Recently the home PC belonging to one of my clients suffered a massive spyware attack. At another client, the owner's business PC almost did.
In both these cases, a visit to a Web site set off a flurry of pop-ups and realistic-looking Windows dialogs. The difference between the two situations was one mouse click - on the home PC the user clicked through, while at the business PC the user hesitated and then, thankfully, balked.
Do you know the old saw "It's not paranoia if they're really after you?" Well, they are. They're not going away and they're working on ever more devious ways to entrap you.
Your first defensive step must be protection. Software to combat viruses and security threats will cost about $40 or less per office PC per year. That sounds like it adds up, but it will consume several hours of my time to clean up that home PC. It took me nearly an hour just to determine that the best recourse was a full disk wipe and system rebuild, that I could not clean the infection quickly. It will take an hour to recover the data safely and then several more to rebuild and reconfigure the system. This is a full-service rebuild, of course; just restoring the PC to factory condition might cost $79 from one of the national "on-call" services. My rebuild will cost ten times as much as the protective software.
The second step is vigilance. Computer users in this day and age must be sophisticated enough to distinguish between normal system behavior, including warnings produced by protective software, from realistic looking attacks. Businesses have a vested interest in making sure their employees have this important knowledge.
For software, I usually recommend the free Microsoft Security Essentials. Originally licensed for consumer use only, in 2010 Microsoft extended the free license to small businesses. There are quite a few other vendors; Microsoft publishes a list, which is more trustworthy than search results from Google or Yahoo.
For vigilance, the best advice is simply to assume that every mouse click you are about to make will hurt you. The extra second you take to think about what you are about to do is all the edge you need. For general rules:
- Don't open email from sources you don't know.
- Think twice when opening unexpected email from sources that look legitimate.
- Don't open attachments in email unless they come from trusted sources and are expected.
- If a Web site goes crazy with pop-ups, close any other open programs and reboot your computer.
- Don't click any button (Okay and Cancel included) on a dialog unless you are familiar with the dialog and know it comes from a trusted program.
- If a Web site is named www.FixYourSpyware-2009.com or anything remotely similar, run.
Finally, don't run your computers in administrative mode while performing routine tasks. Take the time to set up separate user accounts for the administrator and each user of the PC. Use the administrative account only when required.
Originally published February, 2009. Updated in 2011 with current recommendations.