Information about Malware, Viruses, and Spyware

#1 Cause: Bad Judgment

We were working on a computer belonging to a Mom of an eight year old daughter whom downloaded and installed a free game where one could pretend to be a veterinarian and care for animals. We saw the website where the game was downloaded, and noted that it looked very legitimate. Nevertheless, the game also secretly installed software that was designed to monitor the families Internet activity (called a keylogger) and then invisibly transmitted that information back to the thief. After we cleaned up things, we suggested to the parent that she enforce a policy of only downloading software from sites that were known to be safe, such as Disney, Nickelodeon, or Sesame Street. It is believed that these household names are not going to put infectious material on their website for anyone to download. But if one would just search “free games” and download something from someone they did not know it’s not much different than letting a stranger through the front door. Unless it’s from a source you know and trust, don’t let it into your life.

The bottom line is this. The bad guys are very clever. They will make free games, screen savers, coupon tool bars, free programs that promise to “fix” your computer, and lace them with infectious material. Why? It’s almost always financially motivated. For example, a coupon toolbar that promises to save someone thousands also contains a fake anti-virus program that attempts to trick one into believing that they have hundreds of problems with their PC that legitimately do not exist. According to the program, when one purchases the software, everything returns back to normal. Just enter the credit card information. We greatly discourage this.

Does this mean that all free software, like coupon toolbars, are off limits? No. You should feel very comfortable installing software downloaded from Kroger or Kraft for example. The moral of the story is that we ought to exercise good judgment and trust only those sites we know have too much to risk in making malicious software available to download from their websites.

#2 Cause: Peer To Peer Programs

Although installing a Peer to Peer program (P2P) certainly falls under the “Bad Judgment” category above, since it is so prevalent and overwhelmingly damaging, it deserves its own special discussion. Any program that allows your computer to be connected to someone else’s should be discouraged, regardless of what it is called. Limewire, Bear Share, Frostwire, BitTorrent, Santa Clause or Easter Bunny. Again, if it allows you to connect to another computer and exchange files, you will eventually infect your machine.

The programs themselves are not infectious, but the files you obtain from a strangers machine probably will be. People usually use these P2P programs to obtain music and videos without paying for them. Most every machine we work on with a P2P program will be infected.

#3 Cause: Lack of protection

An ounce of prevention is worth a pound of cure. We work on infected machines all the time that are completely unprotected or without updated protection. We recommend two programs called Avast Anti-Virus / Anti-Spyware and Malwarebytes.

We like Avast because it updates and runs daily scans automatically. We like Malwarebytes (the full version) because it prevents us from accidentally visiting a 'drive-by site'.

Downloads

#4  Cause: Failure to Update

Here’s an example of how the criminal mind might operate. The criminal works at finding a way to infiltrate the Windows operating system. Microsoft discovers this and issues an update. You receive a notification that the update exists in the lower right hand corner of your screen, which you click and install. If you don’t, you may be vulnerable.

The criminal mind gets discouraged at fighting Microsoft, and starts to target other pieces of software that they know will exist on the largest majority of computers, such as Java and Adobe Flash. If you’re reading this now, you probably have Java and Flash installed. The criminal works at finding a way to infiltrate Flash, for example. Adobe discovers this and issues an update. You receive a notification that the update exists in the lower right hand corner of your screen, which you click and install. If you don’t, you may be vulnerable.

We work on machines everyday that were infected through an outdated version of Java or Flash being exploited by a website. If you are afraid to click on those little bubbles that pop up reminding you to update, you are not alone. Here’s where we’ve posted links to the respective, legitimate sources of updates. We call this "going to the front door" of the software vendor.

#5 Cause: Drive-By Websites

A drive-by website is a site that will infect us simply by visiting. You do not have to click on anything or download anything. Just visit it. One might think that a drive-by site would have to be something of suspect, like pornography or gambling. That’s just not the case. We have clients who have been researching cheesecake recipes, making travel arrangements and researching autism and have been infected.

Keeping our software up–to-date helps, but ultimately we recommend Malwarebytes (the full version) as it is very effective in preventing our clients from accidentally visiting one of these sites in the first place. It’s like a good parent; it doesn't ask politely if you would like to visit the site. The answer is just “no”. Malwarebytes will not let you go no matter how hard our client might try.

#6 Cause: Emails

Many of the emails that I personally have received that are dangerous contain links that claim to take me to one place, but really go somewhere else, such as a 'drive-by site'. For example, we received an email informing us an order we made with Amazon was canceled. It looked very legitimate, as there were Amazon logos, and a link one could click on to check the status of 'My Account'. Only when you clicked on 'My Account', you weren’t going to Amazon. So use good judgment. Go to the Amazon site from your browser instead, by entering www.amazon.com in the address bar, and check on your account yourself. This is what we call 'going to the front door'.

Don’t click on emails from people you don’t know, and even if you do know them be especially wary of emails with attachments.