Like most people, I don’t want bugs in my house and I do several things to prevent them. While generally speaking, I almost never do encounter unwanted guests in my home, on a couple of occasions pests have hijacked their way in. Once it was an out-of-print book the author graciously sent from his personal stock but which unfortunately arrived with a nest of red ants inside. Another time, it was an appliance delivered with a mouse in residence. And a third time, it was a large painting which hosted a cockroach.
What I’ve learned from uninvited pest episodes can be applied to antivirus software too. And that is that each bug may require a different set of actions.
For example, when I encounter a benign buggy creature, like a daddy longlegs, I cover it with a paper cup and slide a bit of paper underneath. That way, I can safely carry the bug outside and set it free. The ant-covered book I immediately plunged under a running hot faucet (fortunately, the book was shrink-wrapped). I set a trap in the appliance to catch the mouse. The cockroach that hitched in on the painting was snatched up with plastic wrap and taken to the outside garbage can.
With malware, like bugs, think about what it is you are really trying to accomplish. A decade ago, malware frequently had some malicious payload. For example, the circa-2001 Magistr virus erased the BIOS and overwrote sectors on the drive after a pre-determined period of time. The threat then was to the computer (or the computer’s ability to store files effectively). All you had to do was remove the malware before the designated time and all would be well.
Today, malware typically doesn’t have that type of malicious payload. Instead, modern day malware is usually designed for theft. Instead of focusing all your energy on the computer, consider focusing the most energy on the potential impact – and how you can mitigate that. It also means understanding what your own personal risk is and acting accordingly.
For example, if you’re an enterprise user or an inventor or anyone for whom sensitive intellectual property could be at stake, your best course of action may be a wipe and restore of the entire system. That means, if you’re in this category of users, that you should always ensure you have a current backup of your data, are encrypting the most sensitive data, and have a clean drive image available.
Of course, in a perfect world, every computer user would have a current backup, encrypt sensitive data, and have a clean drive image available. But perfection and reality seldom meet. So do the next best thing – consider where your biggest losses could be.
If you’re concerned about your financial accounts (and you should be), you can sign up for a credit monitoring service such as ID Watchdog. This will alert you if someone tries to abuse your account or some other suspicious activity occurs. That way, if malware should manage to steal your credit card info, the credit monitoring agency should detect fraudulent attempts to use it. ID Watchdog has partnerships with several key antivirus vendors so it’s possible to get this service completely free if you need.
For online banking, use all the alerting mechanisms your bank has available. As an example, set your low balance alerts to the highest possible level – just barely under the amount you normally maintain in the account. That way, if a password stealing trojan or phishing scam has managed to harvest your username and password, you’ll get a notice as soon as unexpected funds are withdrawn. Windows users can get a more proactive and higher degree of protection by using the free Trusteer Rapport. If your bank doesn’t offer Trusteer Rapport, ask them why.
In other words, use antivirus software as a means to ward off the most common bugs but realize that despite best efforts, some bugs will get in. To make sure you don’t get harmed by those that do sneak in, take steps to monitor your most critical digital assets. Both ID Watchdog and Trusteer Rapport are great tools to help you do just that.