Windows Security offers a good first line against attacks, but it still needs additional help.
Keeping your PC safe from malware is a never-ending challenge. With new threats popping up (and then fading into the background again) all the time, we’re indebted to security experts such as Kaspersky, Norton and Bitdefender for their constant vigilance. Their security tools are constantly evolving to keep up with the changing malware landscape, but however hard they work, you can’t rely on them 100 percent to keep your protected.
Cybercriminals are increasingly preying on us directly to try and trick their way on to our machines and into our wallets. These days, you’re as likely to be the architect of your own downfall by responding to a scam alert as you are to being infected by other means. But that doesn’t mean you’re fighting a losing battle.
In this feature we’re going to reveal what types of threat are currently the most dangerous, and what you can do to ensure you remain safe from them. We’ll reveal what the latest threats are – from hack tools to adware – plus help you strengthen your network’s security and steer you towards free and paid-for tools to keep you protected. Whether you’re worried about ransomware or malicious advertising, we’ve got you covered. Make sure Windows, your applications and your security tools are all up to date, turn the page and take control of your computing security for 2020 and beyond.
The phantom menace
Adware is a growing problem, aided by social engineering. Here’s how to keep it away
The world of malware is constantly changing and evolving – who’d heard of nasties like ransomware, cryptomining or social engineering until relatively recently? In its State of Malware 2020 report, Malwarebytes noted some interesting trends. One was that malware is increasingly focusing its attentions on business rather than consumers – presumably because cyber criminals spy bigger gains to be made.
That said, don’t ditch all your antivirus software just yet – consumer infections were only down a paltry two percent on the previous year. Of more significance is the changing landscape. The biggest source of infections by far are adware – these are programs that don’t carry malware themselves, but try to trick people into either downloading malware or giving up personal details.
The biggest jump in the list is by so-called ‘hack tools’, which are again often legitimate programs that provide hackers with a way into networks (see pages 16-17). The growth in popularity of both adware and hack tools suggests that security software’s ability to spot and detect more traditional forms of malware means cybercriminals are shifting their focus towards weaker spots in your defences.
Not all newer threats stay the course: cryptomining, whereby malware allowed criminals to hijack some of your computer’s processing power to help them mine for Bitcoin and other digital currency has fallen away in popularity. But even here, new variants continue to emerge alongside existing ones, while traditional forms of infection from worms to trojans, spyware to back doors, remain a persistent threat.
Beef up the Windows Firewall’s security with this free add-in that allows you to filter outgoing traffic.
With infections on the decrease you may be tempted that now’s a good time to let your security software subscription lapse and revert to free protection.
While it’s true Microsoft Security – built on the back of Windows Defender – is scoring highly in independent malware tests (it’s currently listed as a Top Product on www.av-test.org with more established rivals), it does lack tools to help protect against wider threats. Paid-for solutions like Kaspersky (www.kaspersky.co.uk), Bitdefender (www.bitdefender.co.uk) and Norton (https://uk.norton.com) offer a more comprehensive set of tools to protect against a wider range of threats.
One of the biggest holes in Windows’ security is its built-in firewall. The irony is, the Windows Firewall can provide comprehensive protection, but by default it only monitors inbound traffic from other networked devices and the internet to your computer. Any connections originating from your PC – such as software you’ve installed (including software you may have been tricked into installing) – are ignored.
The solution is to either install a dedicated firewall with two-way protection – a standard feature in all paid-for products as well as the free standalone Comodo Firewall https://personalfirewall.comodo.com/) product – or add two-way protection to Windows Firewall itself. This is done by installing the Windows Firewall Control (www.binisoft.org/wfc), which allows you to create rules for outgoing traffic to prevent applications and processes from accessing the internet.
“Generate new, lengthy and random passwords for your core accounts”
After installation, WFC is set to continue allowing all outbound traffic by default – to start filtering it, launch the program, switch to the Profiles section and select Medium filtering (recommended). Also tick the failsafe Automatically set box. Now switch to Notifications and select Learning mode to switch monitoring on. All digitally signed and trusted apps will be given network access automatically, but you’ll start to see pop-up notifications for other apps. If they’re trusted (not all safe apps are signed), click Allow this program; if you’re not sure, Block for now and ask me later.
It’s not simply malware you need to be concerned about, but all aspects of your online life. Now is the time to tighten the security of your online footprint by using a password manager (we recommend Bitwarden – www.bitwarden.com) and two-factor authentication (manage your codes with Authy – https://authy.com) to lock down your online accounts. Take the time to generate new, lengthy (14 characters should be sufficient against any brute-force password attack) and random passwords for your core online accounts and switch on 2FA where possible.
Also consider a VPN – particularly when connecting through insecure wireless networks. This scrambles your connection so the data transmitted can’t be intercepted. Try Windscribe (https://windscribe.com), which has by far the most generous free package out there, offering 10GB per month.
Finally, help ensure all your software stays updated with the help of Patch My PC (https://patchmypc.com/ home-updater-overview).
Your browser and security tools can intercept most – but not all – fake websites.
Attack of the PUPs
Keep annoying bundleware off your PC with our guide to potentially unwanted programs
As reported on the previous page, the biggest individual threat to consumers these days comes from adware. In the past, adware tended to simply mean ad-supported software, and later it evolved to include so-called PUPs (potentially unwanted programs), which are offered alongside the original program during installation. Sometimes these unsolicited extras are flagged and easy to avoid, but some use deliberately misleading language and confusing options to trick you into installing them.
These days, PUPs are better known as bundleware, and are usually more annoying than outright malicious – most are ignored by your security software, so you’ll need additional help: Unchecky (www.unchecky.com) offers limited free protection, but Malwarebytes Premium is by far the best at blocking these.
Most PUPs should be removable via ‘Settings > Apps > Apps & Features’, but third-party apps make them easier to spot – IObit Uninstaller (www.iobit.com/ advanceduninstaller.php) is one such tool with a dedicated Bundleware section, but it ironically offers bundleware as part of its own setup process (IObit’s free Advanced SystemCare Free tool).
Unchecky doesn’t simply untick potential PUPs, it’ll warn you before inadvertently selecting one.
Social engineering scams
Adware as a threat has shifted away from being merely annoying and is now considered dangerous once again. That’s because it’s often used to identify software used by scammers to try and hack people’s computers through social engineering.
Continue reading your story on the app
Continue reading your story in the magazine
THE YEAR OF 5G
We’re on the cusp of a mobile revolution: as new 5G phones connect to new 5G networks across the UK. You’ll be able to enjoy super-fast, super-stable data access wherever you may roam.
Learn how to....Make your mouse and keyboard easier to use
“Windows 10 includes numerous options that can enhance the way you interact with it – we reveal how to make your input devices easier to use”
LOCK IT DOWN!
Nick Peers reveals how to make your PC secure against malware and other threats
Learn how to…Enhance skies in Luminar
“Luminar’s latest update is full of tools to make the skies in your images more interesting”
How to zip and unzip files
“Whether you’re freeing up storage space or sending lots of files to other people, Windows’ built-in file zipping will make your life so much easier”
Back up important data with File History
“The File History feature of Windows 10 can be used to roll back to earlier versions of documents, or just create backups of all your important files”
Business inkjet with true A3 ability
Asus ZenBook Flip 15
A capable and premium 2-in-1 laptop
Learn How To… Create HDR Photos With Free Image Editing Apps
Mike Bedford investigates how to generate dramatic photos, containing much more of the tonal variation we actually see in a scene
10 Free Apps You Can't Live Without
Everybody – and we mean everybody – needs this collection of free tools and apps, curated by Nick Peers
RARE BEAR MARKET IN BONDS STRIPS INVESTORS OF SAFE HAVEN
A rare bear market in bonds hasn’t gotten much attention, but it may be inflicting more pain on investors than the downturns for stocks, cryptocurrencies and other investments.
When Hodl Failed
Three Arrows Capital, the most important hedge fund in crypto, set off a digital-asset contagion
Don't Forget an Exit Plan
Did a novelty rapper and her startup-guy boyfriend commit history's biggest heist?
When the Mines Close
As many as 1 million people will lose income after a change in the architecture of Ethereum
The best free VPN: It's important to choose wisely
VPNs are best when they’re paid for, but if a premium account isn’t in the cards then here are our top recommendations for a free service.
Crypto In Your 401(k)?
Just because you may soon be able to buy Bitcoin in your workplace retirement plan doesn’t mean you should.
How @jack got crypto pilled
Jack Dorsey, co-founder of Twitter and Square, has a new obsession
Hacking the Blockchain
High volatile and high-risk – just how safe is the world of cryptocurrency?
Who's Going to Regulate Crypto?
A major exchange is pushing to give more power to the U.S. commodities watchdog
With climate change wreaking havoc across the planet, we were just beginning to think about how we could use our technology to conserve fuel and reduce our carbon footprint. Then along came crypto mining.