Which is best practice that can prevent viruses and other malicious code from being downloaded?

This article is about ways to protect your PC from viruses that can screw up your computer, or allow criminals to steal your data, personal information, or money.

• Use an anti-malware app - Installing an anti-malware app and keeping it up to date can help defend your PC against viruses and other malware (malicious software). 

  Microsoft Defender is free anti-malware software included with Windows, and it's kept updated automatically through Windows Update. There are also anti-malware products made by other companies that you can choose from.

  More isn't always better

  Running multiple anti-malware apps at the same time can cause your system to be slow or unstable. If you install an anti-malware app from a different company, Microsoft Defender will automatically turn itself off. If you install two anti-malware apps from other companies, however, they might both try to run at the same time. 

• Don't open email messages from unfamiliar senders, or email attachments that you don't recognize - Many viruses are attached to email messages and will spread as soon as you open the attachment. It's best not to open any attachment unless it's something you're expecting. For more information see: Protect yourself from phishing.

• Use a pop-up blocker with your internet browser - Pop-up windows are small browser windows that appear on top of the website you're viewing. Although most are created by advertisers, they can also contain malicious or unsafe code. A pop-up blocker can prevent some or all of these windows from appearing. The pop-up blocker in Microsoft Edge is turned on by default.

• If you're using Microsoft Edge, make sure SmartScreen is turned on - SmartScreen in Microsoft Edge helps protect you from phishing and malware attacks by warning you if a website or download location has been reported as unsafe. For more info, see How can SmartScreen help protect me in Microsoft Edge?

• Pay attention to Windows SmartScreen notifications - Be cautious about running unrecognized apps downloaded from the Internet. Unrecognized apps are more likely to be unsafe. When you download and run an app from the internet, SmartScreen uses info about the app's reputation to warn you if the app isn't well-known and might be malicious.

• Keep Windows updated - Periodically, Microsoft releases special security updates that can help protect your PC. These updates can help prevent viruses and other malware attacks by closing possible security holes.

  Windows Update helps to make sure that your PC receives these updates automatically, but you may still have to restart your machine occasionally for the updates to install completely.

• Use your internet browser's privacy settings - Some websites might try to use your personal info for targeted advertising, fraud, and identity theft. All modern browsers have privacy settings that you can enable to control what sites can see or do.

  For more information about configuring the privacy settings in Microsoft Edge see Configure your privacy settings so they're right for you.

• Make sure User Account Control (UAC) is turned on - When changes are going to be made to your PC that require administrator-level permission, UAC notifies you and gives you the chance to approve the change. UAC can help keep viruses from making unwanted changes. To open UAC, swipe in from the right edge of the screen, and then tap Search. (If you're using a mouse, point to the upper-right corner of the screen, move the mouse pointer down, and then click Search.) Enter uac in the search box, and then tap or click Change User Account Control settings.

• Make sure that Tamper Protection is turned on - In Windows 10 and 11 we have a feature called Tamper Protection that prevents unauthorized apps from changing your security settings. Many viruses and malware try to disable anti-malware software or other security settings when they're installed in order to evade detection. See Prevent changes to security settings with Tamper Protection for information on how to confirm that it's turned on.

EXECUTIVE SUMMARY:

Malicious code can conceal itself in innocuous looking software components. Here’s how to avoid downloading it.

Malicious code precipitates device encryption, data compromise, loss of proprietary data, and other truly unappealing outcomes. This is the case on both the organizational level and on an individual level.

Malicious code can appear in numerous forms – viruses, worms, spyware, adware, rootkits, fileless malware, trojan horses, ransomware, logic bombs and other software configurations. Identifying it is tough. How can you avoid downloading malicious code when cyber threats are so subtle?

The following tips provide means of blocking malware from your devices, from those of your employees and for your organization as a whole.

1. Avoid browsing unsecured websites.

Unsecured websites can play host to viruses, worms, or other malware species. Avoiding unsecured websites is a best practice. It will spare you (or your organization) from contending with malware. Organizations may wish to address the idea of unsecured websites and how to navigate them in employee-facing policy guides.

Teach employees to recognize secure websites by the application layer protocol. In short, users should ‘look for the lock’ and ensure that website URLs include HTTPS, not HTTP. These indicators show that the website retains an SSL (Secure Socket Layer) certificate, which guarantees that it is safe to browse through. Sites that only retain the HTTP application layer protocol no longer guarantee online user safety.

2. Filter traffic at the level of the DNS

When trying to avoid malware, teaching employees to look for SSL certificates is a strong step in the right direction. This will certainly help keep people safe. But not all secured websites are inherently safe these days. This is increasingly the case on account of advanced forms of malware. For example, polymorphic malware can evade security mechanisms.

To ensure that seemingly safe domains aren’t actually malicious, consider implementing advanced content filtering techniques for HTTP and HTTPS -especially at the level of DNS- to both the network and endpoints.

3. Identify malicious links ahead of clicking

Malicious code is often embedded into malicious links. But how can you and your employees spot malicious links?

Encourage employees to examine all URLs closely ahead of clicking. URLS can be examined as follows:

• By hovering a cursor over the URL and seeing whether it leads to the intended website.
• By hovering a cursor of the URL and ensuring that there aren’t any spelling errors or other alterations in the website’s listed domain name.
• By hovering a cursor over the URL and evaluating whether or not the link address ends in .exe (which indicates malware).

4.Take a pass on free software downloads

In some cases, free software is either unintentionally or intentionally laced with malware. In relation to free software downloads, one can hearken back to the expressions ‘if it seems too good to be true, it probably is’ and ‘there’s no such thing as a free lunch’.

Employees often fall for software download fraud. This is especially true when the ‘free software’ or ‘software upgrade’ or ‘free software upgrade’ is sent via email-based phishing campaign. In other cases, employees simply need to perform a specific type of calculation or some such, and end up downloading malicious software.

5. Do not engage with suspicious emails

At least 85% of organizations have contended with at least one phishing campaign. Phishing usually involves malicious links, malicious attachments, or other types of “malspam.” Providing education around these types of emails in terms of what they look like and their potential effects can yield dividends for organizations. Education ultimately conserves time and resources.

Malspam campaigns rely on assorted means of social engineering. The entire goal of social engineering is to deceive individuals into engaging with bad actors. Malspam campaigns potentially mean bad news for organizations. Malicious code is commonly included in campaign content.

6. Use an advanced email security solution

Cyber security awareness and education are useful in combating email-based cyber threats. However, they’ll only get organizations so far. Accidental clicks on malicious links can occur for many unexpected reasons. These include fatigue, multi-tasking, inattentiveness or other forms of distraction.

To avoid email security slips, deploy an email security solution. Many email security solutions include advanced spam filters, preventing junk from cluttering inboxes and from serving as a distraction in and of itself. The latest spam detection tools rely on machine learning engines, leading to better detection and fewer false-positives.

Get email security protection that covers users and files in any cloud environment. You want email security that covers whatever email client and services you use – Office365, Gmail, Azure and/or Amazon.

7. Block pop-up ads (and other ads)

Pop-up ads represent easy ways for businesses to gain publicity. If you’re already annoyed by pop-up ads, the malicious potential only adds insult to injury. Clicking on them might infect devices with malware.

Not all pop-up ads are dangerous. However, it’s best to block them and to do so across devices. Creating a clause around this in a company security policy guide may be worthwhile.

Browsers like Google Chrome offer the option to block pop-ups. Information about this can be found in the Google Chrome “Settings” menu. Third-party ad-blockers can also be helpful in preventing potentially malicious pop-ups from appearing on screens. In some cases, these types of tools may allow “acceptable” ads, but will stop irrelevant and disruptive messages.

8. Distribute and apply patches immediately

Patches commonly repair security ‘holes,’ protect data, prevent encryption, and generally keep hackers out. Lack of patching leads to 20-40% of breaches, according to security expert Roger Grimes. Consequently, proper patch management is essential.

Smaller organizations may be able to manage patching without special automation software. However, larger organizations with larger infrastructure landscapes may want to leverage automated patch management systems, which can install, test and deploy patches automatically, as the name suggests.

At the end of the day, strategic patch management practices improve security, increase productivity, and can help organizations demonstrate regulatory compliance. In some industries, patch management is key to remaining in-line with newly updated regulations.

9. Install antivirus and firewalls

Antivirus first emerged on the market in 1987. This was five years after the first computer virus appeared.

Antivirus scans files for malicious code and protects devices from malware. It commonly uses real-time virus signatures, and anomaly-based protections to proactively stop threats. It can also monitor networks in order to assist with rapid incident response and timely attack resolution.

Antivirus + firewalls can be a powerful duo in intrusion prevention. Next generation firewalls can prevent fifth generation cyber attacks using dozens of innovative security services and techniques.

So, how can you avoid downloading malicious code? 

How can you avoid downloading malicious code while working or reading on the internet? Leveraging the right knowledge, best practices and suite of cyber security solutions can help. If you’d like to know about which cyber security products might be best suited to your organization’s unique needs, reach out to a Check Point representative.

Top tips: How can you avoid downloading malicious code is one of several distinctive malware-centric pieces that we’ve recently published. For additional malware-focused content, click here. Lastly, to receive cutting-edge cyber security news, exclusive interviews, expert analyses and security resources, please sign up for the CyberTalk.org newsletter.