Welcome back, everyone. By now, all of you should be making a few small changes t0 your digital habits to better protect yourself. Let me and your fellow readers know how the process is going: Leave your questions, experiences, and thoughts in the comments section. I’ll chime in whenever possible.
Today, we going straight for the meat and potatoes, so put on your bib and get ready to start chewing. #AwkwardMetaphor
The Scope of the Problem
Anyone who follows the news knows that hackers have become increasingly creative, powerful, and successful at what they do. Attacks engineered by hackers historically have affected our computers and smartphones or an entire corporation. However, in today’s world, hackers are now able to shut off portions of the entire internet. So the problem is getting exponentially worse.
That means it’s vitally important for regular folks like you and me to educate ourselves just a bit more to be better prepared. We’ll begin with some of the terms you’ll need to know. Because while most of us have heard of computer viruses, most of us haven’t heard of the other kinds of threats that exists on the World Wild West Web. So, for the sake of everyone’s education: let’s correct that! I’ll provide just nine terms and their most simple definitions.
1. Malware (Short for “Malicious Software”)
Malware is the umbrella term used to define any kind of hostile or intrusive software. Common examples of malware include computer viruses, worms, trojan horses, ransomware, spyware, adware, and more.
Viruses are any kind of malicious code that, once activated, replicate themselves rapidly from folder to folder and, eventually, from computer to computer. Viruses require a computer user to activate the process, something usually accomplished by downloading a file or giving permission to a program to launch.
Worms are a subclass of viruses that can spread without requiring any user interaction. Worms can replicate themselves on the victim’s system and send out hundreds or thousands of copies of itself without victims ever knowing it. They can also slow down a computer and the entire network on which that computer is working.
4. Trojan Horses
Trojans Horses (or just “Trojans”) are malware disguised as legitimate software. One example is a screensaver application that, once installed, also gives hackers other kinds of power over a victim’s computer and data.
A rootkit is malicious software that takes control of the “root” levels of a victim’s computer. That control can be used to perform illegal or undetected activity on the victim’s personal or work computer that would not otherwise be allowed.
Spyware is any software that can change a victim’s computer configurations or collect data about a victim and potentially use that against them or others.
Adware is software that, after it downloads to a victim’s computer, unexpectedly shows advertisements. These advertisements range from small, nonintrusive banners ads within a program to very invasive pop-up windows that can prevent work from being done.
8. Exploit Kits
Exploit kits are small applications that — you guessed it — exploit and attack any known security holes found on a victim’s computer. Security holes are most often outdated operating systems or third-party software. Exploits work by targeting software that’s easily manipulated to make it behave in ways it was never intended to behave. Common exploits have focused on the vulnerabilities found in Adobe Reader, Java Runtime Environment (or JRE) and Adobe Flash Player.
Ransomware is malicious software that blocks access to the victim’s data until a ransom is paid. If the data is sensitive, ransoms can be demanded as an incentive, either to prevent publishing or deleting the data. Advanced ransomware can even encrypt a victim’s files, rendering them inaccessible even if the block is circumvented. Cryptocurrencies such as Bitcoin — a topic we’ll cover in a future episode — are often used to pay the ransoms. This makes tracing payments and prosecuting the perpetrators extremely difficult. Ransomware has become a huge business in the past five years, allowing hackers to grab more than $1 billion in forced ransoms in 2016 alone.
There are other kinds of malware, including those using a combination of the approaches we’ve just discussed. However, these are the most common varieties of which you should be aware. For those of you who prefer a more right-brained approach, here’s an illustration to help put all of the above in context:
We started this episode with a list of terms and definitions to encourage you to expand your awareness. I can’t expect you to reasonably protect yourself against the kinds of threats that exist on the internet if you aren’t aware of those threats in the first place, right? Put another way:
When it comes to malware, the question that most people ask is: “What anti-virus software should I buy?” But the far more important question is: “Why are you focused only on viruses?!?”
The Solution: Start Using Anti-Malware Software
I’m not surprised that most people ask about anti-virus software. Why shouldn’t they? Most companies still use the term “anti-virus” to describe their products, even though that’s not what they are anymore.
The truth is that living on today’s internet requires far more protection than just having virus protection. In fact, at this stage, viruses are probably the least of our worries. Unless you’re the kind of person who is extremely good at practicing “The 10 Commandments of Digital Security” — something I discussed at length in Episode 2 — you’ll want to install and use anti-malware software. Actually, even if you’re someone who practices those Commandments, I’d still recommend installing and using anti-malware software, especially when you can get it for the low cost…of FREE! That’s right, kids: Well-reviewed, entry-level anti-malware software is generally free, so there’s no excuse to stall anymore.
The Free Options
For my Apple peeps, I use and recommend two different applications:
Important to note: These free applications are considered “on-demand,” meaning they don’t automatically run in the background. Instead, they need to be launched to perform an anti-malware scan.
Do this regularly. If it helps, put a monthly reminder in your calendar to open and run these apps. If you think this is a hassle, it’s FREE software, pal, so stop yer whining! If you prefer doing less work, you can purchase software that’s always on and scanning for you in the background. I’ll discuss those options in the next section.
For Windows peeps, I’d recommend the following free options:
Are there other free options for Windows? Yes. There are many, and you can read about them all here. But the two titles I’ve recommended are usually in the top 10 options of most websites that rate the best free anti-malware software available. They are now also owned by the same company: Avast. However, Avast rightly continues to treat both products as separate with customer bases in different parts of the globe.
Unlike the free Macintosh offerings, these two applications offer “on-access” scanning. That means they scan files for you in the background without your needing to ask the software to run. After installing either of these applications, my strong recommendation is to turn on this feature right away.
Lastly, for my lovely Linux lads and lasses, let’s look at this list:
As is the case with most Linux software, installations can either be downloaded or installed from the command line, so go ahead and type your way to a safer tomorrow, kids.
The Paid Options
Fully featured anti-malware software costs anywhere from $20 to $50 per year. PC Magazine has done an amazing job of researching and reviewing each of their top 10 choices for anti-malware software, and it’s worth reading. You can see their comparison chart here. The links they provide to each of the titles reviewed also offer steep discounts on the cost of the first year of service, a nice touch.
The following two recommendations are mine and are top-tier options for both Mac and PC users:
Pay $45 for the first year ($90 per year after that) to install Bitdefender on up to five computers and smart devices in your household, including those running Windows, macOS, and Android (iOS is not supported as a platform, something I think is redonkulous). If you choose Bitdefender, please don’t use the password manager: Instead, continue using LastPass for that function, something we discussed in depth in Episode 4. However, I’d use the SafePay secure browser for online banking and shopping. Just remember: You should shop or bank online only when using a computer that connects with an actual ethernet cable to the internet, never via Wi-Fi.
Symantec Norton AntiVirus Basic
Norton is one of the oldest and most respected names in the field. I started using its software in the early 1990s. Pay $40 for the first year ($70 per year after that) to install protection on one computer. Or pay $60 for the first year ($110 per year after that) to install protection on up to 10 computers and smart devices in your household, including Windows, macOS, iOS, and Android devices. Financially, this is a better deal than Bitdefender and includes iOS devices.
However — and this must be a virtual secret, given how few people know about it — you can get a FREE version of Norton Internet Security software for your desktop and laptop computers if you’re already a customer with Comcast/Xfinity (Mac and PC) or CenturyLink (PC only). Thank me later. Just remember: The free software is only provided for laptops and desktops, not mobile devices.
Once installed, the initial software scan takes a while. My recommendation: Quit all other applications and leave the scan to run overnight. Also, make sure to activate the “Safe Web” feature in each of the browsers you use; that plugin tells you if you’re visiting a known fraudulent website.
For my lovelies with Linux leanings, let’s look lasciviously at this lavish list:
Lastly, an important note: Please use only one anti-malware application. If you’re using a different application now, you’ll need to deactivate or uninstall it before installing any of the choices I’ve suggested. This will prevent two or more dueling anti-malware applications from competing for supremacy over your computers. Avast, for its part, automatically detects if you install another anti-malware application and shuts off its on-access scanning capabilities and goes into something called “Passive Mode.” That disables all real-time scanning and other active protection, so as to not compete with another application.
Man, I wish my family had a built-in kill switch like that, don’t you?
So that’s it for Episode 5, everyone. As always, I encourage you to post questions or thoughts if you have them. Feel free to tweet at me if that’s more your style: I’m @themacdweeb. No matter how you choose to do it, just don’t be shy, now, ya hear?
Until we meet again…