subscribe: Daily Newsletter

 

Antivirus solutions must be genuine

0 comments
Cyber-crime has become a global epidemic, affecting Internet users the world over and increasingly in Africa as connectivity on the continent becomes more available and affordable. While there are many benefits to being online, there can also be pitfalls in the form of cyber-threats, and Internet users need to know how to protect themselves, their computers and their personal information from harm.
Ensuring that an antivirus and protection solution is genuine is the first step users must take to prevent themselves from falling victim to the attentions of cyber-criminals, writes Fred Mitchell, security business unit manager at Drive Control Corporation.
Online banking and shopping, social media and applications are all becoming ever more accessible to the African market. However, as more users on the continent get connected and join the online community, they are becoming attractive targets for cyber-criminals.
The efforts of these criminals is increasingly being focussed on harvesting personal information such as e-mail addresses and passwords, user names and log-in details for Web sites, and even banking and credit card information. This data is then sold by the hackers to the cyber-crime underworld, where the information is used to steal identities and money.
While cyber-crime, identity and data theft are not new phenomena, the methods used to gain access to this information are constantly evolving as criminals attempt to find ways around people’s defences and security solutions. Since the explosion of social media there has been a rise in cyber-criminals using social engineering techniques to get users to reveal personal or financial information.
Social engineering is also increasingly being used to trick users into installing fake antivirus, known as or rogueware, taking advantage of a growing awareness of the need for security alongside a market that is unaware of which products are genuine and where the dangers lie with rogueware.
For example, Internet users may be presented with a pop-up window claiming that their PC is infected. They are then deceived into installing a software program that appears to be a genuine antivirus application.
Because the user has ultimately made the decision to run the program, traditional antivirus techniques may be less effective at blocking these types of threat. It is important for users to be aware of this threat and arm themselves with a genuine solution that includes both cloud-based reputation analysis and disk-based behavioural detection.
These tools will help counter new cyber-crime techniques and ensure users are protected against the very latest, new and unknown threats. Education is also key in ensuring that Internet novices in emerging markets such as Africa are aware of the benefits, but also the potential pitfalls of going online.
Employing a multi-layered approach is critical because cyber-criminals employ a variety of different tactics. These include spyware, viruses, e-mail phishing attacks, drive-by downloads and Web exploits as well as fake antivirus and online scams.
Security and protection suites should incorporate antivirus signature databases to detect and block known threats, as well as the cloud to analyse and determine multiple new threats. For those threats which are brand new, also known as zero-day threats, advanced protection is required.
Behavioural protection watches and analyses the actions of a particular file and then blocks and rolls-back any actions it has taken once it can be determined that the file is a threat.
Cyber-criminals constantly change their methods of attack, but there is always the possibility that they may use old and existing methods of attack. This requires the standard protection devices such as antivirus, antispam, firewalls and so on along with the sophisticated new tools available.
Protecting users from attacks in this multitude of guises requires different layers and types of protection to ensure that the most effective protection is deployed to counter specific types of attack.
When it comes to protecting users from cyber-threats, there are three key rules to stick by. Firstly, make sure users are using genuine software on their computer. The operating system must be authentic, as should all other applications, and these must be kept up to date.
Secondly, users need to have some form of genuine, comprehensive security application installed. This means antivirus and antispyware, a firewall, and Web protection from a reputable software developer. Generally anything that can be download for free off the Internet is not going to provide adequate protection, and in the case of rogueware will actually cause harm.
Finally, it is up to every Internet user to educate themselves of the dangers and to remain vigilant to threats. The Internet can be a fantastic resource if users use common sense. Be aware of the common ways cyber-criminals will try and steal user information. Don’t click on links that ask for personal information, that request a username and password, or that claim to need banking information or PIN numbers.
Don’t click on links or open attachments in e-mails from people that are unknown or untrustworthy.
Remember, as a general rule of thumb, if users are offered anything, from a prize to cash to a job, and it seems too good to be true, it probably is.