How Your Computer Will Get Infected

marksarriaTips & Tricks

It’s inevitable, your data will be stolen this year and here is how it will happen.

Every computer comes pre-installed with some sort of virus protection. We have all seen the notifications from the virus protection software regarding infected files, quarantined files or definition updates. These message are abstract and don’t explain the real dangers to watch out for.

How do infections really happen? – You Get Tricked

Intelligence does not relate to being tricked. As matter of fact being tricked isn’t strictly related to intelligence, I’ve working on computer that belong to very smart people who have downloaded and activated the virus themselves. Experienced used fall for all kinds of compromising schemes. Here are just a few “tricks” currently being used.

1. In email attachments that say they’re invoices, parking tickets, or legal judgements
2. A website will say you need to update software in order to use it
3. Part of other programs you download and run from unrepeatable sites
4. You’re told you have an infection and you need to do something to fix it
5. Trying to use stolen software. This is a huge way people get infected because criminals know that it’s a super easy way to get people to run untrustworthy software
6. Some viruses, when they infect computers, will email themselves to everyone on someone’s address list. You can’t trust even files you get from friends unless you were expecting them and the email makes sense. Feel free to reply back and ask

The Trojan Horse Lives On

Many years ago visiting a website was harmless. Website only did one thing and that is provide some sort of information. Well, since 2014 this has completely changed. Similar to the trojan horse, hackers are now using website to mask their virus. There are specially designed web pages that test your computer for lots of outdated software, and if it finds some, it uses known programming errors in those programs to infect your computer – usually in seconds and without you doing anything. These are called exploit kits and they are big business.

Other methods of exploiting your data is hacking of sites, which is not hard to do these days. Criminals hack other sites or use malicious advertisements to redirect your browser to them. This happens even on big sites, where it’s called malvertising. You don’t have to go looking, these infections come to you. They also send these links in emails and messages on social networking sites.

You Get 0 Day’d

Data exploits are not limited to just Windows operating system. Most recently, installed applications have become victims of clever hacking methods. Hackers will discover programming flaws on applications and rather than report it to the developer of the program, they use it against users of the software. This kind of flaw is called “ZERO-DAY” because users of the affected programs had zero days to deploy a fix before they got infected.

How to Protect your Data

As security improves, criminals adjust. The fact is security experts are behind by a couple of days, maybe even months. Today’s method of security is inadequate to truly provide a measurable level of protection. The main reason for the inadequate security measure is mostly due the attitude of the consumer, your attitude! The security of the past which is set-it and forget-it software no longer applies. Viruses, malware, zero day and other exploits operate autonomously. Consumers must be diligent and pro-active about security to truly limit the impact of a breach. Unfortunately many consumers prefer the passive method of security because it’s easy and no involvement required. For security to be effective, a revolution in education, mindset and attitudes needs to occur.

Until attitudes change these are measures you can take to protect against the exploits mentioned in this blog entry. The first rule is that you don’t download files or run software that isn’t something that you were specifically looking for. The software you do get must be from a link on the original company’s website, that you searched for and verified as real. When you do install software, make sure you read every option it gives you. Your antivirus saying something isn’t a virus doesn’t mean anything. Keep all your software up to date. Do not click links in text messages or messaging programs. If you are serious about protecting your data give CheckupTech a call.

About the Author

Mark Sarria

Twitter

An energetic and experienced executive who has been in the center of numerous successful ventures. Entrepreneur and founder of CheckupTech a technology systems solutions company that focuses on HIPAA compliance, data security and designing hyper-converged infrastructure. Being creative, honest and relentless have punctuated his career in IT.