10 easy ways to prevent malware infection   
       
   Posted August 26, 2016 by Wendy Zamora   
       
   We told you how to tell if you're infected with malware. We told you how to   
   clean up the infection if you get it. How about how to stop the infection from   
   happening in the first place?   
       
   Yes, it's possible to clean up an infected computer and fully remove malware   
   from your system. But the damage from some forms of malware, like ransomware,   
   cannot be undone. If they've encrypted your files and you haven't backed them   
   up, the jig is up. So your best defense is to beat the bad guys at their own   
   game.   
       
   While no single method is ever 100 percent fool-proof, there are some tried   
   and true cybersecurity techniques for keeping malware infections at bay that,   
   if put into practice, will shield you from most of the garbage of the Internet.   
       
   Without further ado:   
       
   Protect vulnerabilities   
   One of the top delivery methods for malware today is by exploit kit. Exploit   
   kits are sneaky little suckers that rummage around in your computer and look   
   for weaknesses in the system, whether that's an unprotected operating system,   
   a software program that hasn't been updated in months, or a browser whose   
   security protocols aren't up to snuff (we're looking at you, Internet   
   Explorer).   
       
   Here are some ways you can protect against exploits and shield your   
   vulnerabilities:   
       
   1.    Update your operating system, browsers, and plugins. If there's an   
   update to your computer waiting in queue, don't let it linger. Updates to   
   operating systems, browsers, and plugins are often released to patch any   
   security vulnerabilities discovered. So while you leave those programs alone,   
   cybercriminals can find their way in through the vulnerabilities.   
       
       Bonus mobile phone tip: To protect against security flaws in mobile   
   phones, be sure your mobile phone software is updated regularly. Don't ignore   
   those "New software update" pop-ups, even if your storage is full or your   
   battery is low.   
       
   2.    Enable click-to-play plugins. One of the more devious ways that exploit   
   kits (EKs) are delivered to your computer is through malvertising, or   
   malicious ads. You needn't even click on the ad to become infected, and these   
   malicious ads can live on prestigious, well-known sites. Besides keeping your   
   software patched so that exploit kits can't do their dirty work, you can help   
   to block the exploit from ever being delivered by enabling click-to-play   
   plugins.   
       
       Click-to-play plugins keep Flash or Java from running unless you   
   specifically tell them to (by clicking on the ad). The bulk of malvertising   
   relies on exploiting these plugins, so enabling this feature in your browser   
   settings will help keep the EKs at bay.   
       
   3.    Remove software you don't use (especially legacy programs). So, you're   
   still running Windows XP? Microsoft discontinued releasing software patches   
   for this program in 2015. That means you're wide open to exploit attack. Take   
   a look at other legacy apps on your computer, such as Adobe Reader or older   
   versions of media players. If you're not using them, best to remove.   
       
   Watch out for social engineering   
   Another top method for infection is to scam users through social engineering.   
   Whether that's an email that looks like it's coming from your bank, a tech   
   support scam, or a fishy social media campaign, cybercriminals have gotten   
   rather deft at tricking even tech-savvy surfers. By being aware of the   
   following top tactics, you can fend off uninvited malware guests:   
       
   4.    Read emails with an eagle eye. Check the sender's address. Is it from   
   the actual company he or she claims? Hover over links provided in the body of   
   the email. Is the URL legit? Read the language of the email carefully. Are   
   there weird line breaks? Awkwardly constructed sentences that sound foreign?   
   And finally, know the typical methods of communication for important   
   organizations. For example, the IRS will never contact you via email. When in   
   doubt, call your healthcare, bank, or other potentially-spoofed organization   
   directly.   
       
       Bonus mobile phone tip: Cybercriminals love spoofing banks via SMS/text   
   message or fake bank apps. Do not confirm personal data via text, especially   
   social security numbers. Again, when in doubt, contact your bank directly.   
       
   5.    Do not call fake tech support numbers. Ahhh, tech support scams. The   
   bane of our existence. These often involve pop-ups from fake companies   
   offering to help you with a malware infection. How do you know if they're   
   fake? A real security company would never market to you via pop-up saying they   
   believe your computer is infected. They would especially not serve up a   
   (bogus) 1-800 number and charge money to fix it. If you have security software   
   that detects malware, it will show such a detection in your scan, and it will   
   not encourage you to call and shell out money to remove the infection. That's   
   a scam trying to infect you. Don't take the bait.   
       
   6.    Do not believe the cold callers. On the flip side, there are those who   
   may pick up the phone and try to bamboozle you the good old-fashioned way.   
   Tech support scammers love to call up and pretend to be from Microsoft.   
   They've detected an infection, they say. Don't believe it.   
       
       Others may claim to have found credit card fraud or a loan overdue. Ask   
   questions if something feels sketchy. Does the person have info on you that   
   seems outdated, such as old addresses or maiden names? Don't confirm or update   
   the info provided by these callers. Ask about where that person is calling   
   from, if you can call back, and then hang up and check in with credit   
   agencies, loan companies, and banks directly to be sure there isn't a problem.   
       
   Practice safe browsing   
   There's such a thing as good Internet hygiene. These are the things you should   
   be doing to protect against external and internal threats, whether that's   
   losing your device, walking away from your computer, using public wifi, or   
   shopping online.   
       
   "While many of the threats you hear about on the news make it seem like there   
   is no way to protect yourself online these days, the reality is that by   
   following some basic tips and maintaining good habits while online, you will   
   evade infection from over 95 percent of the attacks targeting you," says Adam   
   Kujawa, Head of Intelligence for Malwarebytes. "For that last 5 percent, read   
   articles, keep up with what the actual security people are saying, and follow   
   their advice to protect yourself."   
       
   So here are some of the basics to follow:   
       
   7.    Use strong passwords and/or password managers. A strong password is   
   long, is not written down anywhere, is changed often, and isn't tied to easily   
   found personal information, like a birthday. It's also not repeated for   
   different logins. Admittedly, that's a tough cookie to swallow. If you don't   
   want to worry about remembering 5,462 different rotating passwords, you may   
   want to look into a password manager, which collects, remembers, and encrypts   
   passwords for your computer.   
       
   8.    Make sure you're on a secure connection. Look for the padlock icon to   
   the left of the URL. If it's there, then that means the information passed   
   between a website's server and your browser remains private. In addition, the   
   URL should read "https" and not just "http."   
       
   9.    Log out of websites after you're done. Did you log into your healthcare   
   provider's site using your super-strong password? You could still be leaving   
   yourself vulnerable if you don't log out, especially if you're using a public   
   computer. It's not enough to just close the browser tab or window. A person   
   with enough technical prowess could access login information from session   
   cookies and sign into a site as you.   
       
   Layer your security   
   Sometimes all the safe browsing and careful vigilance in the world can't   
   protect you from all threats. Sometimes you need a professional to catch all   
   the poo that cybermonkeys are flinging. So to keep your machine clean, invest   
   in security software and layer it up with the following:   
       
   10.    Use firewall, antivirus, anti-malware, and anti-exploit technology.   
   Your firewall and antivirus programs will detect and block the known bad guys.   
   Meanwhile, your anti-malware and anti-exploit software can fend off   
   sophisticated attacks from unknown agents, stopping malware infection in real   
   time and shielding vulnerable programs from exploit attack.   
       
   Security professionals agree a multi-layer approach-using not only multiple   
   layers of security technology but also user awareness-helps keep you protected   
   from the bad guys and your own mistakes. Now go forth and fight malware!   
       
       
   Regards,   
       
   Roger   
      
   --- DB 3.99 + Windows 10   
    * Origin: NCS BBS - Houma, LoUiSiAna (1:3828/7)