Malware – A Vulnerable Computer means a Vulnerable Identity

If you’ve been anywhere near a TV set or a newspaper in the last few weeks, there’s no doubt you’re aware of the massive data breach of Equifax – one of the country’s three major consumer credit bureaus. Over 143 million records are suspected to have been exposed – meaning about half of Americans are facing an increased risk of identity fraud.

These highly-public data breaches heighten our awareness of the ongoing security risk of our personal data, but we are consistently under attack on our own devices. If your computer is connected to a network it is at risk. A recent study suggested that hackers are attempting to hack personal computers every 39 seconds. Many of these attacks are designed to install malicious software (or “Malware”) on individual computers in an effort to capture personal information – whether it’s yours or someone else’s.

Heimdal Security, a leading producer of cybersecurity software, captures on average 230,000 samples of Malware a day – and it doesn’t stop just stop with your computer. Proofpoint observed and profiled an attack on home network routers and connected devices such as multimedia centers, televisions and at least one refrigerator.

How does Malware get into my system?

One hallmark of Malware is that it is often downloaded onto a computer or into a network without computer users’ knowledge. Phishing emails – messages that look and feel like they come from a trusted sender – can contain links or attachments that can automatically install a program in the background functionality of your machine. Additionally, malicious websites that duplicate familiar e-commerce or financial institution websites may also download applications when you navigate to them on your Internet browser.

What does Malware do?

Malware presents with a variety of sophistication and intent, some of the most common used to perpetrate identity theft include:

• Bots: Code that’s designed to take over your computer, making it an unwitting ally to the identity thief in further distributing Malware or carrying out other attacks on individuals or businesses
• Spyware: Software that’s designed to steal information by transmitting the computer’s data without the user knowing
• Rootkits: A program that hides malicious software from anti-virus software or other security by making it look like a normal, secured file – allowing it further access to computer data
• Remote Access Tools (RATs): Programs that allow a hacker to receive a continuous stream of information from your computer’s hardware through your network by tracking keystrokes or monitoring the computer’s camera
• Viruses: Perhaps the most familiar, viruses infect other computer programs to deliver the malware. Viruses are often designed to move from one computer to another.

What can you do to minimize the risk of Malware?

Hackers and identity thieves are constantly reinventing and improving their tools. Keeping your personal data safe requires continued vigilance. Here are a few tips to reducing your risk:

• Always keep your computer’s software and hardware up to date. Most companies are continually patching security gaps. If possible, turn on the automatic update feature which will install the newest versions as soon as they are available.
• Enable the highest level of security on your internet browser. While they may not be able to catch everything, they can provide warnings if a website or an email looks suspicious.
• Never open an email or download a file that seems suspicious. Closely examine the sender’s address to make sure it’s legitimate and is sent from the actual domain (e.g., bankofamerica.com and not bankofamrica.com).
• Few trusted companies will ask you to download a program or a document attached to an email. If you have doubts, contact the sender to verify its legitimacy and ask if there is another way to download.
• Keep your personal home network safe by password-protecting it using WPA or WPA2 encryption. WEP is an older, weaker data security protocol and may not be able to prevent more sophisticated attacks.
• Avoid public Wi-Fi, which could be a network established by an identity thief designed to intercept your data or create a back-end channel to access your device.
• Vary your online passwords among different websites and change them frequently.

Our Online Data Protection software, available as part of our comprehensive identity theft protection program, includes anti-keylogging software that scrambles keystrokes and confuses malware designed to track what you type. It also includes anti-phishing software that works with your browser to alert you to suspicious websites built to capture your logins, passwords, and other sensitive information.

Our identity protection program can monitor your information on the deep and dark web where stolen data is bought and sold by identity thieves. If we ever notice that your information may have fallen into the wrong hands, we can alert you and help you take action quickly – reducing your risk for fraud.