- Slow performance
Have you noticed if it takes longer than normal for your computer to boot up to the desktop? Once you’re logged in are you waiting too long for your programs to startup? More than likely you have some form of malware on your machine. Malware has the tendency to slow down your system, applications and overall functionality of the PC.
If you do notice something like this and you are not using any resource-heavy programs or applications, keep in mind It could also be a lack of memory available, a fragmented system, lack of space on your hard drive or maybe a hardware issue affecting your drive. Hopefully that is the case instead of malware.
- Pop ups
Another sign of malware is represented by unwanted pop-up windows. Unexpected (and annoying) pop-ups are typical signs of a spyware/ adware infection. To avoid potential spyware via pop ups:
- avoid clicking on suspicious pop-up windows
- do not download the recommended software listed on the pop ups
- be careful when downloading free applications (always check to see if unnecessary software will be installed, i.e. un-check the checkboxes)
If you do notice your system has pop ups, consider using malware removal tools such as Malwarebytes, Spybot Search and Destroy, Lavasoft’s Ad-Aware.
- Weird web-browser (IE, Chrome, Firefox) activity
Have you noticed if your browser home page changed to a random site? Are there toolbars placed at top of your web browser? If you try to go to one of your favorite sites, are you re-directed to another unrelated site? These could be symptoms of malware. Malware can install unwanted browser configurations, change the browsers home page, redirect you to unexpected sites, install toolbars, and/ or open unwanted Search engines. One way this can happen is when you visit a website and you accidentally click an malicious online ad or a unexpected pop-up window.
The action that follows triggers a download/ install malicious software.If you notice this activity, run a complete scan with your Anti-Virus software asap. Your machine at the very minimum should have antivirus programs such as Microsoft Security Essentials, Avast, or AVG. These type of threats may not be initially captured by your anti-virus software so it wont hurt to run additional scans with the anti-spyware programs mentioned in point #2.
- Suspicious hard drive activity
Another warning sign of a potential malware infection on your system is unusual hard drive activity. If you notice that your disk continues to have excessive activity (performing either very, very slow or sounding as though your computer is about to take off) this could be a good indicator to check your system for malware. More than likely there are malicious processes running which affects the production of the overall system.
- Anti-Virus software / features disabled
When trying to run scans on your machine, you notice that your antivirus isn’t working anymore or the update feature appears to be disabled. Believe it or not there some malware programs that are designed to disable anti-virus/ security programs. Remember the overall goal of malware is to steal information from your system without any interruption.
Some variants of malware will even prevent you from accessing security vendor websites. I experienced this when I was attempting to remove the conficker virus one time and could not get to security vendor websites like Symantec or McAfee sites as part of my troubleshooting. If you experience this situation more than likely your system has been infected with malware.
Always try to keep your system virus free and that starts with looking out for the signs of infection listed above.
Target, Home Depot, VTech all have something in common besides taking our money from time to time. These companies (and several more) were breached by hackers in 2013, 2014 and 2015 respectively.
A “breach” is an incident where a hacker illegally obtains data from a vulnerable system, usually by exploiting weaknesses in the software. All the data in the site comes from website breaches which have been made publicly available. The information hackers seek ranges from data such as addresses, phone numbers, credit card information, social security numbers and email accounts.
Here is a tip:
To see if your email account has been released into the wild because of a company that was breached check out: https://haveibeenpwned.com/ , enter your email address, click Pwned? and see what it comes back with.
Hopefully your email doesn’t show up on the Pwned list. If it does (like my Gmail account did as seen in the screenshot) make sure you change your password and monitor any accounts associated with that respective email account.
Credit (https://haveibeenpwned.com – Troy Hunt)
Malwarebytes anti-malware (Free version)
Malwarebytes Anti-Malware is by far one of my favorite anti-malware programs. I use malwarebytes as a backup to my Anti-Virus program, in case my AV program misses a threat. The free version of Malwarebytes Anti-Malware contains two types of scans, Threat scan and custom scan. The Threat scan, scans all of the possible places malware is known to hide such as in the startup process, registry and other parts of the file system.
The Custom scan gives you the option to choose what files and folders you want to scan.
For example on one of my computers (yes I have several) I have omitted a folder containing viruses (used for testing) and another folder containing investigative tools. Had I not done so, malwarebytes or my Anti-Virus program would have deleted my testing / tool files.
I recommend downloading Malwarebytes Anti-Malware (https://www.malwarebytes.org/antimalware/) and running it at least weekly in order to further protect your computer.
If you have a Mac you can download the Mac version here (https://www.malwarebytes.org/antimalware/mac/)
According to Splash Data’s yearly “Worst passwords list” here are the most common passwords used in 2015:
Rank Password Change from 2013
1 123456 No Change
2 password No Change
3 12345 Up 17
4 12345678 Down 1
5 qwerty Down 1
6 123456789 No Change
7 1234 Up 9
8 baseball New
9 dragon New
10 football New
11 1234567 Down 4
12 monkey Up 5
13 letmein Up 1
14 abc123 Down 9
15 111111 Down 8
16 mustang New
17 access New
18 shadow Unchanged
19 master New
20 michael New
21 superman New
22 696969 New
23 123123 Down 12
24 batman New
25 trustno1 Down 1
If you log into your personal accounts using one of these passwords above please change it. As you can see the secret is out there. If you need help refer to Up your password game
Let’s be honest, how many of you reading this article currently uses a password containing variations of a relatives name, pets name, your address or even the word “password”. At this time I am encouraging you to change your password to something stronger. This article will encourage you to change your password to something that will make you feel more secure about your accounts (work or personal). Using a strong password can prevent someone from hacking into your account using password attack methods such as brute force or social engineering.
Once a malicious actor (what we call hackers / attackers in the cyber-security industry) gains access to your accounts they can do things such as: post random or bad posts on your behalf, send out spam emails, make changes to your bank account, change settings, etc.
Personally I have DIFFERENT passwords that I use for my online banking, email, media and social media accounts. The one thing that you want to prevent is having a specific email address and password tied to multiple accounts. If a malicious actor recognizes this trend all of your accounts can be compromised much easier.
Here are some recommendations to up your password game:
I recommend using the Password Meter site (http://www.passwordmeter.com/ ) to help you create a strong password. Password Meter will provide a real time analysis of your password and let you know how strong it is based on criteria for creating a strong password. This is a very helpful tool. Plus once you use it, you will feel a little smarter because you have taken the first step in protecting your accounts and your online identity. You will not believe how easy it is to obtain simple passwords and use the associated accounts for malicious intent.
I also use an app called 1Password (https://agilebits.com/downloads). 1Password allows me to keep all of my different passwords in 1 place, which is convenient for me because I have several passwords that I use. Using 1Password also keeps me from going to sites where I may have forgotten my password only to use the “forgot my password” link over and over again which could become a very tedious and time consuming process. 1Password also prevents me from writing passwords down on a sticky note. Over the course of my IT career, I have seen people use sticky notes to keep track of their username and passwords. The bad thing is, I have seen these sticky notes on stuck on monitors, on laptops even placed under keyboards. All of the methods listed above are of course a bad practices for storing passwords. Anyone in plain view of the sticky notes can gain unauthorized access to a person’s passwords and accounts. Again as a measure of added protection, feel free to give Password Meter and 1Password a try and let me know what you think.