If I installed anti-virus and anti-spyware software, have kept Windows updated and have a firewall, why am I still getting infections?
This question was answered on March 30, 2007. Much of the information contained herein may have changed since posting.
There are two aspects of this problem that no amount of security software can overcome; reverse engineering and social engineering.
Security software often gives users a false sense that they are protected and can do just about anything they want on the Internet.
No matter which security software you install or even how many, the bad guys have the upper hand on figuring out how to get around them (this is why security software needs to be constantly updated)
Reverse engineering security software to figure out how it detects security threats has always been around but hackers have found an even easier way to gain access to your computer: trick you into doing something that they want you to do.
Social engineering is a way for hackers to exploit humans through cleverly crafted e-mails, attachments that pretend to be something really important, free offers that have hidden programs in them or websites that silently try to sneak software onto your machine (called "drive-by downloads") while you are clicking on an intriguing link.
If a hacker can convince you to open an attachment, click on a link, or download a free program, they can instantly bypass your security software (and often times disable it at the same time) Once this happens, your security software looks like it's running, but it's actually been given a "frontal lobotomy"
Of all of the computers on the Internet, a residential computer attached to a high-speed Internet connection is the most targeted and most infected computer type on the planet and if you have "screen-agers" in your household, you are in a very high risk group for infections.
Tech savvy teens are not afraid of anything and will click on, download or visit any website especially if they think they are getting something for nothing.
Teens are the primary users of file swapping software (Limewire, KaZaa, BitTorrent, etc.), frequent visitors to crack sites (to avoid paying for software) and live on social networking systems, which are all targeted by the bad guys.
We service both residential and business customers on a daily basis and the difference in the two is dramatic Residential computers tend to have exponentially higher levels of infections primarily because of the way that they are used.
The average business computer is in a controlled environment, with specific restrictions in place that limit the exposure to common ailments (but still at risk if users engage in risky behavior) Employees are usually given very specific usage guidelines and in most cases, someone is constantly watching over the entire network.
The average residential network is actually the same as a small business network was a couple of years ago, but no one is proactively watching over it.
Instead, most residential networks are developed in an ad hoc manner, with no proactive measures and no one restricting what any of the users are doing.
Hackers understand their victims and always go after the weakest ones; in this case, it's the average residential user
You have taken all of the right technology steps to protect your system, so if you are continually getting re-infected, you have a "liveware" problem Someone that's using your computer is engaging in questionable activities, visiting "fringe content" websites that are loaded with exploits or is downloading software that has hidden code in it.
If you can stop the behavior, you can stop the infections Any seasoned computer person can take a look at the programs you have installed and determine if you have a user abuse problem if you can't.
About the author
Posted by Ken Colburn of Data Doctors on March 30, 2007