Antivirus

By Martin Edwards on 21 November 2016

A big strength of personal computers is that their functionality is extendible through software. Your computer is capable of things that haven’t even been invented yet. Given a new piece of software in future, it will obey its instructions.

This is also a weakness, because the computer will just as easily obey instructions that aren’t good for it or for you. Software that intentionally harms a computer, compromises your privacy or damages your data is called ‘malware’.

While a lot of people use the term ‘virus’, a virus is actually just one kind of malicious software. Malware is a better word because it encompasses viruses among other bad things.

How malware arrives

The good news is that a computer can’t normally get malware just by being switched on and connected to the Internet (in fact, leaving computers online is beneficial because they get a chance to update, which actually makes them safer).

The simple act of opening an email is also extremely safe. You can almost never get malware by just opening an email, reading it, deciding it’s bad and then ignoring or deleting it. The danger with email lies in opening attachments, or links to websites, and here you should exercise caution.

Visiting a website – as long as your software is up to date – is also very safe. Even a website that turns out to be not what you expected, or looks frightening, can’t normally cause harm. The danger is in downloading files, especially new apps and other software, and you should seek advice if you are at all unsure about a download.

Malware can also spread via memory sticks or external hard drives. While it is no longer common to be at risk from merely plugging one in, if someone lends you a memory stick you should understand the kinds of file you find on it before double-clicking to open them.

How antivirus works

No matter how careful you are with attachments, downloads and memory sticks, everyone makes mistakes — whether it’s you, the person who emailed you, or the person who runs your favourite website. So it is common to run ‘antivirus’ software to help protect against malware (note the name antivirus is still used, though ‘antimalware’ would more accurate).

Antivirus software includes a database of known malware, which is updated via the Internet as new malware is discovered. Every file you download or open is automatically checked against this database, and if a match is found, you are blocked from using the file. You may also choose to scan your whole computer in one go, though this is less important.

Why it’s not perfect

The main problem with antivirus is that the people creating malware are always one step ahead. Hundreds of thousands of new malware variants appear each day. To help combat this, modern antivirus looks for suspicious behaviour in software, in addition to exact matches with its malware database. Still, despite its best efforts, antivirus software can never detect all malware — a fact that is complicated by there being dozens of competing antivirus vendors.

Another problem is ‘false positives’, in which antivirus software unwantedly blocks a harmless file. There’s also the inevitable consumption of resources: antivirus makes your computer slower. However, few people will decide that these are compelling reasons to forgo antivirus software altogether.

When it can’t help

It may surprise you that the two most common kinds of security incident I’m called out to help with don’t involve malware.

First is the ‘support scam’, in which you receive a phone call from someone pretending to be from a reputable company who claims they have detected a problem with your computer (or in a variation of this, you encounter a website that claims there’s a problem, and gives you a number to call). The supposed technician directs you to install software that gives them remote control of your computer. They then show you the apparent problem, and charge to fix it. Microsoft has a good article about this if you want to learn more.

The other is ‘phishing’, in which you receive an email pretending to be from a friend or from a company you deal with — perhaps saying the friend has shared a file with you, or that someone else has made a purchase on one of your accounts. When you click to find out more, you’re shown a screen that looks similar to a genuine website and asks for your password or other private information to continue. In the heat of the moment, you give away your password, bank details or whatever else to a criminal. Learn more in this article by Action Fraud, the UK’s national reporting centre for fraud and cybercrime.

What else you can do

Now you know that antivirus is not a silver bullet, you should instead think of it as just part of the overall picture when it comes to computer security. In addition to having up-to-date antivirus software, do the following:

Need help?

I’m a computer technician and tutor serving North Oxford, Kidlington, Woodstock and the surrounding villages. Visit my home page to find out more and get in touch.