Among comments I hear most often when I am on a service call and I discover a virus is something like, "But I have an antivirus" or "How did that get past my McAfee/Norton/AVG/etc?" Today, I want to clear up exactly what you should expect your antivirus program to be able to do.
An antivirus program is to your computer what the immune system is to your body. The fact that you have a working immune system does not mean you will never get sick. Even those who take vitamins and supplements to boost their immune system will still find their bodies succumbing to the occasional illness. When a virus enters your body, your immune system only knows to eliminate it if you have had it before and have built a resistance to that virus. If you have never encountered that particular strain of a virus, it may take some time before your body realizes that it needs to go into action.
Similarly, antivirus software has become very good at eliminating the threats that it knows about! When it scans the websites you visit and the files you download or open, it is comparing them to a list of known threats. If I were to write a virus and send it out with this email (don't worry, I won't!), it is unlikely that any antivirus would catch it because the software doesn't know it exists. In order to keep up with the latest threats, companies that produce antivirus software are constantly sending out new files with information about the latest threats. These files, usually referred to as definitions, are almost always downloaded automatically to your computer when you are online.
Software is becoming better at recognizing certain behavioral traits of viruses so that they can block some threats before they are included in the definitions. While they are sometimes successful, it can be difficult to distinguish between legitimate programs and viruses. For example, a cloud backup program (which I discussed in an earlier tip) would be identical in function to a virus that copies everything off of your hard drive and sends it to a server in Tajikistan. The only difference would be the destination of the data. An overzealous setting might flag your legitimate cloud backup software as a virus, while looser settings might allow both to operate uninhibited.
Joxean Koret, a researcher with Singapore-based security firm COSENIC, recently gave a presentation where he discussed flaws found in 14 of 17 antivirus products his firm tested. At the end of his presentation, he provided a recommendation for consumers: "Do not blindly trust your antivirus product."
The key word is blindly. Use your antivirus, but also practice good online habits, such as:
- Keep your operating system and other software up-to-date.
- Don't click on links in emails or on social media.
- Don't conduct sensitive business (such as online banking or shopping) on public Wi-Fi.
- Use strong passwords and change them regularly.
- Keep clear of sketchy websites.
- Only download files from reputable sources.
No comments:
Post a Comment