Malware is spread using different methods including:

• Free software offers

• File sharing

• Torrent (sharing music or movie files through a service)

• Malicious files and mobile apps

• Removable media (like thumb drives, external drives and discs)

• Phishing emails

Smartphones: Your smartphones are not immune to malware.  

• Some apps may send premium text messages running up charges.  They may also enroll your smartphone in a malicious “bot” network, which uses cellular data.

• In the wrong hands, your cellphone can get infected with malware which can steal money and credit card information, view and contact your contacts and photos, track your location, read your text messages, save your passwords, send texts in your name and more.

• You can also get malware from clicking on a link in your text

• Unsolicited calls may also result in malware (or other security problems).  Watch for people claiming to be government, utilities or tech firms.  Charities can be scam as well as calls pitching for products or services too good to be true.  Suspect any offers for free product trials, cash prizes, cheap travel, medical devices, preapproved loans, debt reduction and more. 

Social networks are also vulnerable.  

By merely receiving a notice in messenger that a friend has mentioned you, you click on it. You are taken outside Facebook to download malware.  Attacker adds the post to your timeline so others can click on it.  Malware takes over (hijacks) your browser, which is disguised to look like the real one.  The attacker captures traffic and hijacks accounts.  In the background, others scripts download which protect the malicious code from analysis and makes it invisible to antivirus software.  Attackers now own the Facebook account (and anything associated with the hijacked browser (Google drive, Microsoft One Note).

Malicious email:  

If malware is software that performs unwanted tasks, email is the vehicle that delivers it to your device. Emails can be harmful to your computer, causing you to click on sites that can leave malware on your system, or trick you into providing some personal information.  You may find yourself in an Email scam by responding to a questionable email.  Some of these include the old-fashioned fraud emails (business opportunities, health and diet, cable descrambler kits), discount software, advance fee fraud (like the Nigerian Prince), Phishing email (looking for information) or Trojan Horse emails (entice you into installing software, then turning on you).  

Malicious email attachments:  

According to a 2017 Verizon report, 66% of malware was installed via a Malicious Email attachment.  With a malicious email attachment, the attacker will fool the user into downloading malware or other things which can include invoice fraud.  Downloading the attachment alone can release the malware and do damage.

Malicious attachments that look like legitimate file attachments, usually an invoice, software update, or other file that seems urgent in nature. These attachments can infect your device with malware that can spread to other systems. Some attachments will take you to a website which asks you to enter your credentials to access the file. However, the file is bogus, and your credentials are now in the hands of the attacker.

Websites:  

Sometimes a fairly innocuous site may contain links to sites which are not to be trusted.  One way is through clickbait.  Clickbait is when you see a headline on a website, but you can’t reveal the answer until you click on it.  Clicking on the image will not give you malware, but it will send you to yet another web page, which may contain additional links which are not reputable.  Clickbait is attractive because we don’t like ambiguity, and we find it difficult to leave a site after having our interest piqued.  

Botnet: 

Hacker sends out virus or worm to infect vulnerable home computers.  This creates a slave network called botnet.  In the next stage, the hacker sells or hires out the botnet to other criminals who use it for fraud, spamming, DDS attacks and other cybercrimes.

Ad blockers: 

We don’t like those ads.  But sometimes, the ad blocker can be fake and might have the ability to remotely inject malicious code into unsuspecting customers of the ad blocker. Some browsers, such as Google Chrome, now have built-in ad blocking, which blocks negative ads such as popups, auto-playing video ads with sound, ads with a countdown and large stick ads.  If the browser suspects a website is running these ads, they may choose not to load any ads on that website. 

Virus

Virus:  A self-replicating code.  It must be opened or executed to run it.  It looks for programs to infect.  It can live in the system (resident), which would mean it could strike again.  Or it can only be activated when clicked (non-resident).  Computers can become infected with a virus in a number of ways including:

·         Accepting software or download without reading the fine print (Trojan Horse)

·         Downloading infected software from a bad source

·         Opening email attachments containing a virus

·         Using an infected disc or thumb drive

·         Visiting a malicious site

·         Not running updates on browser, programs and operating system

·         Using a file distribution network for pirated movies/software

Signs you may have a virus:

·         Clicking on an icon or program does not work

·         Your device is crashing, freezing or rebooting by itself

·         Your antivirus and/or firewall is suddenly disabled

·         You see unexpected advertisement windows

·         You cannot print

·         You no longer have the icons on the desktop, and/or program files in your folder

·         You have major problems installing or downloading software

·         You can’t access your disk drive or hard drive

If you think a file is suspicious, you should first scan the file for viruses.  Using your antivirus program, right click on the file and select “scan for viruses”. 

If you are concerned that you are infected, use your antivirus program to run a full scan.  Open the program and select full system scan.

If a virus is found, a prompt will be given to move the virus or delete the files.  Both are ok.

If you don’t have an antivirus program installed, find a free one online by a reputable company such as Bitdefender, ESET, Trend Micro, Kaspersky or Symantec.

Clickbait

Clickbait is a technique used in websites which is designed to have you click on links that look interesting.  In fact, the goal of clickbait is for you to click on the link.  It really doesn’t care if clicking on the link provides you with a satisfactory answer.  They get paid either way!  Clickbait is not in itself malware but could direct you to a bad website. 

Adware: 

Software that provides unwanted advertising.  Includes pop-up ads, banners and in-text links.  May redirect to another website, install third party software, track or affect system performance.  May even prevent you from using ad removal software.

Spyware: 

Script which collects information about your device and transmits it to other sites.  So, these sites know where you have visited and will provide sometimes fake websites that would interest you.

Keyloggers:

Software that captures anything that you type.  Not only dangerous for your devices (think passwords) but also in terminals at gas stations and ATM machines (known as POS or point of service terminals)

RAM scraping malware

RAM scraping malware is also used for POS interactions, where data is stored unencrypted for just a couple of milliseconds.  RAM scrapers use this window of time to grab card data and save as a .txt file. 

Browser hijacking software: 

Advertising software that modifies your browser settings.  Although installing a program may result in a new default browser (not too bad), this new browser can have malicious links in it (that is bad).  Always check when installing new software for permissions. 

Ransomware: 

A particularly malicious software which blocks access to your computer until a sum of money is paid, usually in bitcoin or gift cards.  The ransomware encrypts your data in such a way that only they can unencrypt.  It is not recommended, though, that you pay the ransom.  Instead, contact a professional if this happens to you.

Hacking

Hacking is unauthorized intrusion into a computer or network.  Uses scripts or code, gains access through methods such as passwords, bundled software or email.  The hacker will find scripts, learn about hacking opportunities and share what they find on the Dark web using special browsers like Tor.  They will then share what they have found using Tor (a private browser) to set up botnets, break a security network or share sensitive documents.  There are also forums on the dark web where sensitive information is shared.  There is a site on the dark web called FreeHacks, which give tips on how to hack and example of hacks to try.

Malicious email: 

If malware is software that performs unwanted tasks, email is the vehicle that delivers it to your device. Emails can be harmful to your computer, causing you to click on sites that can leave malware on your system, or trick you into providing some personal information.  You may find yourself in an Email scam by responding to a questionable email.  Some of these include the old-fashioned fraud emails (business opportunities, health and diet, cable descrambler kits), discount software, advance fee fraud (like the Nigerian Prince), Phishing email (looking for information) or Trojan Horse emails (entice you into installing software, then turning on you). 

Malicious email attachments: 

According to a 2017 Verizon report, 66% of malware was installed via a Malicious Email attachment.  With a malicious email attachment, the attacker will fool the user into downloading malware or other things which can include invoice fraud.  Downloading the attachment alone can release the malware and do damage.

Malicious attachments that look like legitimate file attachments, usually an invoice, software update, or other file that seems urgent in nature. These attachments can infect your device with malware that can spread to other systems. Some attachments will take you to a website which asks you to enter your credentials to access the file. However, the file is bogus, and your credentials are now in the hands of the attacker.

Do not open any attachments that you were not expecting.  Documents, PDFs, images and other attachments might be dangerous.  When in doubt, contact the sender and ask.  But don’t contact by using the reply, as it might be malicious.  Call and ask if they did indeed send you an attachment.

There is no sure way to tell if it is malicious.  Still, here are some things to consider:

·         Your email provider should be scanning for malicious attachments.  If a virus is included in the attachment that you are trying to send, you will see a “Virus detected”” error message.  You can choose to send without an attachment.  If the virus is attached to an email sent to you, they should reject the message and let the sender know.  If the virus is found in an attachment in your inbox, you won’t be able to download the attachment.  This is true in theory, but things can still get through.  So, keep reading!

·         Filenames:  avoid bizarre filenames and misspelled words.  Spreadsheets are usually not named a random string of symbols (this would be suspicious as well)

·         EXE files:  These are executable files.  Only open if you have downloaded them from a reputable source.  Do not open an EXE file in an email attachment.

·         Zipped files:  If you have any doubt, confirm by phone or email (but not replying to this email because you are not sure if it is legitimate)

·         Office documents:  These can contain hidden macros or scripts that will “allow macros” without knowing what you are allowing to run.  Macros can then enable installed malware.

Types of phishing

• Email Phishing: Attackers send emails attempting to trick individuals into giving away sensitive information or login credentials. These emails often appear to be from trusted sources, such as banks or government agencies, and redirect users to fake login pages.

• Spear Phishing: This is a targeted phishing attack that uses personalized emails to trick a specific individual or organization. It often uses personal information about the target to increase the chances of success.

• Whaling and CEO Fraud: Whaling attacks target senior executives with customized content. CEO fraud involves sending fake emails from senior executives to trick employees into sending money to an offshore account.

• Clone Phishing: Here, a legitimate email with an attachment or link is copied and modified to contain malicious content. The modified email is then sent from a fake address made to look like it's from the original sender.

• Voice Phishing (Vishing): Attackers make automated phone calls claiming fraudulent activity on the victim's accounts. They spoof the calling phone number to appear as if it's from a legitimate institution.

• SMS Phishing (Smishing): This type of phishing uses text messages to deliver bait messages. The victim might be asked to click a link or call a number provided by the attacker.

• Page Hijacking: This involves redirecting users to malicious websites through the compromise of legitimate web pages.

• Calendar Phishing: Attackers send fake calendar invitations with phishing links. These invitations often mimic common event requests.

• Link Manipulation: Phishing attacks often create fake links that appear to be from a legitimate organization. These links might use misspelled URLs or subdomains to deceive the user.

• Social Engineering: Phishing often uses social engineering techniques to trick users into performing actions or revealing sensitive information.

Phishing is spread by

• Malicious attachments (like invoice, software or another file that seem urgent).  They can infect your device with malware, or send you to a website where you enter sensitive data

• Malicious links:  They take you to an imposter website like the real one.  They want to fool you into entering credentials.  The links can be imbedded in email or as links in a website

• Email Requests for sensitive data designed to seem legitimate. 

Spotting phishing emails

•  Suspicious Sender Address: Check the sender's email address carefully. Malicious emails often come from misspelled or slightly altered domain names that appear similar to legitimate ones.

• Generic Greetings: Phishing emails often use generic greetings like "Dear Customer" or "Dear User" instead of addressing you by name

• Urgent or Threatening Language: Malicious emails often create a sense of urgency, e.g., "Your account will be suspended!" or "Immediate action required"

• Unsolicited Attachments or Links: Be wary of unexpected attachments or links, especially if the email urges you to open them.

• Spelling and Grammar Errors: Poor grammar, awkward phrasing, or multiple spelling errors can be a sign of a phishing email.

• Mismatched URLs: Hover over any links in the email (without clicking) to see where they lead. If the hover link doesn't match the URL in the text, it might be malicious.

• Requests for Personal Information: Legitimate organizations will never ask for sensitive information, such as passwords or Social Security numbers, via email.

• Too Good to Be True: Offers that seem too good to be true, like winning a lottery you never entered, are often phishing attempts.

• Mismatched Email Themes: If the content of the email doesn't match the sender or seems out of context (e.g., a bank sending a discount coupon for shoes), be suspicious.

• Check the Signature: Lack of details about the signer or how you can contact the company can be a red flag.

• Suspicious Attachments: Unfamiliar file extensions or files you weren't expecting should be treated with caution.

• Check with the Company: If you're unsure about an email, contact the company directly using a phone number or website you know is legitimate.

• Unusual Sender Behavior: If you receive an email from someone you know, but the tone or content seems off, their account may have been compromised.

• No Encryption: Legitimate banks and online services usually send emails that are encrypted. If an email isn't encrypted, that's a potential red flag.

• Check for Digital Signatures: Some organizations use digital signatures to verify the authenticity of their emails. A missing or invalid signature can indicate a phishing attempt.

Can you get a virus from an app?

No, but you can get other forms of malware which may steal money, steal credit card information, steal contacts and sensitive photos, track your location, read text messages, save passwords, send SMS messages, and spend your money.

Can you get malware from an App from the Apple App store?

Unlikely, although it has happened.  To be sure, only install apps from the Apple App store.  These apps go through thorough testing and verification prior to release.  Your iPhone is protected as long as you did not jailbreak it or use third party apps. Apps outside the Apple App store require that you jailbreak the phone.

Can they be trusted? Short answer no!

·         Not necessarily safe if in the Google or Apple App store

·         Definitely can be unsafe if not on the Google or Apple App store

·         Who makes the app?  Special caution for beauty apps, VPN apps, and antivirus apps

Tips on how to tell if an app is safe:

·         Find out how the app uses your personal information.  If it is sharing with others, it could be malicious. How do you know?  First, if it is free, they are not obligated to disclose their advertising and tracking service, so it is probable they are tracking you.

·         Permissions:  The app may require permission for certain features.  For example, a heart rate workout tracker would want access to your health access, and you might have to enable certain aspects of that health data.  Once set up, the permissions are made and the data will be exchanged. Make sure it makes sense.  A flashlight app will need access to the camera flash, but nothing else.  A book app does not need access to the camera.  On an Android device, app permissions are included in settings.  ON the iPhone, clicking on the app in settings will show you what it has access to.  Beware of apps which ask for lots of permission (such as managing files, using contact information from friends, or camera).

·         Understand when and why the app will track your location.  This information would be part of the license agreement that we often scroll past.

·         More research on the app:

o   Look at the developer’s name right under the app’s name.  You can do a Google search to find more information about the developer such as a website.  If they have created a number of apps (well-reviewed), then it is probably safe.

o   Look how many times it has been downloaded.  The more downloads, the safer it may be (to an extent of course!)

o   Look for an app that has been around for a while, but has been recently updated.  In the Google Play store, you can find this information under “read more”. 

o   Read reviews.   There should be lots of reviews, and they should have some positive and some negative points in them.

o   Spelling and grammar errors:  Since often apps are created in other countries, the grammar or spelling may be incorrect.  This is a red flag.

o   Unbelievable discounts:  If it seems too good to be true, it probably is!

·         Avoid third-party apps:  These are ones which are found outside the App Store or the Google Play Store.  Third party apps bypass security measures making it easier for a hacker to infect your device with a bad app. 

·         NOTE:  If you suddenly have lots of ads after downloading an app, you may be a victim of “targeted advertising”.  Although not malicious, they can be annoying and might slow down the phone.  Delete any apps which seem to get these ads. 

Use a good antivirus program

There are many antivirus programs available.  Some are free, others have costs involved.   Unfortunately, you may find that the anti-virus program you downloaded is actually malware!  And, when googling anti-virus programs, you may end up with malignant sources as well.  The go-to site for best antivirus programs can be found at AV-Test, which is an independent IT-Security Institution.  On this site, you choose your device (mobile Android, Windows, Mac or Business) and you can see the operating systems which were tested during that period.  Sites are tested for protection, performance, and usability.  Some will receive a top billing.  For example, the top-rated antivirus programs for Windows 10 are:  Avira, Bitdefender, Kaspersky, Quick Heal and Trend Micro.  Unfortunately, among the lowest scoring for protection is Microsoft Windows Defender.   You can learn more about this by visiting their website at:  av-test.org

Use a safer browser which include certain features:

·         Web of trust (https://www.mywot.com/):  Uses community input to verify the safety of a site.  Needs to be installed on each browser.

·         Web address:  HTTPS should begin the web address if you are putting in sensitive information like address, birthday and credit card information

·         Security symbol:  Besides HTTPS, you should also see a lock someone on the browser’s address window.

·         Update your browser regularly.  Each browser has its own way of doing this, so become familiar with your browser.  (Google Chrome:  Settings > About> It will tell you if it is up to date)

Use a strong password:

·         Strong (over 8 characters include letters, numbers and symbols.  Mix letters and numbers.

·         Do not use personal information in a password

·         Use a password generator to set one up, and to store passwords. Examples include Last Pass (https://lastpass.com/) or Dashlane (https://www.dashlane.com).

·         Do not share with others

·         Don’t store them on your device.  If you must, hide and encode.

Consider using a VPN:

A VPN (virtual private network) is a method used to add security and privacy to public and private networks.  It allows the user to send and receive data across public networks, using a private network instead of the public network.  There are many types of VPNs.  Some are free, and others cost money.  It is better to pay for your VPN, as the free ones may often violate privacy standards.  Remember if you are using your own Wi-Fi or a cellular connection, you probably do not also need a VPN.  Also, if your surfing on public Wi-Fi systems is pretty basic (web searches, basic websites), then a VPN is not necessary.  

VPNs protect your online identity and data sent  online.  It does not protect you from malware, phishing scams nor does it protect your data on your devices.  Some possible suggestions from various sources:

·         Express VPN (https://www.expressvpn.com/)

·         NordVPN (https://nordvpn.com/)

·         Mullvad (https://mullvad.net/en/)

·         TunnelBear (https://www.tunnelbear.com/)

The website whatismyipaddress.com lists a number of VPNs and includes some specifics about them.  While you are there, learn more about IP addresses, checking how sent you that email, and are you blacklisted?  Someday, we will do more on this interesting topic!

Consider using your cellular hot spot or purchasing a hot spot:

Many cell phones offer the capability of using your cellular connection for a portable Wi-Fi.  This is especially useful when you are away from home and want to access a sensitive site.  The process involves setting up your phone for this, which will include a password, then opening your other device and looking for your phone network.  You will have to enter your password on your phone onto the other device.  A purchased hot spot will be set up in a similar fashion. 

Website:  What are some common email scams and what can you do to avoid them?  This is an interesting assortment of them.  Particularly intrigued by Swatting...

Activity:  How good are you at spotting Email scams?  BTW, I took these quizzes and did miss a few.  Fun way to see how much you learned!

• Here is the Phishing quiz by Google that we did in class

• Another good phishing quiz.  It asks for your email address, but you don't have to fill it in.

• This is a nice basic quiz designed for seniors.  

Website:  All about Email scams.  Includes activities and lots of examples.  

Resource: Have you been a victim of Identity Theft? Visit the Identity Theft Government site to learn more. 

Resource: Hacking is a problem that seems to affect all of us at one point or another. Here is a great informational site on hacking. 

Interesting web article:  How does the information used by hackers become available?  Follow this story as the author goes onto the dark web to discover more about Russian hackers.  

Adware:  Learn more about adware, and then learn how to clear your browsers of adware.  

Ram scraping:  How do they do it?  This article outlines how ram scraping is done.  Maybe a little technical, but eye-opening!

Website:  The FDA offers some tips on preventing skimmers at the pump.  Very informative!

Online presentation:  At a 2018 conference, information was presented on some prominent Russian hackers.  This presentation shows what they did, how much money they made, and what was used.  Very fascinating!

Video: Street Smarts for Seniors, a presentation by the Brooklyn Police Department.  It is about 30 minutes long, but easy to follow and very useful.  

Tutorial: Avoiding Malware from GCFLearnFree

Flyer: Basic tips for online safety

News article: Sure, a VPN offers secure connections. But they are not all the same. And some are worse than public Wi-Fi! 

News article: Here are some of the more reputable VPNs (includes more information on VPNs)