Malware attacks and other risks to safety have been a perennial issue since the advent of the digital age. Cybercriminals’ persistence over the years to infiltrate networks, manipulate weaknesses, and cause malicious activity continue to push the cybersecurity industry to be a step ahead.
For instance, the Gustuff is a newly-exposed malware this year that breaks into banking and cryptocurrency apps automatically. Once it is installed, cybercriminals can begin to steal funds from unsuspecting victims. It can also spread to the victim’s contacts, sending automatic smishing texts to trick victims into clicking links with the message.
And despite the warnings and information going out against malware attacks, it seems like mobile security breach is still rampant. Just recently, Just a software development group called NSO Group, maker of surveillance software exploited the vulnerabilities in iOS 9.3.5.
It reportedly used those vulnerabilities to access text messages, e-mails, record audio, gather passwords and conduct call tracking and geo-mapping of users without their knowledge. Apple quickly released a security fix, but by then, some users were already victimized by the malware attack. There was an article in the New York Times about this issue and it can be read here.
Another recent instance of a malware attack exposed 1.4 billion Android users to hijacking attacks. A Linux bug within Android 4.4 and all future versions allowed cybercriminals to terminate connections and even inject malicious code or content into users’ communications for connections that were not encrypted.
Google became aware of the situation and took appropriate actions. There was an article about this in ARS Technica which can be read here.
What are the ways that users can avoid malware attacks on their devices? Here are ten ways for better cybersecurity against malware attacks that even average should follow.
Hackers are resilient and patient. They work hard to find more clever and discreet ways to inject malware attacks intercept. Users must keep their devices in top shape, security-wise.
It would be best not to avoid security updates when you get notifications from your software and operating system. It may be cumbersome, but several layers of protection are better than having holes in your security system.
These updates provide extra features, security patches for the most recent attacks, and cover vulnerabilities that may compromise the user’s program or even their entire device.
Public WiFi is wireless fidelity. It used to be a treat for smartphone and laptop users who need free internet access while in the mall or their favorite business establishment. But the free WiFi access that was meant to be a benefit to users became a channel for malware attacks.
Public WiFi is now synonymous with insecure servers and bad connections. Aside from this, the significant number of people on public WiFi makes the connections slow that you can hardly do anything on your device while online.
Public WiFi hotspots are cybercriminal’s favorite places to hack. Hackers can peek at what you are doing online with the right drive-by hacking tools. Hackers can intercept e-mails, crack user’s log-in details on their e-mails or social media, and harvest financial data and other sensitive information.
If you have a serious need for WiFi and you have no other choice but to log-in using a public connection, keep your device secure by using a VPN (Virtual Private Network) and only logging in SSL connections. Also, avoid sending e-mails, sharing files, or downloading files.
After you are done using a public access WiFi, remove the network from your device by clicking “forget.” It prevents your device from automatically logging into that network without your consent. While you are at it, disable automatic WiFi connections with any other network apart from your private access network, or trusted ones like in your workplace.
It is why you need to have provision for data connection in case you do need to send or receive some files while on the go. Using data connectivity or enabling mobile hotspot for your laptop or other devices is much safer than using public WiFi.
You can also use third-party security software to better fight off malicious attacks on your device. Use one that can give you total protection for various systems and multiple devices.
Kaspersky elaborates how Public WiFi works in this video below:
WiFi security is crucial to prevent malware attacks. A firewall barricades your device or computer from the internet and effectively shuts computer ports that deter connectivity to the device.
Although you can shut ports manually, having it shut automatically can help you better protect yourself from threats. The firewall will only open ports as required to trusted applications and external devices.
This barrier also stops threats from entering the user’s system and its devices. It also deters cybercriminals from stealing data from the user’s device.
Operating systems usually come with a built-in firewall. Check your device’s settings to check or to enable it.
Add another It malware prevention layer by installing an added firewall. Free firewall systems are available for users, like Comodo and TinyWall. You can also install antivirus software that comes with a built-in firewall as well. There are several paid and free internet security antivirus software that you can choose from.
Junk e-mail is a favorite strategy among cyber thieves. Through junk e-mail, they can send suspicious links, prompts for a password, and attachments that are fake and malicious. All these can expose a user’s device to different kinds of threats and attacks.
It is why you should never open spam e-mails. They are the source of phishing scams that cyber criminals still use as one of their go-to attacks. It is best to be extra cautious rather than not.
Some of the biggest cyberattacks of our generation came through unseemingly harmless e-mails that came from trusted contacts. It is what cybercriminals want.
Also, avoid divulging bank or credit information via e-mail. Your bank company and credit card company will never get your details this way. Do not supply personally sensitive information via e-mail as well.
So, before opening a suspicious-looking e-mail, expand the sender’s address. Check if it matches the first name and last name of the sender. Users can also hover the mouse over the link that the sender is recommending you to click.
Doing this allows users to preview if the link is legitimate of the company or organization that the sender mentioned they come from, whether it is a bank, credit card company, and the like.
If you get victimized by a phishing e-mail, you need to know what to do in case your device or system gets hacked.
Use two-factor authentication (2FA) for your accounts, devices, and websites. It adds another layer of malware of protection because users need to get a temporary code via a user-registered phone or e-mail to access their account.
If users turn this feature on, two-step verification will be required every time log-in happens from a new device, or when the system detects fraud. You can also make it as a permanent feature for all your log-ins. It may be cumbersome not to be able to log-in instantly, but you stay protected even more, and that is invaluable.
Learn more about 2FA in this video below by TechQuickie:
There are currently more than 4.8 billion internet users worldwide. That is a 62% penetration of the global population. However, the number of reported malware attacks had declined from 2016. A recent cyber threat report compared that in 2019, there were 9.9 million malware attacks compared to 10.5 million in 2018.
Every single day, more than 350,000 new malware or malicious programs are detected and considered as PUA (Potentially Unwanted Applications). It is alarming, and to not install any protection at all is unwise.
Spyware software is also needed to prevent this specific kind of malware that infects computers secretly. It discreetly gathers data and sends that data to third parties that conduct identity theft, financial fraud, and other types of cybercrime. Adwares and Trojans and system monitors like keyloggers usually deliver the spyware.
If you are using the internet, whether you like it or not, you are exposed to trojans, crypto miners, ransomware, and other malware threats. Installing an antivirus and antispyware software is critical. For instance, Bitdefender gives all-in-one protection and is a security software trusted by experts.
Make sure you use complicated passwords with a combination of alphanumeric and unique characters. Have different passwords for your e-mail, your banking transactions as well, and regularly update them.
You can use password generators with password management to help you keep track of your passwords safely. Keeper and LastPass are trusted password managers you can try.
Include two-step verification or biometric verification on your mobile device to add more protection. A primary defense line here is to have a good computer password to make it harder for cyberthieves to access your gadget and network.
Hackers can also gain access to user’s devices by modifying the code of well-known apps, masking malignant strings within that contain all sorts of viruses, trojan attacks, and malware.
Users must download applications from original stores to minimize the risk of downloading malware-loaded apps. Gaming apps are known to contain such attacks, so better be careful when downloading apps outside of the AppStore or Playstore, and official app stores you may be using.
Single APKs may be easy to install, even in manual mode, but as much as possible, do not take the bait. It is what hackers are banking on, that you will think it is okay to download independent apps.
Hackers fill the web with fake apps or even fake premium versions of well-known apps to lure unsuspecting victims. Once they are in a user’s device, they are now free to conduct their malicious and destructive activities, until they are discovered.
It is not worth the risk. Official app stores have set layers of protection on their end as well, although not fool-proof. It creates a more challenging environment for hackers to infiltrate with malware attacks.
Your data is worth protecting. To make sure it stays protected from malware attacks, encrypt your data. Encrypted data requires more effort and resources to decrypt and hack, which can sometimes deter hackers at the onset. The ROI that hackers get from decoding your data may not even be worth the trouble.
You can encrypt your online accounts and traffic, all communication, and file storage. To encrypt your entire disk, there are tools like BitLocker and VeraCrypt.
Do not forget to use a VPN (Virtual Private Network) so you can “hide” and encrypt all your data, especially those that you send in and through your network. It includes all confidential information like banking details and other personal identification data.
A VPN helps you amp up your security, especially when you are browsing online, and also when you use unsecured networks. It comes especially crucial when you are traveling so that you do not become vulnerable to malware attacks that unprotected travelers usually go through, like data breach and identity theft.
A VPN masks your IP by using a different one so that your ISP will be prevented from monitoring your activity. Users can also choose the location of their IP server depending on their needs, so they continue to get the fastest possible internet speeds and unblock geo-locked websites or content. If you are in a country with internet access restrictions, you can continue browsing freely and securely with a VPN.
While nothing is ever fully secure, the steps above will provide ample protection to safeguard user’s data and your device. Being proactive about your cybersecurity should be commonplace in this digital day and age besieged by cyber attacks.
Securing the computers and meeting security protocols can be challenging, but a good offense is the best defense. So, if you have not done it yet, secure yourself and your devices with the best malware protection now.