Learning > Tech

The ABCs of fighting malware

Here are seven tips, from assuming every website is suspect to checking for scams

Image
Raju Chellam on 21 Oct 2020

The Straits Times

Share

Facebook Email


This week, Ishare my experience of a malware attack and what you can do to fight it.

 

Malware stands for malicious software, designed to cause damage to a computer, server or computer network and, by extension, individual users or organisations.

 

Malware types include computer viruses, worms, ransomware, spyware, adware and rogue software. Software that causes damage unintentionally - due to programming or other errors - is a bug, not malware.

 

A few days ago, I was browsing - in incognito mode - reports on how to deal with bias and ethical issues in artificial-intelligence algorithms. A Google search threw up 4.5 million results, including reports from consulting companies, major multinational corporations and academic institutions.

 

I looked through many of them, downloaded a few documents (in PDF format) and some charts (in JPG format).

 

The browser also showed me a few advertisements, which I ignored, and a set of questions under a chart with four rows titled "People also ask". I clicked on a couple of them, which led me to a website with embedded ads, which I also ignored.

 

After a while, I closed the browser and shut down my laptop.

 

When I turned it on a few hours later, it took a while to boot up, which was a red flag. Once it did, the screen scrolled through dozens of error messages in quick succession - then froze.

 

I knew I had become a victim of a malware attack. I rebooted the laptop in "safe mode" and plugged in my bootable USB drive to get the computer to restart. It did not work.

 

I had no choice but to reformat the hard disk, thereby losing all the data I had not backed up.

 

An unknown malware had corrupted my computer's "boot sequence" beyond repair.

 

What was the culprit? The websites I visited? The materials I downloaded? The ads with embedded malicious code in them?

 

I don't know - it could be any of them or none at all. The problem could have been caused by even websites I visited a week ago, or an e-mail attachment I opened the day before.

 

That's how insidious malware is today - you won't know where it originates and how it goes about damaging your computer.

 

Online scams led to more than 10,000 people in Singapore losing a whopping $157 million between January and August - compared with 5,230 people losing $92 million in the same period last year.

 

Note that not all online scams are malware-related. They also include e-commerce scams (you don't receive goods you paid for), loan scams (you pay a deposit for a loan that never materialises) and impersonation scams (fraudsters impersonate your friend/family member and try to siphon your money).

 

How can you protect yourself against malware? Here are seven tips - in alphabetical order - to keep in mind:

 

1 ASSUME

 

Assume all people and websites are suspect unless proven otherwise. Keep your anti-virus, anti-spam, anti-spyware and anti-malware files current and updated.

 

Be aware that you will never stop getting spam, some of which may contain scams or embedded malware.

 

2 BACK UP

 

Regularly back up your data on two USB drives - ideally once daily or twice weekly at least.

 

If you have vast amounts of videos and photos, back them up on Microsoft OneDrive, Google Drive or Dropbox. If you want software that encrypts your backed-up files, check out www.arqbackup.com

 

3 CREATE

 

You can create a recovery point and/or a recovery drive on Windows 10. You do a recovery point to roll back to an uninfected version of your operating system, and a recovery drive to create a bootable CD or thumb drive (the minimum storage required is 16GB).

 

Note that this will wipe out your data and applications, so you may need to restore your apps and data from your backed-up storage.

 

If these measures don't work, you have to reformat your drive and reinstall everything.

 

4 DOWNLOAD

 

Download software, especially games and apps, from only reliable sites. On your smartphone, download apps from only the Google Play Store or Apple App Store. Microsoft Defender is an anti-malware component of Windows.

 

On Windows PCs, ensure Defender auto-updates and scans all files on your PC regularly. Defend your virtual self as you would your physical self.

 

5 ENGAGE

 

Engage your family and close friends on social media, but colleagues and business contacts on LinkedIn, Slack or other professional platforms.

 

Mixing the two is not recommended. Keep your personal life separate from your professional one - on separate laptops. Keep your colleagues close, but keep your family and friends closer.

 

6 FACTOR

 

Use multi-factor authentication where possible, including for Gmail. Two-factor authentication (2FA) is now widely used by government agencies and banks and provides an extra layer of security that is hard for attackers to crack.

 

Also, factor in special characters (@,#,$,%,&,*,!) in your password. Don't reuse passwords. Don't use the same password for multiple accounts. Every character you add to your password makes it more difficult for hackers to crack.

 

7 GOVERNMENT

 

If you suspect you are a victim of a scam, go to www.scamalert.sg to check for stories that match your circumstances.

 

"When you know how to spot scams, you know how to protect yourself," states the Scam Alert website, where you can also learn about different types of scams, the tactics used and what you should do when you have been targeted.

 

Raju Chellam is the author of Organ Gold, published by the Straits Times Press, on the illegal trade in human organs on the Dark Web.


Source: The Straits Times © Singapore Press Holdings Limited. Reproduced with permission.
 

 

The views, material and information presented by any third party are strictly the views of such third party. Without prejudice to any third party content or materials whatsoever are provided for information purposes and convenience only. Council For The Third Age shall not be responsible or liable for any loss or damage whatsoever arising directly or indirectly howsoever in connection with or as a result of any person accessing or acting on any information contained in such content or materials. The presentation of such information by third parties on this Council For The Third Age website does not imply and shall not be construed as any representation, warranty, endorsement or verification by Council For The Third Age in respect of such content or materials.