Avoid malware

Scam artists try to trick people into clicking on links that will download malware and spyware to their computers, especially computers that don't use adequate security software. To reduce your risk of downloading unwanted malware and spyware:

  • Keep your security software updated. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
  • Don't click on any links or open any attachments in emails unless you know who sent it and what it is. Clicking on links and opening attachments – even in emails that seem to be from friends or family – can install malware on your computer.
  • Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
  • Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum.
  • Use a pop-up blocker and don't click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
  • Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
  • Back up your data regularly. Whether it's text files or photos that are important to you, back up any data that you'd want to keep in case your computer crashes.

Detect Malware

Monitor your computer for unusual behavior. Your computer may be infected with malware if it:

  • slows down, crashes, or displays repeated error messages
  • won't shut down or restart
  • serves up a barrage of pop-ups
  • displays web pages you didn't intend to visit, or sends emails you didn't write
Other warning signs of malware include:

  • new and unexpected toolbars
  • new and unexpected icons in your shortcuts or on your desktop
  • a sudden or repeated change in your computer's internet home page
  • a laptop battery that drains more quickly than it should

To prevent malware running

Application whitelisting
A whitelist only allows selected software applications to run on computers.  All other software applications are stopped, including malware.

Patch applications
A patch fixes security vulnerabilities in software applications.  Adversaries will use known security vulnerabilities to target computers.

Disable untrusted Microsoft Office macros
Microsoft Office applications can use software known as 'macros' to automate routine tasks.  Macros are increasingly being used to enable the download of malware. Adversaries can then access sensitive information, so macros should be secured or disabled.

User application hardening
Block web browser access to Adobe Flash Player (uninstall if possible), web ads and untrusted Java code on the Internet.  Flash, Java and web ads have long been popular ways to deliver malware to infect computers.

Limit the extent of incidents and recover data

Restrict administrative privilege
Only use administrator privileges for managing systems, installing legitimate software and applying software patches. These should be restricted to only those that need them.  Admin accounts are the 'keys to the kingdom', adversaries use these accounts for full access to information and systems.

Patch operating systems
A patch fixes security vulnerabilities in operating systems.  Adversaries will use known security vulnerabilities to target computers.

Multi-factor authentication
This is when a user is only granted access after successfully presenting multiple, separate pieces of evidence. Typically something you know, like a passphrase; something you have, like a physical token; and/or something you are, like biometric data.  Having multiple levels of authentication makes it a lot harder for adversaries to access your information.

Daily backup of important data
Regularly back up all data and store it securely offline.   That way you can access data again if it suffers a cyber security incident.

Get Rid of Malware

If you suspect there is malware is on your computer, take these steps:

  • Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
  • Update your security software, and then run it to scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
  • If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
  • Many companies – including some affiliated with retail stores – offer tech support on the phone, online, at their store, and in your home. Decide which is most convenient for you. Telephone and online help generally are the least expensive, but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a repair person to come into your home.
  • Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do differently to avoid it in the future.