Why do you get infected?

Norton 360 Support ChatOne of my New Year’s resolutions is to put more focus into my website and start blogging more consistently. Sometimes I get so wrapped up in working on computers, networks, and websites that I forget to step back and take a break. One of the things I enjoy is sharing information and writing, which is a way of taking a break for me.

I have seen no slowdown in the number of infected Windows computers that I work on each month. In my opinion and experience Vista is no more secure and the jury is out on Windows 7. I have 6 out of 21 computers in my office that have Vista with Norton Internet Securities installed – and they are horribly infected.

If you will follow the next simple pieces of advice, you won’t have to call and pay me to clean your computer.

So why do you get infected?

I blogged about this a few years ago with “Why do I get infected in the first place” and “Layered Security Basics“. The same thing still applies.

If your computer gets infected, then you asked for it.

There is no one solution that will keep you safe. Norton, TrendMicro, even the free ones I recommend such as AVG and Avast will only detect less than 50% of the bad stuff out there. I don’t care what their marketing says – and notice that I said “detect”…not “prevent”. How do I know? Well I’m pulling the percentage out of my hat – but it is based on the real-world evidence that I see day in and day out.

Once infected, all bets are off then. You simply can’t trust your computer. Many of the malware out there today will install a “root kit” which hides from the operating system and thus from everything else. Yes, there are root kit detectors, but removing them is a whole different ball game.

Rex’s Security Rules

(1) You are only as good as your last successful backup from which you can recover.

Backup your important files (pics, docs, spreadsheets, quickbooks files, local email). In the event of a disaster, this is your most important step. You can always wipe your computer and start from scratch, but you data is the key. Use software such as Microsoft Sync Toy or simply drag and drop to a USB drive. Burn to a CD or DVD – anything but make sure you backup and backup often.

(2) Make sure you are behind a NAT router.

If you are on a cable modem (SuddenLink, Comcast, etc), then you need to purchase an inexpensive home router from WalMart, BestBuy, or OfficeDepot. I recommend the Linksys brand and specifically recommend the Linksys WRT54GL – you can’t buy it locally. If you have AT&T’s DSL service then your modem is also a router so you don’t necessarily need one.

Just because you use a Mac doesn’t mean you are safe without a router either. I work on Macs too.

This one single piece of hardware is your first main security layer. period.

(3) STOP using Internet Explorer – use FireFox or Chrome.

Internet Explorer (the blue E icon) is still full of security holes and is deeply tied into the Windows operating system. Switch to FireFox along with 30% of the rest of us. While FireFox won’t stop viruses, you will drastically reduce your attack surface.

Just because Microsoft says Internet Explorer is safe doesn’t mean it’s so. After all, MS claimed that Windows 2000, XP, Vista, and 7 are safe – and we all know how that has turned out.

(4) Stop opening every email attachment sent to you. Just stop.

No matter what safety measures you put in place, if you open the front door for the intruder he will walk right on in. Just because your best friend for 20 years forwarded you a joke video that has been forwarded through 50,000 people, does not mean it is safe. Just because your best friend opens attachments on their computer doesn’t mean they are safe. There is a 70% chance your friends computer is infected – they just don’t realize it yet.

What attachments are safe? Only those that you trust. Generally jpg pictures are safe. Legitimate links to youtube videos are safe. Powerpoint shows, Word docs, untrusted WMV files, etc, are not.

(5) Don’t visit sites you don’t trust.

If you insist on clicking on every link to every site, then you are asking for trouble. See rule #1.

MySpace falls into this category too. Why? Because often people “pimp their profile” to include 3rd party ad scripts. Sometimes these scripts send malicious code that will exploit Internet Explorer – known as a drive by exploit. You get infected from moron’s blinged up profile.

How do you fix an infection?

Simply put – you don’t. I back up your data, wipe your computer (format, etc), reinstall your operating system and software, and put your data back on.