:Important:
If you haven't read "All About Malware" by Doctor Inferno, then please do so now because this guide will use terms and information defined within. http://www.geekpolice.net/computer-security-f27/all-about-malware-t39.htm
How To Avoid Infection
Intro
Now that you have a pretty good understanding of malware and a few of its methods of infection, its time to teach you how to keep it out of your system. Malware designers use a lot of tricks and traps to confuse and scare you into installing there malware on your system. But there is no reason to worry, because after you have finished reading this tutorial, you will be armed with all the knowledge you need to avoid a lot of there tricks, both simple and advanced.
You are infected with a fake virus. Please download our worm now to fix it!
Have you ever visited a website, only to receive a message that says something like "You are infected with the virus MyDoom. Please download MyDoom Killer Gold to remove it."? If so, and you downloaded and ran there anti-malware solution, then you probably already know about this common trick. Welcome to the scare scam. This is where they use lies and scare tactics to convince you to download and run what is normally a trojan. The effects from then on is exactly the opposite of what they told you the effects would be. A little awareness can help you avoid this type of infection. Here is all you need to know; The website that claims that you are infected with the ____ Virus/Trojan/Worm is lying. They cannot scan your computer from there website to find out. While some websites can scan with the help of an activex control, this is done only with your permission and doesn't even work when you are using Mozilla Firefox due in part to some strict restriction in the Firefox codebase. Long story short, the website in question cannot possibly know whether or not you are infected.
A secret crush has sent you a love note. Please download our Spyware cleverly designed as a picture to find out who it is!
Another common trick that malware designers use to trick you into downloading there crapware is a trick most commonly known as the "Secret Crush Infection". It is spread around by advertisements through common advertisement networks that redirects you to a website that will do everything possible to get you to download and run an executable file (See definition at the bottom of this tutorial...). These websites are often full of love and goo and make you believe that someone really is in love with you and wants to meet you. Just like the trick described above, the simplest way to understand and avoid this trick is awareness. Simply put, there is no way that they would know you, or anyone that wants to send you a love note. With that said, any time you see a banner like that, your best bet is to shy away from it. It is a lie, and will most likely result in an infection.
Our software will repair and improve your computer. You can have it for the low price of all your personal information, and a total system crash.
Freeware. Its a term that I know for a fact that you have heard before. You can find freeware all over the internet. You can find it on CNet's Download.com, you can find it on forums, you can find it in your local library. Some of it comes with nasty little surprises, some of it is clean. But how can you know what is clean and what isn't? How can you be sure that the screen saver that you just downloaded doesn't pack a nasty little surprise? It is actually easyer than you think. First of all, you need to set a few guidelines on what you should do when you encounter software that you want to download. You should start by scanning it. If you have a good anti-malware device and you keep it updated well, then you shouldnt have much of a problem. If you dont, then you need to get one. Before you run that nice little screen saver that you just finished downloading, you should always scan it with your anti-malware device. If you want a second opinion, then that's ok too. You can use online anti-malware scanners such as Virus Total to scan the downloaded file. Want more information? Simply plug the programs name into google to see what other people have to say about it. Just remember that you should never download programs from sources that you don't know, or trust. A little bit of work can save you a lot more work in the long run.
Take a look at our video. All you need is our worm that calls itself a video codec(See definition at the bottom of this tutorial...) to play it!
How many times have you been to a website, expecting to see a video only to get a blank box with a message saying that you need to download additional video codecs to watch the video? It is a common trick, but one that you can get around easily. But here's the difficult part, how do you know if they are lying or telling the truth? Maybe you don't have the codecs needed to play the video. Maybe there is no video, and what you think is a video codec installer turns out to be a trojan, or worm. Here's how you can tell. Don't download anything that the site offers you. Instead, simply update your favourite media player. If there are updates to its video codecs, then it will tell you and download them on its own. A legit site shouldn't even offer, choosing to give you the same information that I have stated above.
Our free software will steal your money, while convencing you that it is helping you become rich!
Get rich quick schemes. They are everywhere. If you search on a popular search engine for a way to make money fast, then you are likely to see a lot of them. They lie to you, and offer false hope. The most common of these, is a tactic that utilizes software to steal your money, and other personal information. In this trick, you will see a website that claims that they can make you rich fast using proven methods to ensure that you make the most money as fast as you can. They claim to use "the worlds best" money making strategies, and that all you have to do is download there software to get started. They claim that they make money by asking you to give them a cut of the profits. This is a lie, and a very good one. The only thing that they give you is false hope. The truth behind this evil scam is that you wont make money at all. There software will steal any information that you enter into your web browser, and it is very difficult to remove. You are better off if you just shy away from any websites that tell you that you can make money fast, working from home.
Your friend has sent you some malware, um, we mean pictures. Please download and view them to see what cool things your friend has to show you!
A common method that malware can use to spread is known as Mass Email (See Definition Below). In this case, you receive an email from your best friend that has a video or some pictures to see, and he/she really wants you to view them. If you have ever received an email like this, than you know what is coming next. You run the malware disguised as a common picture or video, and the pain begins. I am not trying to tell you that you should be afraid of every pic that you get in your email, just be cautious. Scan it like you would anything else that you download, and email your friend asking them to varify that they sent you the pic. As I said earler, a little bit of trouble now can save you a LOT of trouble later.
Our spyware will teach you how to make money using Google! Thats right, Google! Millions of users are already making tons of money, money that you could be making too!
Sounds good doesn't it? It would probably sound even better if I didn't include Spyware in the sentence right? Well don't worry. They wont include the "spyware" reference when they are scamming you into downloading there malware. It is a harsh reality, but a reality non the less. This trick is yet another "Get Rich Quick!" scheme. But in this one, they tap into the vast resource that is Google. They will tell you that they can help you make lots of money. They will tell you that everyone can/is doing it. They will tell you that you can make loads of money with 15 minutes per day, just by doing XXX.
How do you avoid this?
ITS A SCAM!
RUN AWAY!
MOVE IT!
FAST!
NOW!
Dont ever let yourself be tricked by this scam!
More To Come!
:Definitions:
Executable - A file with a .exe extention. Usually defined as an application, these are the very basis of software in Microsoft Windows. (Example: The base application in Microsoft Internet Explorer is iexplorer.exe)
Media Codec - A set of instructions that a media player needs to play a spasific audio or video file.
Mass Email - A large amounts of email sent out at one time.
Last edited by Jerry Parnell on 22nd August 2008, 5:34 am; edited 2 times in total