Everyday Security in an Online World

Only Open Trusted Apps and Files

Software is what makes computers so flexible and adaptable. Your device is capable of great things that haven’t been invented yet! But it will just as readily follow instructions that aren’t well-intentioned.

Software that purposefully compromises your privacy, damages your data, or uses your device to perpetrate unlawful activity is called malware.

Note that while people often say virus, a virus is actually just one kind of malware. True computer viruses, which can self-replicate, are relatively rare. Malware is the right word to use if you’re talking about harmful software more generally.

We saw in Update Your Software that vulnerabilities in apps can create a way for malware to get into your computer, tablet or smartphone. This is why it is so important to keep your software up to date — it provides the best possible defence against this avenue of attack.

But malware infections can also occur as the result of an action by the person using the computer. Naturally, people don’t open malware on purpose; so it follows that it must arrive in more surreptitious ways, and trick you into allowing it to run.

Malicious or fake apps

People often encounter malware while trying to install a genuine application. When you use a search engine, like Google or Bing, to look up an app, the top result will not necessarily be the app’s official website. Furthermore, a third party might have paid to place advertising among those search results that looks official but isn’t.

If you’re downloading software from the Web, the best way to ensure you’re getting what you expect is to download it from the website of the company that makes it. The best way to tell you’re on the official site is to check the URL displayed in your browser (see Appendix: Understand URLs). For example, if you’re downloading Adobe Acrobat Reader and the URL shows you’re on adobe.com, you can reasonably assume that is Adobe’s official website (which indeed it is).

An increasing amount of software is available via app stores, like the Mac App Store on Apple computers or the Microsoft Store on Windows. On the iPhone and iPad the App Store is the only way to install apps, while on Android phones and tablets the Google Play store is certainly the recommended and most common way to do so. Developers must meet certain conditions to have their apps made available this way, and the stores perform checks around the safety of the apps they deliver.

However, the curation of these platforms isn’t perfect, and malicious apps have been known to make their way onto app stores for a while before they are flagged up and removed. You might also encounter unofficial or ‘fake’ imitations of popular apps, which can waste your time and provide an inferior experience even if they are harmless from a security standpoint.

Before installing an app, double-check the spelling of its name — fake or malicious apps may use misspellings of popular app names. Then check the name of the developer; for example, the App Store page for WhatsApp shows it is developed by WhatsApp Inc. It’s unlikely that a fake app developer could have gotten away with registering this name. You might also check the reviews or ratings; for example, at the time of writing, WhatsApp has been rated an average of four stars by a whopping 150 million users of the Play Store. It’s unlikely a fake app pretending to be WhatsApp would have achieved that.

Bogus security software

Ironically, some malware presents itself as software that will protect you from malware. You might encounter a message saying something like “Warning! Your computer is infected with five viruses! Click here to clean it.” But what you’re actually seeing is just an ‘advert’ on a web page. It knows nothing about your computer, and every visitor sees the same fictitious message.

Consider it akin to noticing a billboard advertisement that says you’ll win in this week’s lottery. It’s just a piece of paper with words printed on it. In any case, the thousands of people that walk past and read it can’t all be winners!

There are two good ways to recognise these bogus malware warnings. First, they are often exaggerated and ‘in your face’ — big red writing, warning triangles, animation and so on. Some even play a recorded voice saying your computer is infected. A genuine warning would be far more matter-of-fact.

Second, because the warning is really just a web page, it will appear contained within your browser — in other words within Chrome, Edge, Firefox or Safari. You’ll see the ‘back’ button at the top, as usual; and if you close the browser tab or window, the warning will disappear with it.

Malicious email attachments

Finally, one of the oldest means of delivering malware remains commonplace to this day: email attachments. More recently, email has been used to spread one of the most serious kinds of malware, called ransomware (see Back Up Your Data).

As a general rule, if you are even slightly unsure about an attachment you’ve received, don’t open it. If you know the person whose name is on the email, contact them in another way, like by phone, to check that they did indeed send it. There’s much more about this in the next chapter.

Mythbusting

To complement your knowledge of the main ways you might be tricked into infecting your computer, tablet or smartphone with malware, it is helpful to note a few common situations that don’t pose much of a risk. Misconceptions in this area cause unnecessary worry. Here are some myths and facts:

A note on antivirus

Multiple layers of security must be breached for a computer to be seriously harmed. The importance of one of these layers has long been exaggerated: antivirus software. I find that people often talk about antivirus like it’s their first line of defence — even a panacea. Naturally, years of good marketing by antivirus vendors has helped create this impression.

At the core of most antivirus software is a database of known malware. As new kinds of malware are discovered, the vendor creates definitions for them, and adds these to the database.

Whenever you download or open a file, the antivirus checks it against its database, and if there’s a match it blocks the malware from running. This ‘on-access’ or ‘real-time’ checking means you don’t need to regularly scan your whole computer for malware.

The limitation of this approach is that the people creating malware are always ahead of the antivirus vendors. New malware appears every day. To help combat this, modern antivirus also looks for suspicious characteristics in files and apps, as well as exact matches with its database. This heuristic analysis is necessarily imprecise, so it may sometimes result in a false positive, in which the antivirus unwantedly blocks a harmless file.

An additional challenge is that because it must be embedded deep within the operating system, glitches in antivirus software can break other apps or, in rare cases, can actually make your computer less secure.

You now know a bit about how antivirus works, and its strengths, weaknesses and limitations. You have learned that antivirus is not a silver bullet, and that you should instead think of it as just part of the overall picture when it comes to computer security. If anything, consider it your very last line of defence.

Both Windows and macOS have built-in antivirus software that works quietly in the background to help protect your computer. Free and commercial third-party antivirus products may claim to provide superior protection, or score more highly in lab tests and reviews, but you should by no means assume they will be more effective than built-in antivirus in real-world use.

Tablets and smartphones run operating systems that have been designed more recently, and take into account knowledge gained from years of experience securing computers. Apple and Google have been able to make bold decisions about the way these devices work, and their limitations — because they are not expected to be as comprehensive as traditional computers or provide compatibility with decades-old business systems. In particular, iOS and Android segregate individual apps from each other and from the inner workings of the system. This means not only that tablets and smartphones are much less likely to be infected by malware, but that third parties cannot produce traditional antivirus software for them. So, if you’re wondering whether you need an antivirus app for your tablet or smartphone, the answer – in a nutshell – is no. The same is true for Chromebooks, for the same reasons.

What you can do

If you found this useful, you can support my work by buying me a coffee or ordering a paperback or Kindle copy of the book.