Scam artists try to trick people into clicking on links that will download malware and spyware to their computers, especially computers that don't use adequate security software. To reduce your risk of downloading unwanted malware and spyware:
- Keep your security software updated. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
- Don't click on any links or open any attachments in emails unless you know who sent it and what it is. Clicking on links and opening attachments – even in emails that seem to be from friends or family – can install malware on your computer.
- Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
- Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum.
- Use a pop-up blocker and don't click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
- Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
- Back up your data regularly. Whether it's text files or photos that are important to you, back up any data that you'd want to keep in case your computer crashes.
Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
- slows down, crashes, or displays repeated error messages
- won't shut down or restart
- serves up a barrage of pop-ups
- displays web pages you didn't intend to visit, or sends emails you didn't write
Other warning signs of malware include:
- new and unexpected toolbars
- new and unexpected icons in your shortcuts or on your desktop
- a sudden or repeated change in your computer's internet home page
- a laptop battery that drains more quickly than it should
To prevent malware running
- Application whitelisting - A whitelist only allows selected software applications to run on computers. All other software applications are stopped, including malware.
- Patch applications - A patch fixes security vulnerabilities in software applications. Adversaries will use known security vulnerabilities to target computers.
- Disable untrusted Microsoft Office macros - Microsoft Office applications can use software known as 'macros' to automate routine tasks. Macros are increasingly being used to enable the download of malware. Adversaries can then access sensitive information, so macros should be secured or disabled.
- User application hardening - Block web browser access to Adobe Flash Player (uninstall if possible), web ads and untrusted Java code on the Internet. Flash, Java and web ads have long been popular ways to deliver malware to infect computers.
Limit the extent of incidents and recover data
Restrict administrative privilege
Only use administrator privileges for managing systems, installing legitimate software and applying software patches. These should be restricted to only those that need them. Admin accounts are the 'keys to the kingdom', adversaries use these accounts for full access to information and systems.
Patch operating systems
A patch fixes security vulnerabilities in operating systems. Adversaries will use known security vulnerabilities to target computers.
This is when a user is only granted access after successfully presenting multiple, separate pieces of evidence. Typically something you know, like a passphrase; something you have, like a physical token; and/or something you are, like biometric data. Having multiple levels of authentication makes it a lot harder for adversaries to access your information.
Daily backup of important data
Regularly back up all data and store it securely offline. That way you can access data again if it suffers a cyber security incident.
Get Rid of Malware
If you suspect there is malware is on your computer, take these steps:
- Stop shopping, banking, and doing other things online that involve usernames, passwords, or other sensitive information — until you get your device cleared of any malware.
- Check to see if you have security software on your device — if not, download it. Find recommendations from independent review sites by doing a search online. Also ask friends and family for recommendations. Some software that claims to be security software to protect you from malware is malware, so it’s important to do your research.
- If you have security software, make sure your software is up to date. Check that all software — the operating system, security software, apps, and more — is up to date. Consider turning on automatic updates so your software always stays up to date.
- Run your security software to scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect. Run your scan again to make sure everything is clear. If the scan shows there are no more issues, you’ve likely removed the malware.
- If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem. Many companies – including some affiliated with retail stores – offer tech support on the phone, online, at their store, and in your home. Decide which is most convenient for you. Telephone and online help generally are the least expensive, but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a repair person to come into your home.
Additional steps to take if you still have malware on your device:
- Recover your operating system. To find out how to recover your operating system (like Windows or Mac OS), visit your device manufacturer’s website. Recovering your system typically means you’ll get back a lot of the data stored on the device, so it’s a good alternative to reinstalling your operating system. That is, if it clears the malware problem. After recovering your operating system, you’ll want to ensure that you’ve removed the malware.
- Reinstall your operating system. To find out how to reinstall your operating system (like Windows or Mac OS), visit your device manufacturer’s website. Reinstalling your system is the safest way to clean an infected device, but you’ll lose all of the data stored on the device that you haven’t backed up.
How Malware Gets on Your Device
Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do differently to avoid it in the future. Criminals work to get malware on your devices so they can steal personal information, like your usernames and passwords, bank account numbers, or Social Security number. They use this information to commit identity theft. If you think someone may have stolen your information or identity, visit IdentityTheft.gov
Malware can get onto your device when you open or download attachments or files, or visit a scammy website. Your device might get infected with malware through:
- downloading free stuff like illegal downloads of popular movies, TV shows, or games
- downloading content available on file-sharing sites
- downloading files on removable storage like external hard drives or thumb drives
- clicking links in fake security pop-ups sent to your computer by tech support scammers
- clicking on ads placed by scammers on websites you visit
- phishing emails that trick you into clicking on a link or opening an attachment