Q: If I installed anti-virus and antispyware software, have kept Windows updated and have a firewall, why am I still getting infections? — William
A: There are two aspects of this problem that no amount of security software can overcome: reverse engineering and social engineering.
Security software often gives users a false sense that they are protected and can do just about anything they want on the Internet. No matter which security software you install, the bad guys have the upper hand on figuring out how to get around it. This is why security software needs to be constantly updated.
Reverse engineering security software to figure out how it detects security threats has always been around, but hackers have found an even easier way to gain access to your computer: trick you into doing something that they want you to do.
Social engineering is a way for hackers to exploit humans through cleverly crafted emails, attachments that pretend to be something really important, free offers that have hidden programs in them or Web sites that silently try to sneak software onto your machine (called “drive-by downloads”) while you are clicking on an intriguing link.
If a hacker can convince you to open an attachment, click on a link or download a free program, they can instantly bypass your security software (and often disable it at the same time). Once this happens, your security software looks like it’s running, but it’s actually been given a “frontal lobotomy.”
Of all of the computers on the Internet, a residential computer attached to a highspeed Internet connection is the most targeted, and if you have “screen-agers” in your household, you are in a very high risk group for infections. Tech-savvy teens are not afraid of anything and will click on, download or visit any Web site, especially if they think they are getting something for nothing.
Teens are the primary users of file swapping software (Limewire, KaZaa, BitTorrent, etc.), frequent visitors to crack sites (to avoid paying for software) and live on social networking systems, which are all targeted by the bad guys.
We service both residential and business customers on a daily basis, and the difference in the two is dramatic. Residential computers tend to have exponentially higher levels of infections primarily because of the way that they are used.
The average business computer is in a controlled environment, with specific restrictions in place that limit the exposure to common ailments. Employees are usually given very specific usage guidelines, and in most cases someone is constantly watching over the entire network.
The average residential network is actually the same as a small business network was a couple of years ago, but no one is proactively watching over it. Instead, most residential networks are developed in an ad hoc manner, with no proactive measures and no one restricting what any of the users are doing.
Hackers understand their victims and always go after the weakest ones; in this case, it’s the average residential user.
You have taken all of the right technology steps to protect your system, so if you are continually getting reinfected, you have a “liveware” problem. Someone who is using your computer is engaging in questionable activities, visiting “fringe content” Web sites that are loaded with exploits or downloading software that has a hidden code in it.
If you can stop the behavior, you can stop the infections. Any seasoned computer person can take a look at the programs you have installed and determine if you have a user abuse problem.