How to Prevent Malware
Malware presents a significant risk to you, your computer, and your data. Different forms of malware can do such things as steal your login credentials to your financial institution and social networking sites, turn your computer into a zombie or bot, or even hold your computer and its data ransom. There are roughly 400,000 new versions of malware released every day that are designed to do these types of things and it is important that you learn the steps that you can take to prevent malware from taking over your system. In order to stand a chance against this onslaught, you must be informed of the dangers so that you can take the steps necessary to protect yourself.
Whether you just learned how to remove malware and are want to prevent it from happening again, or you simply want to remain infection-free, this guide will show you how to prevent malware.
It goes without saying that you need an antivirus program on your computer. There is more to it than that however – simply having an antivirus program on your computer does nothing other than provide a false sense of security. You need to make sure that you are using a good antivirus program and that you are keeping it updated. The vast majority of antivirus programs you can use now are configured to update themselves automatically, but you should confirm this in your settings. The next most important thing you can do with your antivirus program is to set it up to scan your computer on a regular basis. While you are in settings for your program, set it up to scan your computer at least once per week. Don’t worry, you won’t have to do anything after that to trigger the scan.
A good, modern antivirus program will not only scan your computer and remove the malware that it finds, but it will also be proactive. As you go about your business, your antivirus is proactively looking for known malware or pieces of code that behave similar to known malware patterns and will alert you if it identifies anything suspicious. You need to remember however that there are roughly 400,000 new forms of malware created every day, and even the best antivirus program is not infallible. Malware can get through. Malware only needs to work a small percentage of time to be effective – antivirus programs need to work 100% of the time to be truly effective. That is why having a multi-layered security approach is considered the best practice (particularly when combined with secure computing habits). It would also be a good idea to periodically scan your computer with another program to ensure that your computer remains free from malware.
Software is incredibly complex and modern software development typically entails the usage of several third party libraries of code to provide functionality that the software makers aren’t entirely familiar with. This complexity leaves many doors open for malware to find a way into your computer, but luckily, most software is updated on a somewhat regular basis to address security concerns and add features. The addition of features to a program creates more opportunities for malware authors to find ways to infect your system. It is a never-ending cycle to be honest. This is why it is crucial that you update your software on a regular basis.
The most important update you can do is to ensure that Windows is updating itself automatically and installing these updates for you. On Patch Tuesday (and occasionally, out of cycle) every month, Microsoft will release a batch of fixes for their software. You can set up your computer to download and install these updates automatically without any intervention on your part if you would like – and I recommend this. Many of these fixes are for security issues and will help to keep you secure as you use your computer. Apple and Linux have similar functionality built into their systems as well.
Turning On Automatic Updating in Windows, OS X, and Linux
To turn on automatic updates for Windows (this is turned on by default):
- Click the Windows icon and type Update
- Select Windows Update
- Select Choose how updates get installed (Windows 8+)
- In the dropdown menu, select Install updates automatically
- Click Apply
To turn on automatic updates for Mac OS X(this is turned on by default):
- Go to System Preferences – App Store
- Ensure that the Automatically check for updates checkbox is checked
- Ensure that the Install app updates checkbox is checked
- Ensure that the Install system data files and security updates checkbox is checked
- I would recommend also selecting the Automatically download apps purchased on other Macs
- Go ahead and click Check Now
To turn on automatic updates for Linux (this example is for Ubuntu):
- Go to the Ubuntu Software Center
- Go to Edit – Software Sources
- On the Updates tab, in the Automatically check for updates dropdown, select Always
- Ensure that the following are checked under the Install updates from section: (Important security updates, Recommended updates)
- Click Close
You should keep all of your other programs up to date on your computer as well. This will go a long way towards keeping you and your computer safe and malware free.
Don’t Use Java…or Flash
While Microsoft Windows gets a bad rap for security (particularly unfairly since Windows 7), the vast majority of computer vulnerabilities are tied to third party applications and frameworks. These provide attackers an easy way into your system as they aren’t developed with the same methods and testing that code such as Windows or Office goes through. Perhaps the worst offender available is Java. It has been a long-standing practice to go after the Adobe products (such as Flash and Acrobat Reader), but Adobe has put forth considerable effort to employ a software development lifecycle that is focused on security. They have made incredible strides, but they are still a long ways off from being security hardened. I recommend not using Flash on your computer at all, and if you already have Acrobat Reader, you are probably OK (as long as you keep it updated), but if you don’t, then I would not install it. This holds true for any browser plugin for Chrome, Firefox, Opera, or Internet Explorer.
Oracle however, has not done a good job of securing Java. Java is terribly insecure and using it leaves you a sitting duck on the internet. Unless you have a specific reason to use Java, don’t use it. If you have it installed, uninstall it from your computer. Almost assuredly, you will not miss it.
Use the Internet More Safely
Learning how to prevent malware means that you will also learn some behaviors and actions that you can do to keep safe online. The best defense you have against malware is to not download it in the first place. This is the most common way to become infected and you should follow these recommendations to help protect yourself, your computer, and your data. The following is a list of things you can do to prevent malware:
- Only download programs from trusted sites. Do not – under any circumstances – download software from Download.com. I mean it. It is a horrible abomination and you will get malware on your computer – guaranteed. If at all possible, download the program directly from the authors website or from their github page.
- Pay attention when installing programs to the steps and agreements that you make as you click next. It has become increasingly difficult to monetize smaller programs, and this has forced many authors to bundle add-on programs or toolbars with their installer in order to generate extra revenue for themselves. While I am all for programmers getting paid (it is a difficult job!) I recommend clicking the Advanced option whenever it is offered as it will usually provide you with a method to not install the add-on malware or bloatware.
- Never close a dialog box or popup window by clicking on the word “OK” or “Agree” or even the word “No”. It is trivial for a programmer to bind an agreement statement to any button they like (or to all of the available buttons), and you can’t always trust them. You should instead close the window by clicking on the red X in the upper right corner of the window or use the keyboard combination Alt+F4.
- Don’t click on any weird links that you receive in your email, on Facebook, or on Twitter. Don’t click on a shortened url from someone that you don’t know and trust. Even if a message appears to come from your mom or friend, it is easy to spoof this information. Use common sense.
- If you want to really step up your security, it is good practice to use a standard user account rather than an administrator account. Using a standard user account will allow you to do almost anything that you can do with an administrator account and shouldn’t impact your day-to-day use of your computer. It will, however, prevent malware from installing itself on your system without your knowledge or secretly changing your security settings. This will dramatically improve the security of your computer.