Common Security Do’s and Don’ts


I deal with viruses, ransomware, adware, spyware, botnets, and Russian hackers every day for a living. Here’s the most common ways to screw up your computer, and the best ways to prevent it.


  • Don’t open unexpected emails containing attachments regardless of who sent it.
    • This is how most Ransomware is spread.
    • Hackers can use .zip, .exe, .bat, .com, .msi, .cmd… etc. There are over 50 file types that can contain malware.
    • IF YOU WEREN’T EXPECTING IT, DON’T OPEN IT!
    • If you get an email with an attachment you weren’t expecting, call the sender and verify that they sent the email!

Here’s an example email containing a Ransomware attachment

 

  • Do run a virus scanner on all email attachments before you open them.
    • Even legit files can have malware piggyback on top of it.
    • Download, but do not open the file.
    • Right click on it, and select “Scan with…” whatever AntiVirus you have installed.

Like this:

  • Don’t blindly click through the installation process of any “free” software downloaded from the internet.
    • Often “Free” software will include check boxes to install “Optional” applications
    • These other applications can slow your system down, steal your data, advertise to you, or even take control of your computer.
  • Do scan each step for a check box that indicates permission to install additional software.
    • Read each step of a program’s installation process. It can take some time, but will save you a lot of headache in the long run.
    • If a program lets you customize the installation options, do it, and only install the features you need.

It will look like this:

 

Or this:

 

  • Don’t install random “free” PC tools, like Virus Scanners, Driver Utilities, coupon apps, etc…
    • Most “Free” Scanners and Anti-Virus programs are actually Malware.
    • Even if a “Free” application is not malicious itself, it may silently download and install additional software that will harm your computer or spy on you. (Like Java and Ask.com)
  • Do download and install Anti Virus and Anti Malware programs from reputable software vendors.
    • Names to trust: AVG, Avast!, Kaspersky, Panda, BitDefender, Avira, Malware Bytes (But don’t just trust the logo! We’ll get to this later…)
    • Norton and McAfee are not as good as they used to be! Don’t use their “Free” versions. Basically all they do is slow your computer down and use scare tactics to get you to pay for the full version, but don’t actually stop any malware.

Here are some of their scare tactics:

  • Don’t trust that a website or product is real just because it looks real.
    • If you need to download a new program, don’t just click the first page in search results, as this is usually an advertisement.
    • Advertisements can lead to sites that look authentic, but are actually spoofed versions of real sites.
    • Spoofed Sites can make you download malware, steal your information, and cause all sorts of problems.
  • Do type in the name of the company’s web address in the URL bar.
    • Instead of searching Yahoo or Bing for “Free Anti Virus,” just type in www.Avast.com or www.Kaspersky.com into the web browser’s URL bar.
    • Make sure the URL is real, not spoofed.
    • Always err on the side of caution. If it seems fishy, it’s probably a scam.

Spoofed sites can look like this:

Or this:

  • Don’t believe advertisements, or random pop ups telling you your machine is infected.
    • Often advertisements will redirect you to a page saying your computer has been compromised, and that you must either download their software or pay them money to fix it.
    • Another common tactic is saying that illegal material has been found on your computer and you must pay the FBI money to unlock your machine.
    • Scammers may even call your home or office to tell you that your machine has been compromised

Like this fake Blue Screen of Death:

  • Do the oldest trick in the book – turn it off and back on again.
    • Don’t worry about scary warning messages, and don’t give in to their demands!
    • If, after restarting your machine, you still get warning messages saying that you need to pay money or download software, call Shreveport Fix IT for a full Virus and Malware scan.
  • No Brainers
    • Run Windows Updates! They fix problems and patch security holes. They almost never break things. (Almost never…)
    • Don’t turn off or bypass your Firewall! Firewalls block all ports that aren’t in use, without one, your network is wide open to attack.
    • ALWAYS back up your data! Even if you follow this guide you could still lose all your data to Ransomware or a catastrophic disaster like fire, flood, or sinkhole. Have an offsite backup just in case.
    • Don’t leave your password on a PostIt note on your monitor! Seriously, this negates the whole point of having a password in the first place. Use your head people.