How Do Computers Get Infected with Viruses

Everyone knows the warnings they get about viruses. Don’t open weird emails. Update your software. But those are pretty abstract and don’t explain the real dangers to watch out for.

How do infections really happen?

You get tricked

“But I’m too smart to get tricked.” 
– You

Most infections are by people downloading and running the virus themselves. I’ve seen very smart, seasoned professionals fall for all kinds of schemes. For example:

  • In email attachments that say they’re invoices, parking tickets, or legal judgements
  • A website will say you need to update software in order to use it
  • Part of other programs you download and run from unreputable sites
  • You’re told you have an infection and you need to do something to fix it
  • Trying to use stolen software. This is a huge way people get infected because criminals know that it’s a super easy way to get people to run untrustworthy software
  • Some viruses, when they infect computers, will email themselves to everyone on someone’s address list. You can’t trust even files you get from friends unless you were expecting them and the email makes sense. Feel free to reply back and ask

The first rule is that you don’t download or agree to run software that isn’t something that you were specifically looking for.
The software you do get must be from a link on the original company’s website.
When you do install software, make sure you read every option it gives you. 

Your antivirus saying something isn’t a virus doesn’t mean anything.

You get kit’d

There are specially designed web pages that test your computer for lots of outdated software, and if it finds some, it uses known programming errors in those programs to infect your computer – usually in seconds and without you doing anything. These are called exploit kits and they are big business.

Criminals hack other sites or use malicious advertisements to redirect your browser to them. This happens even on big sites, where it’s called malvertisingYou don’t have to go looking, these infections come to you.

They also send these links in emails and messages on social networking sites.

Usually you are protected if you keep your software up to date. 

You get 0day’d

Hackers will sometimes discover a programming flaw and, rather than report it to the developer of the program, use it against people. This kind of flaw is called a “zero-day” because users of the affected program had zero days to deploy a fix before they got infected.

These are rare, but it’s one way criminals can get in. This is why you don’t open email attachments or office documents you didn’t specifically ask for.

Advertisements

Configuring a Windows computer from the ground up for security and stability – Part 4: Securing Other Software

Securing Other Software

Adobe Reader DC

Adobe Reader is actually pretty safe if you have the full suite of security settings turned on. In the case of Adobe Reader DC, there’s just one setting you need to change:

Edit > Preferences > Security (Enhanced) > Protected View > Files from potentially unsafe locations

Install Anti-Exploit

If a hacker finds a way to exploit an application like Chrome to load a virus, how do you stop that? Antivirus isn’t the answer, often the attacks they put on your computer are brand-new that haven’t never seen before. You need something proactive.

There are three products on the market that stop hacker exploits against desktop computers: Microsoft EMETMalwarebytes Anti-Exploit, and HitmanPro.Alert.

EMET is designed for corporations with a dedicated security person to keep it updated and troubleshoot any rare problems it can cause. Malwarebytes Anti-Exploit is smarter about protecting specific common programs, but only protects browsers unless you pay $25 a year. HitmanPro.Alert has advanced protections, but it includes aggressive experimental features and costs $25 a year.

If you use your computer only for browsing and gaming and want something free, Malwarebytes Anti-Exploit Free is probably your best choice. If you install it, go into the settings and turn off the message about when it engages. I pay for the Premium version which also protects media players, PDF readers, and Office.

If you use your computer for business and want something free, Microsoft EMET is probably your best choice. Just make sure you periodically make sure you’re running the latest version and be careful if you use Microsoft Office add-ins like SalesForce for Outlook. Do not use EMET on Chrome, this is not supported by Google. Instead, you will focus on protecting PDF readers and Office.

I do not have enough experience with HitmanPro.Alert to give any advice at this time.

14.) Install GlassWire Firewall

Want to get alerts when programs start communicating with the net, and find out when they change versions? This is basically impossible in a usable way, except for GlassWire. Note that it stores historical traffic history to help you manage bandwidth usage. This data stays on your computer and gets cleared after 30 days. If bandwidth history is not valuable to you, you can turn that off by going into “Incognito Mode.”

Install GlassWire

The paid version of GlassWire ($50 one-time) includes webcam and microphone alerts if they’re turned on.

Configuring a Windows computer from the ground up for security and stability – Part 3: The Browser Is Your OS

Part 3: The Browser Is Your OS

This section is dedicated to installing and configuring Google Chrome. Chrome is the most secure browser due to its strong sandbox technology that prevents malware escape and its very fast updating to fix problems. Firefox lacks the sandbox, and Microsoft Edge users have to wait for Microsoft to certify changes. Chrome is far more flexible.

9.) Install Google Chrome x64 Machine-Wide

Installing Chrome the normal way will give you a per-user, 32-bit install. This means the Chrome executables are in your profile and can be modified by a malicious program, and it doesn’t have extra security that Google only bakes into their Chrome 64bit version. In conversations with Chrome engineers, this is the version they recommend as being more resilient to attack and interference from other programs on your machine.

On this page, click “Download Chrome 64-bit MSI Package” and install.

If you already have Chrome installed, this will change it for you.

10.) Set Flash click-to-play

Adobe Flash was a technology widely required to play videos and games on the web in the early 2000’s. However, it is largely phased out because it slows browsing down and is a massive security hole. Most computer attacks come through Flash. Turning it off fixes all these problems. If for some reason a website needs it, you can quickly turn it on.

How to enable click-to-play for Flash

11.) Install uBlock Origin

The majority of web attacks come through malicious advertisements purchased by criminals and displayed on mainstream websites. You don’t have to be in a scummy part of the web, you can go to Forbes.com and get a malvertisement.

uBlock Origin is the fastest, most complete, and most reputable adblocking software available.

12.) Install HTTPS Everywhere

The EFF, a privacy advocacy organization, publishes a browser extension that automatically switches websites to HTTPS, which prevents people seeing what you’re doing, or messing with what appears on the page. This is critical for laptop users, and even desktop users benefit.

HTTPS Everywhere

For more information see our  website @ http://www.cans.scot