What Malware Needs to Thrive
According to the AV-TEST Institute, more than 390,000 new pieces of malware are detected each day. The sheer number of malicious programs gives hackers an ample opportunity to pick and choose their targets. Users often make the same common mistakes that are easily exploited. Here is a rundown of the top 10 mistakes users make and how to avoid them to keep you and your network safe.
1) Clicking Questionable Links
As noted by Inc., users often get caught in the trap of "oddball" sites through virtual word of mouth, or when downloading music or grabbing free photos. Clicking on a questionable link can add malware to your system that could give away access to your personal information, including bank accounts and credit card numbers. To stay safe, always stick to reputable sites before you click through. Generally the most secure links will appear at the top of any Google search, but if you're ever in doubt don't click the link.
2) Using Unknown Flash Drives
Backing-up your files and your system is important, but always be careful when inserting someone else's flash or USB drive into your computer. External drives can be filled with malware, and all it takes is for one well-placed "left behind" drive to infect an entire network. The bottom line: If it's not your device, don't use it. Scan your device regularly for viruses and other malicious programs to make sure that you don't infect any other machines.
3) Downloading Unsolicited Antivirus Software
Everyone has stumbled upon a pop-up warning that your PC will be at risk unless you download free antivirus software immediately. Hackers are experts at getting you to download files before you know what's happening, and one of their favorite tricks is to pretend their infectious code is actually a virus-scanning program to help you defend against online threats. However, clicking on this malware could actually block your computer from using legitimate antivirus solutions. Always make sure your antivirus software is always up to date with a pop-up blocker to keep unsafe links from appearing on your screen.
4) Leaving Your Webcam Open to Attack
As reported in the Daily Mail, webcam hacks can be a scary violation of your privacy. A certain type of malware gives an attacker remote access to your computer and the ability to enable your webcam. Your computer's camera isn't protected in the same way as other network-enabled devices, so learn the telltale signs that your camera is on (and potentially recording)—usually a light will appear. Simply placing a piece of tape over the camera isn't enough, since it doesn't block audio, and make sure you know how to disable it.
5) Using the Same Password without the Two -Factor Authentication
When you make all of your passwords for e-commerce, banking and government websites the same, you're really making a hacker's day. This so-called "daisy chaining" allows all of your accounts to be compromised by breaking into just one. Make sure you have multiple passwords for your various accounts, and try out new variations every six months or so. While it may be difficult to remember so many passwords, it's well worth avoiding the giant headache and trail of identity theft that can follow if an attacker gains access to all of your accounts.
6) Using Weak Passwords
When you use multiple passwords that are not complex enough, you expose yourself to the risk of bruteforce attacks. It is a kind of attack when an attacker is using special software to guess the password for your account. The shorter and simpler password you use, the sooner a hacker will guess it.
7) Procrastinating on Software Updates
Dragging your feet on installing necessary updates (for programs like Windows, Java, Flash and Office) is a misstep that can help cybercriminals gain access. Even with solid antivirus programs in place, big security holes in popular programs can leave you vulnerable to attack. As noted by V3, for example, Microsoft recently rolled out patch MS15-081, which addresses several vulnerabilities in Office. By not downloading the update, you are missing out on the patch, and leaving your system open to an attack and potential data breach.
8) Answering Phishing Emails
As reported by the Canadian government's Get Cyber Safe site, 80,000 users fall for phishing scams every day. The next time you get a phishing email—one that says you've won the lottery, need to "click here" to avoid IRS fines or to see a "shocking video"—delete it immediately. Most email systems have spam filters to catch these messages, but always check the sender (not just the name, but also the email address) and make sure it's a trusted contact before clicking on any link you receive over email.
9) Disabling User Account Control Features
Windows User Account Control (UAC) features can be annoying, and it may seem that simply disabling the notifications is an easy way to make them go away. However, these are important, as they let you know when changes are happening on your computer and put you in control of updates. If you disable the notifications, you're basically giving hackers a blank check, since they'll be able to make changes to your computer without your permission, and thus will gain access to your files.
10) Using Public WiFi
Don't ever use any public WiFi network to access your personal information. These networks are often not secure, and even worse, they could be a trap. Bad guys know that users expect to see a network called "Coffeshop WiFi" when they stop in at the local cafe for a hot drink, and create a tempting, malware-laden access point for anyone who's willing to join. As soon as you join the network, you could be giving a hacker access to passwords and other personal data. Want to pay bills or check on your tax return? Do it from home where you know your network is safe.
Bonus! Clicking Shortlinks
Long links that don't fit nicely into Facebook updates or Tweets are often shortened to just a few characters, which renders the website's URL invisible. Clicking on a shortlink means you don't know where you're headed, and could be clicking on malware. To avoid this trap, use a browser with link previews, which show the webpage's title and description, and a thumbnail image, so you know what's coming before you click. If it doesn't look legit, then don't click through.
Users make computer security mistakes all the time and hackers are more than happy to take advantage of it! But knowledge is power—know their favorites and don't give them the satisfaction, or access to your personal information, files, or data.
Other articles and links related to mobile malware