• Call us on +44 1986 232040 or
  • Email enquiries@microdata.systems

Blog

Avoiding malware

Malware is an abbreviated form of "malicious software". It is software that may find its way onto your computer with the intention of allowing unauthorised access, disrupting operation, stealing information or causing damage to your computer. In this brief article, you will find some ideas on how to avoid inadvertently installing malware on your computer.

Why should I worry about malware?

There are several reasons why you should be concerned. The list below is not exhaustive, but should be enough to persuade you that malware is a concern for any computer user.

  • Malware could actively be damaging data on your computer, without you even knowing it. Only when the damage becomes significant enough may you become aware of its existence.
  • Some malware allows your computer to be controlled by other people, who construct large interconnected systems containing thousands of computers and use these to disrupt operation of the Internet. Being a good citizen on the Internet means preventing your computer from being used in this way.
  • Personal data, such as credit card details, passwords, contact names, images etc, that is not properly secured can be stolen by malware. This may be used to defraud you if someone can use this information directly, or impersonate you or someone that you know.
  • At the very least, malware operating on your computer may cause it to slow down or operate unreliably.

Keep your computer up to date

Your computer would not work without a piece of software called the "operating system". Put simply, this software controls your computer and also includes some built in programs that allow you to interact with it. It will often also include applications that allow you to browse the Internet, edit documents, and send and receive emails. It is very important that you keep this software up to date. Vulnerabilities are found in software constantly and vendors work hard to remove these and ensure that your computer is operating properly.

Malware does not always need your permission to be installed, depending on how your computer is configured and how up to date your browser and its plug-ins are. Ensuring that your web browser and any installed plug-ins will help reduce the likelihood of a vulnerability allowing malware to be installed without your knowledge.

Are you still using Windows® XP or another unsupported operating system? If so, consider switching to a newer operating system. Unsupported operating systems will receive no further security updates so if your computer is accessible on the Internet there may be vulnerabilities that may be exploited. As time goes by, the number of vulnerabilities increases and the risk of a malware attack worsens. Whilst firewalls and anti-virus software may help, it is possible that unsupported operating systems may still be at risk and at some point in time, the security software vendors may withdraw support.

Remove unused software

Any software that you no longer use should really be removed. This will free up some disk space and may also help improve performance if that software has any persistent components that start up with the computer and provide some form of continued service. Any software running on a computer can potentially increase the "attack surface" available to malware, so only run the software that you need to. Watch out for software such as Adobe® Flash® and Java®. These receive constant security updates (see the previous section). Sometimes they are not required on your computer so can be safely removed.

Technical support

Trusting the right company with technical support provision is important. There are many technical support scams, some very creative. Many support companies use software to allow them to control your computer. What is their policy regarding such software? How often do they update it (both on their systems and their clients' computers)?

Be wary of technical support calls. If someone calls you claiming to be from Microsoft® or another major company, can you be sure it is them? It is very unlikely that you will be called about a problem that your computer has so treat any incoming call about your computer as a potential attempt to lure or frighten you into allowing someone to install malware on your computer, or to obtain money by deception. If in doubt, call a trusted advisor. If you have just received a call, don't make an outbound call immediately after on the same phone. At the time of writing this article, it may be possible to hold your line open and make you think you are making a call but you are in fact still connected to the original caller. Plans are afoot to change this, but it has not yet been implemented by all telephone providers.

Enable "click-to-play" browser plug-ins, or ad blockers.

Many people use an ad blocker to remove unwanted ads on web pages that they view. Since adverts are a way that a web site provider may seek to obtain funding for the site operating costs, you may reasonably consider that viewing ads is something that at least provides the site operator with some income. Be aware, though, that some adverts may be malicious and can be served on any site, including the popular ones. At the very least installing a "click to play" plug in will prevent these from automatically running. If your browser supports such a feature, consider enabling it.

Read emails carefully and don't blindly click links

Emails often arrive with content that looks quite genuine. They may appear to be from your bank or credit card provider, or from another service that may have access to your personal data. Read these carefully. How well structured is the language. Are there many spelling mistakes? If you mouse over the links, does your web browser or email client show where you will be taken? If so, does the link look legitimate. Read it carefully. Often the links contain almost invisible mistakes, such as transposed letters so click with care. Even better, don't click them at all. It is best if ever an email asks you to take action that you visit the site directly by opening a private browser window and logging in directly to the site. Links in emails may take you to sites that appear genuine but are not. If the site contains new exploits that take advantage of new vulnerabilities (often called zero-day exploits) not even your operating system or anti-virus software will help in some situations.

Use a non-privileged account on your computer

Many people are using their computer as an administrative user. They may also be connected to a network as a user with unlimited access. This is a recipe for disaster if you inadvertently install malware. Always keep the administration account on your computer for just administering the computer or network and have a daily use account that is just a standard user. This will limit the ability of malware to be installed and cause damage in many instances. Also, by keeping backups of your data secured away from standard users, at the very least you can reduce the risk of the damage being caused to the backup.

If prompted for administrative rights, think carefully why that prompt may be happening. Did you specifically request something that only an administrator would do (such as install software for all users)? If not, it could be a sign that you have been exposed to an attempt to install malware.

Final words

The above is just an introduction to the topic and should not be taken to be complete coverage of the subject area. If having read the above, you are still unsure, do some more research yourself or hire an expert to help. We do hope that this has proved a useful set of guidelines for you.

Micro Data Systems Ltd
60 Blakestone Drive,
Thorpe St Andrew,
Norwich,
Norfolk,
NR7 0LF.

Tel: +44 1986 232040
Email: enquiries@microdata.systems