Disclaimer: The following information has been copied (with a few minor edits) from various online security blogs, thanks original authors and contributors – we really appreciate your effort to keep internet community safe.
This information primarily focuses on procedures for Windows Operating System.
You usually get infected because your security settings are too low or you blindly click yes to everything. This article will show you how to protect yourself and tighten security.
If you are reading this article as part of a post-infection clean-up then please be aware that several anti-malware tools that are commonly used by helpers on online help forums reset various Windows settings to the default ones that Windows came with. These aren't always the safest options but are the default Windows options. If you follow the advice below, especially setting "Show known file types", you will be much safer and you will have taken the first steps to protect yourself and tighten security.
Here are a number of recommendations that will help to protect yourself and tighten security and which will contribute to making you a less likely victim:
- Watch what you download!: Many freeware programs and P2P applications are amongst the most notorious, coming with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software or just plain crash your browser or even Windows itself. There is no such thing as a free lunch and many "free" programs on the net contain adware or spyware. Read the EULA carefully before installing anything and if it says "Supported by Advertising" or similar wording be very wary and expect problems and pops ups etc. Be careful what add-ons, toolbars and extensions you install in your browser. Very few of them are needed, useful or safe. All the majority of these add-ons will do is slow down browsing and cause unwanted adverts and pop ups on your computer. Be extremely careful when downloading from software sites. A high number of these sites use their own "download manager" which stealthily installs so-called "optional" programs that cause pop ups, adverts and search diverts, unless you are scrupulous about watching what it does and carefully uncheck everything it offers, apart from the program that you actually want.
- Once a file has been downloaded then scan it with your antivirus BEFORE opening it: As a double-check we recommend scanning it at: Kaspersky Application Advisor which will give a recommendation based on other user input and what the file appears to do. If it is safe then it will say so. Unknown files are automatically given a caution rating and bad files are marked with a red warning.
- Set your folder options to "Show known file types": The default for Windows is to hide known file types and that way, when you receive an email saying "open this picture" or "read this important document", you don’t see the .exe at the end. Once you set known file types to show it is much less likely that you will accidentally click on a malware file and open it, thinking that it is a picture from a friend or a document that you are expecting. This shows you how to set it for Windows 7 or Vista and this for Windows 8.1 or see this guide from howtogeek.
- Watch out for sites that insist you need a special codec to watch the video or listen to music on the site as 99% of the time they are trying to install malware. If you already have Windows Media Player, Flash Player, QuickTime or Real Player installed there should never be any need to install a special player or codec from the site.
- Phishing and Identity Theft: Be very wary of links in emails allegedly coming from your bank, building society, insurance company, PayPal, etc. Hover your mouse over the link to see whether it is the correct bank website, etc. If the address showing in the hovered link isn't the same as the address it says it is then don't click on it. Go to your bank's website via a known good link. If you do happen to accidentally click on a suspicious link, don't panic but simply close the browser window and definitely don't enter any information in the site. This Microsoft page has some very helpful advice. We all get very blasé about phishing and think we know so much that we will never fall for a phishing attempt. Don't assume that all attempts are obvious. Watch for any site that invites you to enter ANY personal or financial information. It might be an email that says "you have won a prize" or "sign up to this website for discounts, prizes and special offers".
- Malicious Email attachments: Be very careful with email attachments. The basic rule is NEVER open any attachment to an email unless you are expecting it. Now that is very easy to say but quite hard to put into practice because we all get emails with files attached to them. Our friends and family love to send us pictures of them doing silly things or even cute pictures of the children or pets. Never just blindly click on the file in your email program. Always save the file to your downloads folder so you can check it first. Most (if not all) malicious files that are attached to emails will have a faked extension. That is the 3 letters at the end of the file name. Unfortunately, Windows hides the file extensions by default so you need to Set your folder options to "Show known file types. Then when you unzip the zip file that is supposed to contain the pictures of "Sally’s dog catching a ball" or a report in Word document format that work has sent you to finish working on over the weekend, you can easily see if it is a picture or a document and not a malicious program. If you see .EXE, .COM, .PIF or .SCR at the end of the file name DO NOT click on it or try to open it, it will infect you. While the malicious program is inside the zip file it cannot harm you or automatically run. When it is just sitting unzipped in your downloads folder it won't infect you, provided you don't click it to run it. Just delete the zip and any extracted file and everything will be OK. You can always run a scan with your antivirus to be sure.
- Smart Screen Filter: Keeping it turned on at all times will protect you and tighten security a lot. If you are using Vista or Windows 7 then Internet Explorer 9 (on Vista) and 11 (on W7) has an inbuilt smart filter that scans all websites that you visit and all web-based downloads. It will alert you and block access to known infected websites and unknown or malicious executable files that you are attempting to download. It won't block .zip or .rar files. Obviously, Smart Filter only works if you use Internet Explorer as your browser and not if you use Firefox, Chrome or another browser. If you are using Windows 8.1 or Windows 10 then you are much better protected because Smart Filter is inbuilt to Windows and scans, checks and blocks ( if needed) any file you download or open on your computer. This way it works on all browsers and any files received by email as well as web scanning. Other browsers have similar protection that should always be left turned on: Chrome has "Enable phishing and malware protection" Firefox has "Block reported web forgeries and block reported attack sites".
- Facebook, Google+, Twitter and other Social Networking sites: Don’t get carried away with what you post on these sites and remember that a lot of what you post will be public and it is rather like walking down the local High Street and shouting out to everyone in earshot everything that happened last night, your name, address and phone number and where you hide the spare keys to your front door. Never post when you are going away or that the house will be empty overnight. A lot of thieves, fraudsters and other criminals hang around and monitor social networking sites and use the information they gain from them to do lots of nasty things to you. Also remember what you post can be read by all your friends and often your boss or even a potential employer. Don't let something you wrote when you had a few drinks or you were in a silly or bad mood come back and bite you a few weeks, months or years later.
- Keep Windows and programs up to date:
- Windows Update and Internet Explorer: Go to IE > Tools > Windows Update or use Control Panel > Windows Update and install ALL Critical and Security Updates listed. It's extremely important to always keep current with the latest security fixes from Microsoft. Install ALL of those patches. Older versions of Internet Explorer are not supported or recommended and you are strongly advised to immediately update (to IE9 for Vista and IE11 for Windows 7, Windows 8 and Windows 8.1). As of January 12, 2016 there are no further security or functional updates for any version of Internet Explorer below IE11 (except IE9 on Vista only). You must update your Internet Explorer browser to the latest version immediately. Windows 8 RTM also ended support on that date and you must update to W8.1 in order to get updates and stay safe.It doesn't matter if you normally use an alternative browser such as Firefox, Safari or Google Chrome. Just having older versions of Internet Explorer, which are vulnerable to so many exploits, installed on your computer is enough to allow malware and exploits on to your computer with no action on your part. Microsoft now issues security updates on the second Tuesday of every month and non-security updates on the fourth Tuesday. Make sure you do a Windows update as soon as you can after 6:00 p.m. U.K. time or 1:00 p,m. U.S. Eastern time to get the latest updates on those days.
- Oracle Java: We do not recommend that you have Java installed at all unless you absolutely need it. The amount of malware infections that occur due to Java vulnerabilities is so high nowadays. The vast majority of users get by very well without Java but IF you do need it then: Oracle Java gets updated frequently so make sure you update it regularly and uninstall any previous versions once you have done so.
NOTE: the Java updater does not always remove the previous vulnerable versions.
Please follow these steps to remove components of older versions of Java and to update:
- Download the latest version of Java Runtime Environment (JRE)
- Scroll down to where it says "Java Platform, Standard Edition"
- Look in the right-hand box that says "JRE" and click the BLUE "Download" button
- That takes you to the list of the latest Java SE Runtime Environment downloads with selections for every type of operating system
- Check the box that says: "Accept License Agreement"
- Click on the link to download the appropriate Windows Offline Installation and save it to your desktop
- Close any programs you may have running - especially your web browser
- Go to Start > Control Panel and click on "Programs and Features" (or double-click on Add or Remove Programs if you're running an older version of Windows) and remove all older versions of Java. Double-click any item with Java Runtime Environment (JRE or J2SE) in the name and reply "Yes" to confirm that you want to remove it (or click the Remove or Change/Remove button in older versions of Windows). Repeat as many times as necessary to remove each Java version
- Reboot your computer once all Java components are removed
- Then, from your desktop, double-click on the download to install the newest version
- However, the much easier and less confusing way is to go to www.java.com and press the red "Free Java Download" button
- Adobe Flash Player, Acrobat Reader etc.: Keep Adobe Reader and Flash Player updated. One of the most common avenues of infection is outdated and vulnerable versions of these two products. If you are using Windows 8.1 and Windows 10 then Flash is inbuilt and will automatically update for Internet Explorer. You will still need to use the Flash updater to keep Firefox updated but Chrome automatically updates Flash. Check whether you have the latest version of Flash Player here. Set your PDF reader to open all PDF files in the PDF reader itself and not in your browser for safety reasons.
- Always use a Standard or Limited user account for day-to-day computer usage, especially for Internet use: This applies mostly to Windows 7, Windows 8.1 and Windows 10 or Vista because many programs running on XP don't work properly unless you're using an Administrator account but try and see if you can work on a Limited user account on XP. On W7 and Vista set the UAC to the highest level and always set a password on the Administrator account. On Windows 8.1 or W10 only have the UAC set on the middle level. When a program or person tries to alter settings or add something new then you get an alert and you cannot continue until you either allow it by typing the Administrator password or refuse it by pressing NO. This ONE thing will stop 99.9% of malware and unwanted programs from installing.
- Internet Options - ActiveX Controls and Plug-ins: Go to Internet Options/Security/Internet and press "Default Level" then OK. Now press "Custom Level". Set the following options as described here: Setting the Internet Zone for Additional Security. Sites that you know for sure are above suspicion like online banking and other secure sites only can be moved to the Trusted Zone under Internet Options/Security.
Never put sites like Facebook, Twitter, Myspace, MSN or any other similar type of social networking site in the Trusted Sites zone.
Q. So why is ActiveX so dangerous that you have to increase the security for it?
A. When your browser runs an ActiveX Control it is running an executable program. It's no different from double-clicking an exe file on your hard drive. Would you run just any random file downloaded from a web site without knowing what it is and what it does?
- Scan at Secunia for outdated and vulnerable common applications on your computer and follow their advice and links to update them.
- EMET: It is highly recommended that you install Microsoft's EMET Enhanced Mitigation Experience Toolkit 5.5 (released January 29, 2016) which proactively protects you against the majority of 0-Day-Exploits in Windows and other common software. Read all about EMET and how it can help to keep you safer from exploits before Microsoft or other developers can update their software. EMET 5.2 was the previous stable release (March 2015). These versions 5.2 and 5.5 have a lot of improvements in protection capabilities over the previous EMET 4.1 and EMET 5.1.
- Install a good Antivirus and firewall: We recommend Kaspersky or Eset Smart Security for a paid for antivirus and for a free one: Microsoft Security Essentials (for Windows 7 or Vista only). Windows 8.1 and Windows 10 have inbuilt protection called Windows Defender.
Always make sure your Antivirus and Firewall are switched on and kept updated and do not allow unknown programs or processes to access the Internet or your computer, always block them and ask for advice.
- Install a good Antispyware with real-time protection: We recommend two programs as having good real-time protection as well as good cleaning capabilities: SUPERAntiSpyware or MalwareBytes Anti-Malware.
- Backup, Backup and Backup: In the event of you being infected or becoming a victim of a bad or failed program or Windows update, the best, easiest , safest and quickest way to recover is to have a complete current image backup. You can choose any means and medium of backup to suit your need ranging from USB Drives to Cloud Storage, External Hard disk drives to NAS, select the one which comes with a backup utility built in so you can schedule the back-up timings as per your need.
- Passwords: If you have been infected then be aware that almost all modern malware/spyware is designed to steal your private information. That includes all passwords, log ins to forums and other websites and, most of all, your bank, credit card or PayPal details. It is vital that after you have been cleaned up you change all your passwords and on many occasions it is necessary to get in touch with your bank or other financial institution to inform them that your details may (probably have) been stolen.
One of the easiest ways to protect yourself and tighten security is to Never, EVER use the same password on different sites. Always use a different password for each site you log in to. Don't use simple passwords like your name or your husband/wife/boyfriend/girlfriend/dog or cat’s name. Always use a strong password with a mixture of letters and numbers and different characters. Passwords like Jenny, Rover, 12345, 54321, password, login or similar words are absolutely useless. You need something like J3nnY~P@$$4B@nk to prevent them from being guessed.
You can also use application such as ROBOFORM or LastPass to store and create safe, secure passwords.
And make sure your Antivirus and Firewall is switched on and kept updated and do not allow unknown programs or processes to access the net or your computer, always block and ask for advice
If you have followed the advice in this article then you will have learnt how to protect yourself and tighten security and hopefully be less likely to get infected in the future