Fake Security is Big Business - More self-protection
(Page 4 of 4 )
Never use an administrator account for everyday tasks. All modern operating systems offer multiple user accounts with different levels of privileges. So-called administrator accounts have the highest level of access to the system, being able to install software, modify system configuration settings and update the registry.
Such accounts should be reserved for use only when required to perform system management tasks. This is because software run inside an administrator account may have the ability to make fundamental changes to the system without your knowledge. Everyday and routine tasks such as work and gaming should always be carried out in a regular user account which lacks the necessary privileges to compromise the system.
Avoid cracked software. So called warez – pirated versions of commercial software – can be a major security hazard. Such programs are often modified in order to bypass their security mechanisms, and this can provide an opportunity to incorporate some form of malware into the code.
The same can also be true for copyright restricted audio and video files. In addition, Torrent networks are easily seeded with spoof files which may be malware disguised as media or genuine application files. Regularly downloading cracked software from P2P networks makes it a matter of when, not if, you introduce something dangerous to your system.
Disable Windows Autorun. Autorun is the Windows utility that automatically invokes an application when a drive is mounted. For example, usually when you put a DVD into the drive on a Windows PC, your default DVD player will start up and play the disk. Autorun is the software working behind the scenes to make this happen.
There is a whole classification of malware – the inf/autorun class – dedicated to exploiting the vulnerabilities of Autorun. This is usually done by taking advantage of the autorun.inf file, which contains instructions to the operating system about which executable to launch and with which options.
Disabling autorun entirely will result in the minor inconvenience of having to launch applications manually when disks are inserted and drives mounted, but this is a small price to pay for the added security of preventing unknown and perhaps untrustworthy executables from launching automatically.
With the threat from scareware increasing all the time, Internet users should make it their business to familiarize themselves with the specific nature of these threats. They should understand the methods by which they are disguised and distributed and, most importantly, the most effective ways of protecting their systems against attack.
Above all, it is vital to understand that complacent trust in security software can be highly ineffective against scareware. The most effective precautions are awareness and common sense, along with a healthy level of skepticism.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |