Android Malware – Take the Security of Your Device Seriously

Guest writer Megan Berry has some timely advice on how you can avoid avoid malware on Android smartphones and tablets.

Rule #1 of Android security: don’t download apps from websites other than Google Play for fear that you unwittingly infect your smartphone or tablet with malware. Well, not surprisingly, cybercriminals found a way to invalidate rule #1.

A security researcher at Symantec recently discovered two apps infected with malware in the app store that were quickly removed. But not before tens of thousands of users downloaded them.

This scenario is particularly troubling for companies with BYOD programs that permit Android devices to connect to their network. How do companies protect corporate assets without taking away employees’ ability to use their favorite mobile devices on the job? Especially since it seems that cybercriminals are always one step ahead of security experts.

Whether you use an Android device at home, on the job, or both, the growing threat of Android malware means it is more important than ever to take the security of your device seriously.

How to avoid malware on Android smartphones and tablets

Nothing you can do will guarantee you will never be infected with malware, but there are things you can do to minimize the risk.

· Before downloading an app, do a quick web search to check up on the developer and the app itself. Look for red flags in the search results, such as negative user reviews or complaints, that indicate you need to dig deeper before tapping that “Accept & download” button. Hint: You can visit the developer’s webpage from the app listing.

· Some malicious apps try to hide behind a legitimate brand name. Make sure the name of the developer jives with the title of the app.

· Read the app’s user reviews. Red flags will show up here, too.

· Examine the permissions of the app: are they in line with the app’s intended use? For example, does a news app really need to access your contacts or send text messages?

· IT managers should insist that employees install an Android anti-virus app. Or, better yet, insist that users turn their devices over to IT before they’re allowed to connect to the network for the first time. This way IT can install anti-virus software it has evaluated, configure it properly and enforce its use.

Android anti-virus apps: worth it or not?

The effectiveness of Android anti-virus apps is debatable, though. In a recent study, only a handful of Android anti-virus apps were found to detect most types of threats. The March 2012 study by AV-Test.org rated 23 out of 41 apps effective, or 56%. Of those 23, only 10 detected greater than 90% of known malware types.

Still, the authors of the study say any of the anti-virus apps that were found to detect greater than 65% of known malware types provide adequate protection.

Unpatched system software: Your device’s Achilles’ heel

Even though you’re careful about what apps you install and you run an anti-virus program, your device may still be vulnerable because of unpatched system software.

According to security vendor Duo Security, the speed at which wireless carriers supply updates to their users varies. Therefore, it’s possible for devices to go unprotected for long periods of time. The fragmentation of the Android platform complicates the task of rolling out updates, not to mention the fact that companies have little incentive to fix existing flaws when new devices with the latest system software are already on the shelves.

This is of particular concern for companies that allow their employees to connect their personal Android devices to the company network. It should also be of concern to employees, who may be liable if their device infects their employer’s network – many corporate bring-your-own-device (BYOD) policies place the responsibility for keeping devices malware-free squarely on the shoulders of the user.

Duo Security’s new app, X-ray, scans Android devices to discover unpatched flaws in system software. If the app finds a problem, the user can go to Settings>About Phone>System Updates to download the latest version. If an official update isn’t available via System Updates, Duo Security encourages users to contact their carrier for more information, or at the very least, exercise extreme caution when downloading apps.

Individual users can download and install the app from the X-Ray for Android website. Organizations can get an enterprise-level version by emailing the company.

Lesson learned

The lesson here is that unfortunately, it’s no longer safe to assume that just because an app is available from a reputable source, it’s malware-free. And, educating yourself and your users, combined with tried-and-true anti-virus software, is still the best protection against the quickly evolving threat that Android malware presents.

About the Author: Senior writer for IT Manager Daily, Megan covers the latest technology news and trends impacting business.

Security Precautions For Your New Christmas PC

We are now officially in the “Holiday Season”, (the “Christmas Season”, to we traditionalists), so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off – after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take.

Patch your operating system:

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus:

PC Tools Firewall Plus is my Firewall of choice. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Free Antivirus:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

A final note: You may find that your new PC is loaded with preinstalled “trial” software. This is the type of thing that drives users buggy, since trying to figure out how to get rid of trialware is not as easy as it should be. But don’t fret.

Take a look at – Free PC Decrapifier – Bloatware Begone! – a free application designed to specifically uninstall these annoyances

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

300 Free Emsisoft Anti-Malware License Giveaway At MalwareTips.com

The good people over at MalwareTips.com are at it again – this time out, the guys have 300 one year licenses to giveaway for one of the better AV applications on the market – Emsisoft Anti-Malware.

Fast facts:

2 combined scanners for cleaning: Anti-Virus + Anti-Malware

• • Not just any scanners, but a combination of two world class products – the Emsisoft Anti-Malware, and the Ikarus Anti-Virus engine. Latest tests approve that both are cutting edge in Malware detection.
  • No doubling of the scan duration as would be the case with two separate scanning programs. Considerable performance improvement is possible thanks to the integration of the two engines on the lowest level.
  • No double price – two top security products for the price of one.

3 guards against new infections: file guard, behavior blocker and surf protection

• Since version 5: The new, free configurable file guard compares all files that are downloaded or started with about 4 million patterns of known malicious software.
• Unlike conventional protection systems Emsisoft Anti-Malware does not only check files, but it also constantly monitors the behavior of all active programs and raises an alarm as soon as something suspicious happens.
• Typical ways of infection are disabled in advance. Websites that try to plant trojans or spyware or that offer deceptive contents are blocked by the surf protection.
• Signature updates at least 5 times per day, in combination with the zero-day protection of the behavior analysis this guarantees the best possible protection from new infections.

3 ways of Malware removal to clean every infection

• When a Malware infection is detected, the scanner puts the found objects under quarantine or deletes them finally.
• For tough problems our helpful Malware experts are at your disposal for free. With their step-by-step advises, any infection, no matter how resistant it is, can be purged – guaranteed.
• Anti-Malware holds plenty of advanced options for experts to detect and delete Malware manually. For this purpose the integrated system analysis tool HiJackFree is included, and helps you to have all processes, services, auto-runs, open ports, browser plug-ins and host entries under your control.

Take a run over to MalwareTips.com, read the article carefully, and follow the instructions to obtain a 12 month license.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

BitDefender TrafficLight – Real-time Anti-virus, Anti-phishing Browser Add-on

Surfing the Internet without a site reputation Browser add-on is not much different than stumbling down a set of stairs in the dark – while blindfolded. At a minimum, a risky venture.

As with all applications designed to enhance Internet safety however, site reputation Browser add-ons are not without there shortcomings. One particular issue that raises concern is – reputation add-ons are site specific and not page specific. In other words, the site may have passed the test for safety and yet contain a page, or pages, that harbor threats.

BitDefender’s recently released (March 24, 2011), beta – TrafficLight Browser add-on, attempts to address this page specific issue by utilizing “the BitDefender scanning engines to check, and rate, every page and link from the users’ web traffic, blocking unsafe content before it reaches the user’s browser.” In an effort to cover all the bases, TrafficLight is active in in search engines, and social networking sites (Facebook and Twitter), as well.

Control Panel screen capture.

Fast facts:

TrafficLight works with virtually any Windows-compatible browser. It even keeps look, feel and functionality consistent if you switch browsers.

TrafficLight intercepts and scans web traffic before it even reaches the browser, effectively blocking disguised or stealth attacks before it’s too late.

TrafficLight scans the pages you visit for malware and phishing attempts each and every time you access them to avoid the threat of legitimate but recently compromised websites.

TrafficLight won’t block an entire website if just some pages within are malicious. Only the potentially harmful elements are blocked, leaving you free to view the rest of the site if you so choose.

TrafficLight relies on intelligence provided by BitDefender Cloud services to flag malware and phishing attempts in search results from Google or Bing. Not only that, but it also checks links in popular social network platforms and blocks them if they are suspect.

TrafficLight does not add a toolbar to your already-cluttered browser interface. Its interface remains invisible until your input is needed or it’s called up with a simple mouse gesture.

Supported Operating systems: Microsoft Windows XP SP2, Windows Vista SP2, Windows 7.

Supported Browsers:
Internet Explorer 7+, Opera, Mozilla Firefox, Google Chrome, Safari.

Download free TrafficLight at: BitDefender

Note: As with all beta, or release candidates, take sensible precautions prior to installation. This should include setting a new restore point.

Additional reading:

WOT Beta for Social Media – Facebook, Twitter Protection And More

Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Jealous? Cyber-crooks Have You In Their Sights

Physiological studies have observed jealousy in infants as young as five months old and surprisingly, in elderly people. Many psychologists hold the view, that jealousy is a normal and appropriate reaction to the fear of losing a loved one to someone else.

It’s no surprise then, that Cyber-crooks are continuing to use jealousy as a social engineering email hook, to entice potential victims to click on an email containing enclosed links which can lead to the installation of malware.

The following screen capture (from one of my email inboxes, yesterday), illustrates the type of crafty email currently circulating on the Internet. Consider carefully – would you follow the links in this email?

If you had attempted to do so, in this case, you would have been cautioned by bit.ly (a free service that shortens long links), since the original link has been shortened using this service. Kudos to bit.ly for being on the ball here.

(Click pic for larger)

The following is the text of another email of this type, currently circulating on the Net.

Hello,

I apologize for my frankness. I’m sorry for not being able to speak to you in person, but I can only talk to you via email and I feel obliged to notify you to open your eyes, you are being betrayed.

I know it is difficult to prove, but every picture tells a story, I’ll send you these pictures so that you can see it with your own eyes. Take care…a big hug

From a good friend who is very fond of you

View photos here

In this case, there is no intermediary, like bit.ly – so you’re on your own.

It may well be that certain individuals are not prepared to take the fidelity of a loved one at face value, but these same individuals have no hesitation in opening an email from an unknown sender, it seems.

Do these types of emails work for scammers, do you suppose? You bet! Let me give you an example of how foolish people can be –

Several months ago, I wrote an article “Nude Pics Of Your Wife/Girlfriend Attached – Click Here”, as another of my frequent tests of Internet user gullibility. This is the very type of article frequently used by cyber-criminals to launch penetration attempts. Much to my surprise, the article is now one of the most frequently read articles on this site. I ask you – how careless can people be?

Regular readers of this site are familiar with the following safeguards:

• Install an Internet Browser add-on such as WOT (my personal favorite), which provides detailed results on a site’s safety; protecting you from security threats including spyware, adware, spam, viruses, browser exploits, and online scams.
• As well, WOT now checks links embedded in your email, and warns you of dangerous web sites so that you can avoid spyware, spam, phishing, identity theft and other Internet scams; before you click on dangerous embedded links.
• Don’t open unknown email attachments.
• Disable scripting features in email programs.
• Make regular backups of critical data.
• Make a boot disk in case your computer is damaged or compromised.
• Turn off file and printer sharing on the computer.
• Install a personal firewall on your computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.
• Ensure the anti-virus software scans all e-mail attachments.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Planning On A New Christmas Computer? Security Precautions To Consider

We are now officially in the “Holiday Season”, so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off of after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take before you connect to the Internet.

Patch your operating system:

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall (last updated November 11, 2010), protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus 7:

Having tested this application for more than six months I was impressed with its performance. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall 2010:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Protect 2:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet Protect straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft last year as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Avira AntiVir Personal 10 – Is It The Best Free Antivirus Available?

If you were building a wish list of the features that you would like to see in a free anti-virus program, I’m sure you would include the following:

An easy to use and understand, yet comprehensive, user interface.

An on demand scanner to seek out viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs.

And, perhaps most important, the ability to stop a detected malicious program  dead in its tracks.

The ability to repair, delete, rename and quarantine programs, or files.

Well you’re in luck. Avira AntiVir Personal will meet, and even exceed, all of your wishes. This anti-virus program offers comprehensive protection, driven by an easy to use interface.

Avira AntiVir Personal is not just another free AV solution. Avira may just be the best free AV solution available. It’s certainly the most popular in its class, and with good reason, in my view.

I’ve been using Avira, in one release or another for years on a Windows XP Professional machine, and I have never had to deal with an infection on that particular computer.

I’m not suggesting that Avira is the only reason this machine has never been infected, but – it is the foundation on which all of the other security solutions, specific to that machine, are built. Regular readers are well aware, that I faithfully follow the Three Commandments of Safe Surfing:

Stop – consider where you’re action might lead.

Think – consider the consequences to your security.

Click – only after making an educated decision to proceed.

If you’re a typical, or an average user, you should find that Avira AntiVir Personal will meet, and even exceed, all of your requirements.

As an indication of this programs popularity, Download.com reports 100+ MILLION total downloads – 665,000 last week alone.

Fast facts:

Highly Configurable

Protection from viruses, worms and Trojans

Includes anti-spyware and anti-adware features

Protection against expensive dialers

Protection from hidden rootkits

Protection from phishing

Extensive malware Recognition

Monitors every action executed by the user or the operating system

Reacts promptly when a malicious program is detected.

Automatic updates of antivirus signatures, engine and software – I have to admit, I love this feature

Now in Version 10.0.0.567 (updated April 22, 2010)

Quick Summary:

Easy to download, easy to install, easy to configure, easy to use, and very effective.

System requirements: Windows 7, XP, Vista (32-bit and 64-bit).

Download at: Download.com

Note: Free for home-users only.

If you find the nag screen annoying, take a look at “Remove Avira Notifier – Here’s How”, on this site. If you’re running a 64 bit system, then checkout my buddy G’s site –Disable Avira Notifier in Windows 7.

Note: Since we’re talking about Avira, you should be aware that Avira offers a free Avira AntiVir Rescue System, “which is a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to repair a damaged system, rescue data, and scan the system for virus infections”.

If you are an active computer user, you should consider adding this application to your antimalware tool box.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

How to Tune Up Your Anti-Malware Strategy With These Free Solutions

As highly regarded security guru Bruce Schneier says, “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology”

Unfortunately, the average user continues to rely only on technology for protection. Recently, I setup a new computer system for a friend; an average user, and as I was tinkering with her system, one though kept bouncing around in my head. “What do I need to do to keep her protected on the Internet?”

I started with the usual things of course, including installing the following security applications.

PC Tools Firewall

– PC Tools Firewall is definitely worth considering as a new Firewall installation, or as a replacement for a current Firewall that is not meeting expectations.

Microsoft Security Essentials

– Easy to set up and run, particularly for new users. The interface is positively simple offering Quick Scan, Full Scan, or Custom Scan. Provides full real time protection against viruses, spyware, and other malicious software.

Avira AntiVir Personal

– Offers on demand scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs. As well you can repair, delete, block, rename and quarantine programs, or files.

Firefox

– I then installed the most effective security add-ons, including NoScript, KeyScrambler, Adblock Plus and BetterPrivacy.

WOT

– Web of Trust, a browser add-on which offers Internet users active preventive protection against Web-based attacks, online scams, identify theft, and unreliable shopping sites.

Winpatrol

– This program uses a simple yet effective method of fighting all kinds of malicious programs.

GesWall

– An isolator which dynamically isolates Internet applications including Web Browsers, Chat Clients, Email Clients, and so on.

Malwarebytes’ Anti-Malware

– A simple, intuitive, and easy to use interface, makes Malwarebytes’ Anti-Malware straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as a secondary on demand scanner.

SUPERAntiSpyware Free Edition

– SUPERAntiSpyware is also straightforward to setup, customize and run, for both less experienced and expert users alike. This application was installed as an additional secondary on demand scanner. This should not be considered overkill – there is no one single anti-malware application that is likely to catch everything. Better safe than sorry, and all that.

ThreatFire

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my own front line defenses.

So what could go wrong with this kind of armor against the pack of jackal-like cyber-criminals who prowl the Internet? The short answer is – plenty.

She still faces substantial risks while surfing the Internet regardless of the antispyware, antivirus, and the other Internet security applications I installed.

Malware evolves so rapidly today, that staying ahead of the curve has proven to be all but impossible for security software developers, despite their best efforts.

While it may be true that reputable Anti-malware software is often capable of detecting harmful and malicious attempts to compromise a computer, this is not always the case. Anti-malware programs that rely on a definition database (most anti-malware programs), can often be behind the curve in recognizing the newest threats.

You might be wondering just how many new malware threats circulate on the Internet – and here’s one answer. Over the last three months alone, PandaLabs has recorded five million new strains of malware.

On the face of it, it may appear that this huge number of new malware strains presents an insurmountable problem. But malware itself is only part of the problem.

The method used to deliver the malware – social engineering – that’s the most significant problem currently, for an average user. Social engineering, which relies on, and exploits our natural curiosity, is a sure winner for the bad guys.

Cyber-criminals are increasingly relying on this aspect of social engineering to create an opportunity designed to drop malicious code, including rootkits, password stealers, Trojan horses, and spam bots on our computers.

So the problem I found myself having to deal with was “If all these security applications I installed won’t offer her absolute protection against cyber-criminals, what, or who will?” The only plausible answer was – she must take on this responsibility herself. The inescapable fact is – she must become her own best protection. In my experience it’s the only strategy that works.

My friend, (just like most average users), had a need to believe, and desperately wanted to be able to trust, that the installed security applications would totally protect her on the Internet.

She, like the rest of us, needed to become convinced that a mild case of paranoia when using the Internet, was in her own best interest. Being suspicious, and untrusting while surfing the web, might not make her invulnerable to malware infections or worse, but it will certainly reduce her odds enormously.

It took considerable effort to finally convince her that mild paranoia would play an important role in preventing her from becoming a victim of cyber criminals.

Particularly, overcoming the instinctive human response (and we all have it), to just “click” while surfing the Internet. That instinctive response, would pose one of the biggest risks to her online safety and security.

Security experts argue (including me), that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly” or opening the types of files that are clearly dangerous.

At the end of the day, I finally managed to get her agreement that she would not engage in any of the following unsafe surfing practices.

Downloading files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.

Clicking links in instant messaging (IM) that have no context or are composed of only general text.

Downloading executable software from web sites without ensuring that the site is reputable.

Using an unsecured USB stick on public computers, or other computers that are used by more than one person.

Opening email attachments from unknown people.

Opening email attachments without first scanning them for viruses.

Opening email attachments that end in a file extension of .exe, .vbs, or .lnk.

Regular readers of this site are very familiar with the following recommended security strategy to protect their computer system, their money and their identity:

Don’t open unknown email attachments

Don’t run programs of unknown origin

Disable hidden filename extensions

Keep all applications (including your operating system) patched

Turn off your computer or disconnect from the network when not in use

Disable Java, JavaScript, and ActiveX if possible

Disable scripting features in email programs

Make regular backups of critical data

Make a boot disk in case your computer is damaged or compromised

Turn off file and printer sharing on the computer

Install a personal firewall on the computer

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet

Ensure the anti-virus software scans all e-mail attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected. Most of all, understand that you are your own best protection.

Well known software developer Comodo Group, have developed a new Internet video series, Really Simple Security, published on a dedicated YouTube channel, that makes it easier than ever for an average user to become much more proactive in their own protection. This is a site that should be in everyone’s bookmarks.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Essential Security Precautions for Your New Christmas PC

You’ve been pretty good this year, (haven’t you?), so you just might get a new PC for Christmas  But, before you test drive this new machine, there are some fundamental precautions you need to take before you connect to the Internet.

Since you are reading, this I’ll assume that you are aware that there are some fundamental precautions you need to take before you connect to the internet with your new machine. I’m hopeful that you are reading this on your old machine.

Patch your operating system:

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are two that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 18 months, and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!

PC Tools Firewall:

I’ve been running with PC Tools Firewall for a few months, first on Win 7 Beta, and now on Windows 7 RC, and in this short time period I have been impressed with its performance. It installed easily, set up quickly, and has not caused any conflicts with my machine despite my sometimes esoteric running requirements.

The default settings are well thought out, and provide excellent protection for less experience users – and despite the hype put out by the IT industry, most computer user can be classified as having limited system experience.

Install anti-virus software:

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one)

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Install Anti-spyware and Adware Software:

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

I’ve been running Security Essentials as a tester for months on my Win 7 machine, backed up by my usual, on demand, security applications and I’ll state, without any hesitation, I’m impressed. I highly recommend this free application.

Ad-Aware:

Many software reviewers consider Ad-Aware Free as the best free adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version is, real-time protection is not included.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Internet Browser Protection:

Web of Trust (WOT):

WOT is a free Internet Browser add-on (my personal favorite), that has established an impressive 4.5/5.0 star user rating on CNET. WOT tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls.

A secondary but equally important function offered by SpywareBlaster, is its ability to block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Mozilla FireFox, Netscape, Seamonkey, Flock and other browsers.

If you are now on the Internet, and you have not yet taking the precautions as outlined above, you are extremely vulnerable and it is critical that you take the following precautions:

Stop surfing the Web and patch your operating system. Only then download the protective software as noted above, or software that you are familiar with that will do an appropriate job of protecting your computer.

Do not visit any other websites until you have done this.

Additional security precautions:

Establish a password for the administrator account. Only you should have access to the administrator settings on your PC.

Create a new password protected user account. Using this account for your general day-to-day activities adds another layer of protection to your computer. A user account does not have the same all-access permissions as your administrator account, and in many cases this extra layer of protection will restrict malware from gaining a foothold on your PC.

Good luck and safe surfing.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free Avira AntiVir Personal Protection – Get the Real Deal!

Avira AntiVir Personal is not just another free AV solution. This application may just be the best free application for monitoring interactions with your operating system, to ensure that if a malicious program is detected it will be stopped dead in its tracks! It’s certainly the most popular in its class, and with good reason.

Avira AntiVir Personal offers effective, on demand scans for viruses, Trojans, backdoor programs, hoaxes, worms, dialers and other malicious programs. It’s simple interface provides easy access to a command structure, that makes it easy to repair, delete, block, rename and quarantine programs, or files.

I’ve been testing Avira in one release or another for years, and I continue to be impressed with its performance. I have come to rely on it as my primary anti-virus application on my test platforms.

If you’re a typical, or an average user, you should find that Avira AntiVir Personal will meet, and even exceed, all of your requirements.

As an indication of this programs popularity, Download.com reports almost 70 MILLION downloads, making it the leading antivirus software, offered for download on this site.

Fast facts:

Highly Configurable

Protection from viruses, worms and Trojans

Protection against expensive dialers

Protection from hidden rootkits

Protection from phishing

Extensive malware Recognition

Monitors every action executed by the user or the operating system

Reacts promptly when a malicious program is detected.

Automatic updates of antivirus signatures, engine and software – I have to admit, I love this feature

Now in Version 9.0.0.415

Quick Summary:

Easy to download, easy to install, easy to configure, easy to use, and very effective.

System requirements: Windows 2000/XP/Vista/Win 7, UNIX

Download at: Download.com

Note: Free for home-users only.

If you need more convincing, watch the CNET video review of Avira AntiVir Personal – Free Antivirus ( 2:17 mins.)

If you find the nag screen annoying, take a look at “Disable Avira Notifier”, on this site.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.