Avoiding malware

Software is what makes computers so flexible and adaptable. Your computer is capable of things that haven’t been invented yet! But it will just as readily follow instructions that aren’t well-intentioned.

Software that purposefully compromises your privacy, damages your data, or uses your computer to perpetrate unlawful activity is called malware.

Note: People often say virus, but a virus is actually just one kind of malicious software.

Simple precautions

Computers don’t just ‘pick up’ malware, simply by being connected to the Internet. In fact, leaving your computer online is beneficial because it can update its software sooner, which makes it safer.

You’re also extremely unlikely to get malware just by reading an email. So, if you receive a message you think might be bogus, don’t be afraid to open it for further inspection. However:

It’s generally safe to browse websites, provided your software is up to date. Even a site that turns out to be not what you expected, or looks frightening, can’t normally cause harm. However:

The role of antivirus

No matter how careful you are with attachments and downloads, everyone makes mistakes—whether it’s you, your friend who emailed you, or the person who runs your favourite website. So it’s common to use antivirus software as an extra defence.

Note: The name antivirus is still used, though ‘antimalware’ would be more accurate.

Antivirus software includes a database of known malware, updated via the Internet as new kinds are discovered. Every file you open is checked against the database, and if a match is found, the malware is blocked from running.

Limitations and side effects

One limitation of antivirus software is that the people creating malware are always ahead. New malware appears every day.

To help combat this, modern antivirus also looks for suspicious behaviour, in addition to exact matches with its database. But it can never catch all malware.

This behaviour-checking can cause a side effect called a false positive, in which antivirus unwantedly blocks a harmless file.

There’s also the inevitable use of resources: antivirus can make your computer a little bit slower.

Finally, the fact that it must be embedded deeply within the operating system means that glitches in antivirus can break other software or, in rare cases, can even make your computer less secure.

My recommendation

Few will decide that these limitations and side effects are compelling reasons to forgo antivirus software altogether. However, my advice for most people is to stick with the antivirus built into macOS and Windows, rather than adding a third-party product like Norton or McAfee.

Risks beyond malware

Antivirus can’t save you from all mistakes. Indeed, the two commonest security problems I’m called about don’t actually involve malware.

One is the tech support scam, in which you either:

The bogus technician requests remote control of your computer, shows you the alleged ‘problem’ and charges to ‘fix’ it.

The other is phishing, where you receive an email or text pretending to be from a friend or a company you deal with—perhaps saying the friend has shared a file, or that someone’s made a purchase on one of your accounts. When you click to find out more, you’re shown a fake screen that looks similar to a genuine website and asks for information. In the heat of the moment, you give your password, bank details or other private data to a scammer.

A comprehensive approach

Now you know that antivirus is not a silver bullet, you should instead think of it as just part of the overall picture when it comes to computer security. Equally importantly: