Barely into 2013 and already dealing with a larger than usual wave of viruses and spam concerns. The two seem to go hand in hand. Seems each time a new wave of viruses and viral email botnets come out, then for days and even weeks after we are inundated with fresh floods of spam and viral emails. We are always striving to keep our anti-virus and anti-spam up to date but it is a never ending, ever evolving cat and mouse game.
What’s a person to do, especially when you are not sure what to do or do not understand computers and how they communicate over email and the internet?
- Find someone techie who knows this stuff and pay them help every time there is a problem with your email and computer?
- Pay more on a monthly recurring basis for a fully managed solution with support staff proactively taking care of all of this for you?
- Ditch email and computers and return to verbal communication and smoke signals. Nobody can infect those right?
Ok kidding aside. the best scenario is one that works within your budget is realistic for the size and type of business you operate. You want to partner with vendors who know their stuff, not just slightly better than you, but fully and completely understand what is important and how to best manage and protect you and your computer data. You want Computer IT and software vendors to have your best interests in mind and treat you with respect. They should strive to educate you instead of telling you what to do and how much more money you need to spend. If you feel your current ‘experts’ cannot seem to solve issues without throwing more and more money at it then read this. The trouble with experts.
OK, back to the main point. It pays to know a bit about the inner workings of your email, even just enough to understand where Spam email comes from, and how to differentiate between all the terms like malware, viruses, Trojans, worms, bots, and spyware. If you have no idea then you may want to read this Cisco article.
Computer Viruses spread much like the living organism jumping from computer to computer by any means possible. Computer viruses generally behave in predictable patterns or behaviors which allow anti-virus programs to detect or prevent them from infecting your computer. New viruses emerge constantly so the protection against them needs to remain current to protect you.
Prevention is the best cure. Avoid hanging out where viruses like to live. Even so we all can stumble into the wrong website on a search or mis-typed address. If so just close and get out quickly and remain alert to see if anything pops up or funny stuff starts happening. If you have a funny feeling that something untoward happened by visiting a site, say if your screen flickers or computer freezes for a few seconds or you cannot close a popup, you need to immediately stop what you are doing, close all your programs and do a full scan of your computer to see if anything got in. Don’t restart the computer until after you scan it.
Beware the Root Kit Virus! If a virus already got in and the computer has been restarted there is the risk of a root kit virus installing itself. As it implies, a root virus puts itself at the very root of your computer, loading itself when you turn on the power, before windows or any systems load up. Logging into windows and trying to find and remove this virus is not possible because the virus is buried far deeper than your windows operating system. At this point your computer is hi-jacked until you get professional help to clean it. In extreme cases the best course of action is to completely wipe the computer clean and re-install everything from scratch to truly remove all traces of the root virus.
Phishing and spam !!! The term Phishing is a common way that malware and viruses trick people into getting infected. The classic example is you are surfing the web when suddenly a popup says your computer is infected and you MUST click on the message to fix it now. You follow the steps to supposedly fix the concern only to find out the message you clicked on and followed ‘WAS’ the virus.
Email Phishing is especially prevalent. PayPal, online banking, Facebook, Linked In, Twitter, CBC or ABC, your Aunt Ruth’s secret recipe, whatever. Whatever it may be that you are interested in, there is a phishing email circulating out there asking you to click a link to go check it out or open the attached file to verify your receipt or share some picture, whatever the malware of the week is. DON’T DO IT until you verify the email is legit. Phishing links take you to websites designed to install malware on your computer. Attached files contain malware or may install a Trojan or backdoor or password grabber or a root kit onto your computer.
Managing your email safely is also about behavior and how you do not get tricked into opening things with viruses and malware. Remember if it is too good to be true it is. If you were not expecting an email then you probably do not want it or need it. Most important. DO NOT BE IN A RUSH. When we are in a hurry we do not pay close attention and things happen without us realizing.
We live in a busy world trying to do more in less time but if we fail to temper how we work on our computers eventually we pay the price when things go wrong.
Viruses and email go hand in hand. When you get a virus more often than not the first thing it does is install an email gateway and starts to send masses of emails out to spread itself to new computers. Your computer is sick and sneezing its germ emails all over the internet. You will not see the emails popping up on your screen nor will they show in your outbox of your email program. It all happens behind the scenes. It is usually only when your actual email stops working that you start to suspect you have a problem. You may get bounce messages or alerts saying your email cannot be sent due to bad reputation, or worse, people you know contact you to say they are getting virus emails from you. By this point the damage is done and it may take a few days after your computer is fixed before things get back to normal with your real email.
If your computer remains infected long enough then you can become blocked by the company that provides your internet or email, or you may be added to a blacklist which will alert people not to accept email from your location. Even after you fix the virus and any blacklisting is removed you most often will see a large spike in spam and viral related emails being sent to you. Those are the result of the virus reaching out to other computers with your email or computer location in its radar.
If you get infected you better change your passwords to anything you use on that computer. A virus first focus after taking over a computer is infecting other computers and spreading itself but underneath that the virus has a deeper motive such as stealing passwords and login details which are collected and stored somewhere else for someone controlling the virus to later compile and use for fraudulent means. Some viruses are able to directly locate and steal passwords from unpatched or unsecure programs and in other cases they in stall key loggers that capture everything you type in the hopes it will also trap any interesting login details as you use your computer. Changing your passwords after a virus infection is safe practice that even if something got out, it will be useless if someone tries to use it against you in future.
Can a virus on my computer really take down my website? Yes it can and by several means. One way is you get a virus that captures your login details to your website, either wordpress or Drupal or other login, or worse, the FTP login to load files direct to your website. In these cases the viral process can login and upload a copy of itself into your website pages thus potentially spreading itself out to your website visitors. Changing your website access and passwords is the only way to prevent this but if you do not eliminate the virus, it will continue to reset and recode itself into your website. The other more insidious way a virus can take down your website is via a BotNet.
What is a BotNet and why should you care? Viruses often are linked to malicious BotNets. Bot as in robot which in this case is a compromised computer that is under the ‘remote’ control of a malicious program/Trojan, and Net as in network of computers linked together for a focused purpose or task. A BotNet usually targets a specific company or website or email service either to hack in and gather confidential data, or merely flood those sites with so much activity that they fail to function, otherwise known as a directed denial of service (DDOS) attack. When that happens people get an error message trying to view your website.
The sequence of events can be like below (Picture above and list below credit to Wikipedia http://en.wikipedia.org/wiki/Botnet)
- A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application—the bot.
- The bot on the infected PC logs into a particular server where the botnet operator connects.
- A 3rd party (spammer or rogue organization or individual) purchases the services of the botnet from the operator.
- The 3rd party provides the spam message, or the address of a server or website to attack, to the bot Operator who instructs the compromised machines via the control panel on the web server, causing them to follow his instructions. The emails will start to flow or website will fall under attack.
It is this controlled behavior where the actions can happen days or even weeks, months, anytime after a computer is infected. Some cleverly programmed Root kit Trojans can hide very deeply and the computer will seem to operate normally and nothing will show or alert you as being amiss … BUT the BOT can be in hiding waiting to execute commands at some future date and time. It is this reason that sometimes viral activity shows up when you least expect it. How could my computer get a virus when I was on vacation and not using it for 2 weeks? Answer: It was infected before you went on vacation !!!
- Stay safe and alert
- Change your passwords periodically
- Always change passwords after a virus infection.
- Viruses have many consequences and lasting effects
- Viruses can impact your website
- Viruses create Spam
- Trojans can lay in hiding waiting for the right opportunity to do their damage.
- Viruses cost business and our economy billions every year.
- Individual businesses often are faced with costs averaging several hundred dollars per infected computer to fix, not including the cost of lost productivity or negative PR if the virus breaches or permanently damages confidential data.
If you as a business owner become infected you will need to call an expert to ensure your data is safe and help you ride out the storm . That ride may take days but the storm will end soon if you put the effort in to remediate the problem quickly and completely. There is no half fixing a viral infection. It has to be 100%.
All the best – Brad