Thought I’d write-up some tips for preventing viruses getting on or taking over your systems.. Some of it might be obvious, some will definitely make you think ‘wha??’
Lets start with the completely obvious!
Actually Run some Virus Protection, Update it, and scan regularly.
We’ve all brought a new laptop to find Norton’s or McAfee pre-installed.. How often do you check it? Did you know it expired 60 days after you brought it? Do you know how much it is to get the new version? is it worth finding out after your system is crippled by viruses?
For complete virus protection with minimal system fuss, we recommend a Bullguard suite. Scan and update regularly, and remove that wasteful Norton/McAfee before installing new software
Don’t open attachments from anyone
Obviously you need some attachments for work, maybe set up a shared Dropbox/Google drive or Skydrive area so they are scanned for malicious content automatically by a high-class enterprise protection system? Another advantage to this is that you will never lose the file either by accident.
Also it should be clear that the Lottery never emails you, you don’t know any doctors/military/princes in Nigeria who have millions stashed away who’ll give it up easily. Your bank and energy companies will not email you the bill, they’ll email you a notification of billing. And usually put it in your account area on their website. (which reminds me of the next section…)
Obviously you should use a different password for each account/thing. I can’t remember most half the time and use images in the page to jog the memory to what they may me.. So when my energy company re brands, I panic!
Another good way to keep passwords safe is to write them down in a book, and keep that safe somewhere (hidden, not stuck on monitor..). Something physical you can use, and the chances of someone targeting that is slimmer.
Is the site real?
This goes for images in HTML emails too.. Ever notice where the image is hosting or comes from? Your browser’s status bar tells you when you hover over it. Same with links. Try this and look down bottom left of your screen.
Most of the faked emails I’ve seen has some indication of a fake domain. such as paypal.com-service.tk symbols and items in the url to try to trick the user into clicking.
Of course its possible to redirect on these too, if the image or link is on the same domain.
Set up a Catcher contact
Here’s an original one.. Set up a new contact in Outlook called aardvark and point it at you own email address (or IT department). Common mass mailing viruses will go through the contact list at varying speeds/stages to not be noticed.. Aa will usually be first emailed. An email from yourself you don’t remember sending (useful for leaving notes to yourself when done properly, to phone/tablet without messing around with syncing). A good early warning system in most cases.
Don’t click shorturls without trusting the sender
Commonly over twitter or emails would have these, and actually I’d run them through a short to long URL expander first if there was no relevant text with them. I use LongURL and just copy and paste the short links into that to check their target.
If that Facebook video is ‘Competely wow or Amazinglo’ from your friends post, or something happens if you don’t reshare..
Probably best ignore it, this is a common way things not only spread but ruin your reputation on Facebook.
Rogue apps can almost post anything to your timeline and share out. It something Facebook doesn’t do much about as it’d have to put rules on the way things are posted and their own advertising system.
Same with Facebook games, best check the app centre to disable and check what others are saying about them.
I wrote this to highlight some points, many of my call-outs are virus related, and most can be prevented. Most people haven’t got any virus protection, and don’t know much about what’s out there, and won’t seek advice until they get some viruses.
Cryptolocker is a nasty piece of work. With that making headlines and its payload being unrecoverable once running, I suggest people start using the tips above sooner than later. Especially on-line storage for important files!
Unfortunately, there’s not an early detection method without it being set off (ransomware so it’ll say your files are encrypted, pay up etc), No way of working out the encryption, seems high level military (AES256?) so decrypting with no reference key is going to be impossible. (Hint, back up your files..) and as these are criminals it’s likely to not have an accessible decryption key.
Hope this helps people. Anyway, message of the day.. Get some Virus Protection! and be sensible online.
For more information and advice GetSafeOnline UK