Thread: OT Malware in news
View Single Post
  #4   Report Post  
Old 05-06-2014, 01:18 PM posted to uk.rec.gardening
news news is offline
external usenet poster
  
First recorded activity by GardenBanter: Jul 2011
Posts: 138
Default OT Malware in news
On 05/06/2014 12:44, Stephen Wolstenholme wrote:

I don't think I will respond to Symantec marketing.


Agreed. Unfortunately, the hype over all this makes me think that
either the gov agencies or the AV providers are running a marketing
campaign.

Yes, these threats are potentially dangerous - but they have been for a
long time now. There really isn't anything significantly different
about it now. Yes, such malware will increase and become more
effective, as will the means of trapping the unwary. You always need to
be vigilant and this news doesn't change that.

However, the hype over this '2 week window' is largely meaningless. If
you are very recently infected with cryptolocker (like the day the
'command and control' servers were taken down) then you may have 2 weeks
to get it cleaned up before the servers are back and able to issue the
encryption keys. This will be a very small number of people affected in
this way though.

As with all these things, some basic hygiene will keep you safe.
(Particularly relevant for windows users, of course). My view of the
important stuff is as below. Some parts are more important than others.
You can do all the right things with protective software, but the
absolute key is your online behaviour. So...

* Keep programs and operating systems fully patched and remove programs
you don't use;

* Have an anti-virus program running in real time, keep it updated at
least once a day and run periodic system scans;

* Have an anti malware program such as 'malwarebytes' or 'spybot search
& destroy' - keep them uptodate and run periodic scans;

* Don't click on links in emails (preferably at all, but certainly not
unless you absolutely know the source of the mail and what the link is);

* Don't open any attachments in emails unless you absolutely know the
sender and what they are sending and you are expecting it;

* Never click on a link in an email to change account details - always
go direct to the correct site and to the correct part of it to change
your details;

* Be very careful about what websites you go to and what you click on;

* Remember that social media is a prime location for picking up malware;

* Never change any sensitive details on any public wifi network - and
don't use any sensitive log in details;

* If you have home WiFi, make sure it is very secure;

* Preferably have a router to connect your broadband rather than a USB
modem;

* Change your passwords regularly; don't use the same password for
multiple services; have complex, difficult to guess passwords. (A good
password manager such as LastPass can help take away a lot of the burden
of this as long as you know its limitations).

If you have an eBay account, change your password *NOW* if you haven't
done so in the last couple of weeks.

Doubtless some will disagree with some of the items above. I know
people that refuse to use AV programs, for example - but to take that
step, you need to be super-vigilant, and most people just aren't. Most
people that get hit with malware are not IT professionals and I accept
that from scratch, some of this stuff can be daunting - unfortunately,
that is what the bad guys know and they are their targets

Sorry this is a bit long, but some of it might help someone...

--
regards andy


Reply With QuoteReply With Quote