Just When You Thought It Was Safe to Use the Computer…
April 25, 2012Has this ever happened to you? You’re sitting at your computer when all of a sudden a window pops up telling you that a virus has been detected and that if you don’t take immediate action, your computer will be harmed. I remember one such instance where a message popped up on my home computer telling me that I had a virus and needed to buy this software to remove the virus, and no matter what I clicked the message would remain. Even after I turned the computer off, when I turned it back on the message reappeared. In other words, my computer was being held ransom, and unless I paid the ransom (i.e. bought the software), I would not be able to access my computer.
When a message like this pops up, your initial instinct is to take action, but be careful. Messages like this are a common form of malware known as hoax virus alerts. These fake alerts may cause the user to take unnecessary steps they think are protecting them from attack but may actually end up causing the attack to occur. Just a few weeks ago, my wife received such a message while she was browsing the Internet. When she attempted to ignore the message by clicking on the ‘cancel’ button, she thought she was doing the right thing, but we started to notice changes in the way the computer operated, and in a short amount of time, it became clear that the computer had been compromised.
The truth is the more we use the Internet, the more prone we become to such attacks. According to Kaspersky Lab ZAO, “[a] conservative estimate of the number of attacks occurring monthly by the end of [2010] puts the figure at somewhere close to 3.2 million.” We are not going to stop using the Internet, but as my high school economics teacher Mr. Edwards use to say, “to be forewarned is to be forearmed.” Here are some ways to be “forearmed” against malware attacks:
Prevention is the best medicine
The best way to survive a malware attack is to prevent one from happening. Here is a list of ten steps to malware prevention that gives a good amount of detail on the different levels that need to be addressed if you want your computer to be safe. Most resources can be purchased over the counter or downloaded for free off of the Internet. If you’re not comfortable taking any of the steps mentioned in the guide, consider contacting a local computer specialist to help.
Arrest, assess, and act (how’s that for alliteration?)
If you ever receive a virus alert or similar message on your computer, stop what you’re doing immediately. Some malware takes the form of an executable file, and just by clicking on the pop up window (even the ‘cancel’ button), you launch a program that takes control of your machine and makes you an accomplice to your own attack. If possible, use another computer to validate the legitimacy of the alert. The University of Oklahoma Police Department has an entire section of their website dedicated to Internet safety, including a page on how to detect Internet scams. If you can’t confirm the legitimacy of the alert, you may simply want to turn your computer off by holding the power button until it shuts down. You may lose unsaved work, but it’s better than compromising the security of your system.
Monitor your financial accounts and credit
If you think your computer may be infected by a virus or another type of malware, you need to remove the malware using either malware removal software or with the help of a computer specialist. Even more important is the need to monitor your financial records. That’s because malware is one of the top 10 ways your identity will be stolen. If you even suspect that your identity may be at risk, you should follow the steps outlined in this action guide.
When Susan and I realized that our machine had been infected—and who knows for how long—I signed us both up for ID theft protection using LifeLock®. This may be seen as an extreme measure, but for the time being I am not concerned about ID theft.
Back up your data
When we finally took our computer to the specialist, he informed us that the virus that infected our computer had done so much damage that the only way to really “recover” from the attack was to reinstall the operating system. That wouldn’t be such a big deal if that didn’t mean losing all of the documents, pictures, and other important files on my machine. Fortunately, a few weeks earlier I had subscribed to an online file backup system called Carbonite. There are several different ways to back up your important files, including using an external hard drive, a removable thumb drive, or an online service that automatically backs up your files over the Internet. That way if, and in my case when, files are damaged or lost, they can be restored.
You might be wondering why I’m sharing so much technical information in a finance blog. Well, when you begin to understand the potential financial impact of identity theft you start to get the picture. Whether it’s forged documents, fraudulent transactions, or unauthorized lines of credit, ID theft can wreak havoc on your finances. It can be something as little as $35 in miscellaneous bank fees to thousands of dollars in legal and investigation fees, and even if you are able to reverse the charges, damaged credit can result in higher interest rates, increased insurance premiums, and the denial of future credit. According to a report by the Congressional Research Service, the average cost incurred by identity fraud victims was $631, but that doesn’t include the time and frustration that accompanies dealing with creditors, replacing important documents, or getting fraudulent transactions rectified.
Thankfully, for Susan and me, our situation is stable. I have not personally experienced identity theft, and I’m not willing to try. Services like LifeLock® and Carbonite are not free but neither is recovering from identity theft. I guess you would call it the price for peace of mind. Decide for yourself what it is worth to you. Perhaps the best protection against malware and ID theft is common sense and that, at least for now, is still free.