Almost all malware now is installed by poisoned web sites. If you haven’t installed the latest updates for Windows / Office / Internet Explorer / Firefox / Java / Flash / Acrobat / iTunes / Quicktime, you’ll click on an innocent-looking link to find, say, lyrics to a Katy Perry song and be confronted by something unexpected – typically an official-looking window that pops up claiming that your system is infested with terrible diseases.
It can happen at quite legitimate web sites –click on the links for some info about how it happened to the New York Times and Grooveshark. There are hundreds of thousands of pages run by bad guys obsessed with fooling you into following one of their links to a poisoned site.
I’ve written about this frequently, and created this list of rules for safe computing. Let’s focus on the rules for dealing with these fake security screens.
Know the name of your antivirus software. If you get a security warning that does not display the exact name of your security software, it is phony; if you click on anything, you will probably install malware.
- The bad guys almost never use the name of a specific program, and they usually don’t exactly copy the screens from Norton or McAfee or TrendMicro or Microsoft security products. They create things that look vaguely official but use different names. Interesting question: why? The malware is created by international scum, global worms with no consciences. They’ll steal your money and give your credit card number to organized crime syndicates in Turkmenistan, but they get shy about copyright infringement? Seems odd. At the moment your best defense is to know the exact name of your security program, and recognize when you don’t see it on a phony security warning.
If a web site brings something up on your screen that might be malware, do not click on anything. If you click “NO” or “CANCEL,” there is a good chance that they lied and you actually gave permission to install the malware. Don’t click the X in the corner. Don’t click the Start button. Get your hands off the mouse!
If you have a window onscreen that might be dangerous, turn your computer off with the power button. You have better than even odds of stopping the malware from doing anything to your system, as long as you don’t click anything when it’s onscreen. Hold down the power button for 8-10 seconds until the system goes completely dead, then restart it. With luck, you’ll dodge the bullet.
Be careful out there!
Trackbacks/Pingbacks