Recently I have been seeing a higher than usual number of virus infected machines. These rogue spyware/malware Trojans that disguise themselves as security messages or attach themselves to downloads seem to be increasing. The worst among these, to me, are the ones that appear to be legitimate antispyware messages. They announce you are "infected already" and want you to "click to agree" to be scanned immediately or purchase some instant cure. Some of the most common names of late are Internet Security 2010 or XP Security 2010, or Antivirus Soft. You may have heard them referred to as scareware or ransomware.
Rogue Security Software: (From Wikipedia, the free encyclopedia): is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. More..
It got me wondering if we do enough to train and protect our staff against these threats. As more companies accept social media as a means of networking and marketing, the lines between "work related internet" and "personal surfing" are suddenly gray. Recently, One of my southern California properties emailed me to see if there was a way to "stop the ads from our antivirus program from popping up" on her computer. Right away I knew there was a problem since we use an enterprise version of antivirus that doesn't expire. After almost an entire day on remote support I finally was able to save it without having her send the machine to the office but it sure wasn't what I planned on spending my 8 hours on that day. Although the data may be saved, the time spent trying to clean them up is a hassle for everyone. Sure, your IT person is probably going to be really irritated but the employee who got the virus isn't going to be looking forward to the downtime either. You think they sat back and said..."hey, I think I'll catch a virus today"? I think if we educate them better on what to watch out for maybe we can avoid these costly nuisances.
Here's a few of my tips to avoid becoming infected:
- Watch out for Fake Anti-Virus Pop-up windows: Expect to get hit. I mean, if you are going to be on Facebook or MySpace it's only a matter of time before you see something pop up. If you are expecting it, you are less likely to panic and let it in the front door. Remember the more clever ones aren't something your antivirus software couldn't stop but is attached to something you agree to whether it's an intentional download or a bogus security message.
- Don't download unless you are 100% sure. If you have even the slightest doubt about the origin of any file (and I advise a high level of suspicion) then just don't download it.
- Recognize and know your own Antivirus Software: If you know your company uses Mcafee and this infection message says XP Security or any other names, assume it's a fraud.
- Call your IT support: If it's during regular business hours and your IT staff is available then just stop, leaving the window(s) open, call and let them handle it. It's what they get paid to do.
- Ignore message/close browser: If you can, simply ignore the message and close out your browser and then the pop-up using the X in the upper right corner. Do NOT use accept or Cancel buttons as either one of these options will probably get you infected.
- Shut down your machine from START: If you can, click on the start button and choose to shut down. If the pop-up will not close but you have not agreed or cancelled infection might possibly still be avoided but shutting down and then re-starting your machine.
- Hard Shut Down: If none of the previous options are working then simply hold in the power button on the machine until it turns off. Ideally not the best way to shut down your machine but might still keep you from being infected.
All of these suggestions should be followed up with updates and a full machine scan. Even if you think you dodged a bullet it's a good idea to run the full scan. Good luck!