Malware: Avoid, detect and recover

Home Depot.
JPMorgan Chase.
Target.
There is speculation that all of these newsworthy breaches have been caused by malware. While the statistics regarding these breaches and other malware attacks are depressing, it is not all doom and gloom; there are plenty of things you can do to protect your business’s computers and data.
In response to the increase in malware attacks, the FTC issued advice and guidelines on how to avoid, detect and recover from malware.
Avoid
Avoiding malware is the ultimate goal; to do this, you need to implement security tactics that focus on both technology and people.
First, check your tech:
- Keep your security updated – The FTC suggests that at a minimum, your computer needs anti-virus and anti-spyware software, and a firewall. For convenience, set your security software, Internet browser and operating system to update automatically.
- Protect your WiFi – Make your WiFi for employees only and offer a separate network for guests. Both networks should have WPA protection.
- Install a pop-up blocker – Reduce the risk of employees clicking on pop-ups by reducing the number of pop-ups.
- Backup your files – Set up automatic backups regularly. It is better to be safe than sorry.
Second, teach your employees about malware. Technology only can do so much. Your employees need to understand that malware infections happen when users click on links that download malware to their computers or when an infected software or file is downloaded. Here are a few risk reducing tips to share with your employees:
- Be cautious of attachments – Hackers can even use the email addresses of family and friends to send malware in attachments. If it looks unusual or sketchy, don’t open it.
- Close pop-ups – Pop-ups are a favorite tool of scammers. A good rule of thumb is to just close all of them and never click on their offers.
- Software safety – If you can’t set up your company’s computers to prevent users from downloading, talk to your employees about only downloading from safe websites.
Detect
Chances are that you can’t monitor every device in your network personally, so recruit your employees to help. Give every employee a sheet of paper with your contact information on it and the following warning signs of malware from the FTC:
- slows down, crashes, or displays repeated error messages
- won’t shut down or restart
- serves up a barrage of pop-ups
- displays web pages you didn’t intend to visit, or sends emails you didn’t write
Other warning signs of malware include:
- new and unexpected toolbars
- new and unexpected icons in your shortcuts or on your desktop
- a sudden or repeated change in your computer’s Internet home page
- a laptop battery that drains more quickly than it should
Recover
If an employee suspects there is malware on their computer, tell them to immediately stop shopping, banking and doing other online activities that involve user names, passwords or other sensitive information.
Then it is up to you to clean up the computer.
The FTC, like many other security organizations, is a believer in companies and organizations working together to prevent security breaches; if you feel inclined, report the attack to them so they can help protect others.