My roommate had malware on his laptop. How can I avoid this online?
Your question is not only relevant to students, it is applicable to anyone that uses a computer on the internet. The threats that you encounter online are ever changing, and evolving into smarter ways to trick you. There are a number of critical lessons to learn if you want to stay safe.
Malware, or malicious software, is a general term that covers a whole range of intrusive computer programs such as viruses, worms, spyware, adware, ransomware and Trojans. It functions against the will of the user and computer and is used to extract personal or financial information, disrupt operations, destroy data, or monitor your browsing habits and spy on you.
The ultimate goal of those disseminating malware is usually financial gain. This can be achieved by stealing your identity, copying your logins and passwords, or demanding a ransom to regain control of your computer.
What can be done to avoid getting this on your computer? First, you should make sure your own software is up-to-date. Operating systems need to be updated and patched often, as do web browsers, to fix vulnerabilities. If using dated software, chances are it will have security holes that can be exploited by malicious scripts and hackers. It is unlikely you will be targeted personally, but there are automated software programs looking to exploit your computer.
Social engineering is the primary method of incursion for malware, so chances are your roommate clicked on a link to get infected. This technique targets the weakest link in the chain – which is you. Most threats to a computer enter the system via a malicious link or email attachment that you have clicked. Be very careful how you use email as it is a primary avenue for attack.
Phishing refers to the mass spreading of fake emails that look genuine. They appear to be from legitimate sources such as banks, airlines, businesses, and even your friends sometimes. The danger lies in the link that you are encouraged to click, since it will take you to a fraudulent website that will either automatically install malware or ask you to enter personal information. Do neither unless you are 100% sure what you are clicking. The same rules apply to email attachments, do not open them unless you know their source.
Many online users believe a website listed in Google is inherently safe. Google does aggressively work to bar malicious sites but it cannot guarantee protection. A technique called spamdexing is the deliberate manipulation of search engine optimization to trick Google into listing a site, where you or another user click on it.
Social media is another hotbed of malware distribution. Simply by its nature, people are clicking away on things that come up in their timeline. Facebook for example is loaded with clickbait, spam, and malicious posts which could, if clicked, land you with an infected computer. Do not blindly click everything you see on social media.
Using good anti-virus software and malware scanners are strongly recommended. And do not think you are immune using an Apple, all systems have weaknesses. We know that humans are the weak link in the digital security chain, so using strong passwords and being more vigilant with what you click will go a long way in keeping malware at bay.
Getting information off the Internet is like taking a drink from a fire hydrant… Mitchell Kapor.
Written by Martin J. Young, former correspondent of Asia Times.
