Safer Internet: Connection: Avoid Malware

Quotes | Summary | Types | User Practices | Apps | Plugins | Flash | Java | Anti-Virus | Advanced |
References: General | Android | Anti-virus | Cyberattacks/Cyberwar |
Extensions, Plug-ins | Flash, Shockwave | iOS | Java | JavaScript | macOS |
Microsoft Office | Ransomware | Spyware | Web Servers | Windows


Quotes

Summary

[1] Understand Different Types of Malware

  • Malware can access, compromise local files -- and online identities and accounts.
  • Viruses Wreak Havoc On Your Files
  • Spyware Steals Your Information
  • Scareware Holds Your PC for Ransom
  • Trojan Horses Install a Backdoor
  • Worms Infect Through the Network
  • There's often overlap

[1] Improve User Practices

  • Pay attention -- most malware requires active user involvement
  • Don't click on links or open attachments in an unexpected email from "friends", "boss", "family"
  • Use browser Bookmarks / Favorites or a password manager to access web sites -- see later section: Browsing: Go To Correct Site
  • Don't click on links in popups, or unknown links in web pages, esp. ads
  • Do not respond to popups that "hijack" your browser, esp. those that "found malware" or download unexpected 'Flash updates' -- just quit browser (see Block Ads section if you can't close/quit); reputable companies do not use such annoying / scare tactics

[1] Install and Update Approved Apps

  • Backup your Devices; install & update your software -- system and applications -- by downloading only from vendor's app store (if screened), app's own Update preference or control panel, other reputable sites
  • [3] macOS: System Integrity Protection (SIP) is enabled by default, which aims to protect critical system folders by locking them down; temporarily disable SIP only if you know what's you're doing
  • [3] Don't "jail break" or "root" your device, i.e., don't install unofficial or pirated system/application software -- or visit "warez" or "dark" sites
  • macOS: App Store
  • iOS: App Store
  • macOS: System Preferences > Security & Privacy > General > Allow Apps Downloaded From: [screenshot]
  • [1] Mac App Store
  • [2] Mac App Store and Identified Developers
  • [3] Anywhere -- note: option hidden by default in 10.12
  • [2] To open an "unidentified" app that you're sure about:
  • macOS: Applications > (ctrl-click app) > Open > Open
  • iOS: use the TestFlight app to accept expected invitations from known developers
  • Enable phishing/malware/plugin warnings
  • macOS: Safari > Preferences > Security > Fraudulent sites; Internet plug-ins [screenshot]
  • macOS: Firefox > Preferences > Security > Block reported attack sites / web forgeries / add-ons
  • macOS: Chrome > Settings > Advanced Settings > Privacy > Protect you and your device from dangerous sites
  • iOS: Settings > Safari > Privacy & Security > Fraudulent Website Warning [screenshot]
  • [2] Don't automatically open downloaded files (check file types)
  • macOS: Safari > Preferences > General > Open "safe" files after downloading [screenshot]

[1] Manage / Minimize Plugins, Extensions, Add-ons

  • macOS: Safari > Preferences > Security > Allow plugins [screenshot]; [screenshot: Plug-in Settings]
  • macOS: Firefox > Preferences > Applications
  • macOS: Firefox > Preferences > Security > Warn me when sites try to install add-ons
  • macOS: Chrome > Preferences > Advanced Settings > Privacy > Content Settings > Plugins; also Unsandboxed Plugins
  • Consider disabling problematic, obsolete, infrequently-used plugins
  • most sites, e.g., YouTube, default to HTML5 for video if Flash not present; Java less popular -- covered next
  • iOS: unnecessary -- since plugins are not generally allowed
  • configure to selectively load a plug-in if desired, or re-install if needed
  • remove obsolete plugins, e.g., Microsoft Silverlight
  • macOS: Finder > (disk/user) > Library > Internet Plugins

[1] Flash: Update, Block or Uninstall

  • iOS: NA
  • macOS: I generally recommend uninstalling Flash from system; if necessary to use for some Flash-based sites, selectively use Google Chrome, which keeps Flash up-to-date automatically (at least for a little while longer), provides "sandboxing", and also auto-pauses certain videos / ads
  • macOS: Chrome > chrome://plugins > Enable, Always Allow to Run maybe possible to run on-demand selectively via ctrl-click?
  • If you do need to use Flash more frequently / conveniently, make sure it's always up to date and control using a flash blocker
  • macOS: System Preferences > Flash Player > Advanced > Updates
  • macOS: System Preferences > Flash Player > Storage > Delete All
  • macOS: Safari > Preferences > Extensions > Get Extensions : ClickToFlash
  • macOS: Safari (ctrl-click) > ClickToFlash Preferences
  • macOS should automatically disable insecure versions, and display message: 'Blocked plug-in', 'Flash Security Alert' or 'Flash out-of-date'

 yahoo[1] Java: Update, Block or Uninstall

  • iOS: NA
  • macOS: System Preferences > Java > Update [screenshot]
  • macOS: System Preferences > Java > Security > Security Level
  • macOS: Safari > Preferences > Security > Allow Plugins > Website Settings : Java : Ask [screenshot]
  • If installer wants to install any crapware or change settings by default, e.g., Yahoo homepage, search engine -- uncheck anything you don't want! -- installer now seems to be 'clean'

[1] Install Anti-Virus (AV)

  • Install & maintain antivirus software on your device, if applicable & desired
  • Be careful where you obtain malware protection software -- some may be malware / adware itself -- especially if obtained via ad links, popups, pop-under windows
  • Having AV installed is no excuse to be careless
  • iOS: unnecessary
  • macOS: optional -- to avoid distributing infected files to others, e.g., Windows friends, or if still using external portable media from unknown sources: USB drives, CD/DVD, floppies, etc.
  • virus definitions may not include newest threats; scanning may slow down, interfere with system
  • examples: Avast; Avira; ClamXav; Comodo; Sophos
  • note: if you're running Windows on macOS (using Boot Camp, or virtualization software like VMware Fusion or Parallels Desktop), you should absolutely run Windows anti-malware software -- Mac anti-malware won't help
  • Windows: Windows Settings > Update & Security > Windows Defender
  • If you must use others' devices to access your accounts, make sure they're well-protected (antivirus) and maintained (software updates) -- see Mobile Privacy section, esp. to avoid keyloggers or other spyware

[3] Advanced Settings: JavaScript, WebGL, web admin

  • JavaScript: on
  • JavaScript (not the same as 'Java') is essential for most modern sites; most browsers don't provide an option to disable
  • macOS: Safari > Preferences > Security > Enable JavaScript
  • You can generally remove tracking scripts by using a Content/Ad Blocker -- see Block Ads section
  • WebGL: on
  • WebGL (Web Graphics Library) JavaScript-based graphics using GPU
  • macOS: Safari > Preferences > Security > Allow WebGL
  • If administering your own website, check system log for suspicious activity, e.g., logins to non-existent or unauthorized accounts, unexpected accesses to admin pages or to non-existent modules / pages / directories; add suspicious IP addresses to a 'deny list'

References

Android

Anti-Virus

Cyber Attacks, CyberWar

Extensions, Plug-ins

Flash, Shockwave [Adobe]

iOS

Java

JavaScript (JS)

macOS

Microsoft Office

Ransomware

Spyware

[3] Web Servers

  • Apache, Drupal, Joomla, WordPress, etc.

Windows