However, whenever you log into a website or check your e-mails via an unsecured WiFi connection, others can read your log-in data. When using public WiFi hotspots, avoid sending confidential data unless it is absolutely necessary, and even then only over a secure connection!
You can recognize a secure connection to a site by the presence of “https://” in the address bar (HTTPS = Hypertext Transfer Protocol Secure). Look for this when logging in to online banking sites, forums, webmail, ebay or Facebook – in general, for any login. If you use an e-mail program, you should enable secure authentication within the software itself. Comprehensive tips on how to use WiFi networks securely can be found in Emsisoft’s knowledgebase: How to use your WiFi securely and efficiently at home and on the go.
8 – Beware of download wrappers and preselected check boxes
After downloading useful software from the web, you may often find a new browser or toolbar has unexpectedly appeared on your PC. This is generally due to lack of attention while rapidly clicking on “Next” during installation. Unfortunately many companies have moved to bundle their software with other programs due to financial reasons. Confirmation should be required at installation time, however the corresponding check boxes are generally preselected, meaning you must untick them in order to avoid installing the additional software. Bear in mind that each program installed on your PC not only consumes hard drive space as well as system resources, but also represents a potential source of risk through exploits.
Download wrappers are even more insidious. Some download portals resort to them to download the intended target file. Hence you receive the download wrapper first instead of the desired file. The wrapper then downloads the desired software onto your PC. This allows annoying banner ads to be displayed during the download and installation, and may even aggressively trick you into downloading other software or toolbars that you don’t want. As if this isn’t already bad enough, this practice leaves the door wide open to hackers. Therefore it’s crucial that you pay close attention when downloading and installing as explained in our article on download wrappers.
9 – Exercise particular caution with online banking
Use Online Banking securely Internet users are generally more conscious of the risks of online banking than any other online service. This isn’t surprising, because if criminals get their hands on your login details or even worse your TAN numbers (one-time passwords used in many countries), they can easily empty your account from anywhere in the world. Unfortunately this may happen faster than you think if you don’t use good security software.
Even secure connections are of no use against “man-in-the-browser” attacks. Careful browsing is not sufficient either, as your PC can be infected via compromised ad networks on regular websites. For a good overview of the potential risks, please refer to the article Dangers to your bank account – How to perform online banking securely. Incidentally, Emsisoft Anti-Malware has recently been awarded for its excellent protection in online banking. Only 4 out of 32 tested programs passed, with Emsisoft Anti-Malware in the lead.
10 – Use Security Software With Real-Time Protection
If you have followed our advice so far, you will already be quite well protected, however there is always a small risk remaining. Therefore we recommend the use of anti-virus software and a firewall. An anti-virus program scans files on your PC whereas a firewall monitors any incoming and outgoing connections. If there are any suspicious processes, you will receive an alert warning you about the risk.
Both programs should provide real-time protection. Regular scans with a virus scanner are of course important, but they can only detect existing malware infections and may not always be able to remove them. Emsisoft’s behavior blocker, on the other hand, is always active and works in a similar way to your body’s immune system, by recognizing suspicious intruders even if there are no antibodies (virus signatures) yet. Emsisoft Internet Security Pack contains Emsisoft Anti-Malware, a state-of-the-art virus scanner with behavior analysis and file guard, and the powerful Emsisoft Online Armor Firewall. Our security pack provides quadruple protection for your PC to ensure your safety in 2013.
Have a nice (malware-free) day!