Column: Malware finds a way despite anti-malware software

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

The proliferation of malware, including viruses and ransomware, remains one of the biggest issues dogging the information technology industry. Despite the availability of countless tools for prevention, intrusive attacks continue to occur. For good or for bad, the last line of defense is diligence on the part of the user.

Victims of attacks often bemoan the fact that anti-malware software should have stopped whatever misfortune has been unleashed. But the fact of the matter is that no anti-malware tool currently on the market is 100 percent effective. In fact, even combining multiple tools, no matter how many, is not foolproof. At some point, the user has to be smart enough to figure out he/she is being scammed.

The reason why anti- malware tools cannot stop 100 percent of the attacks is simple. The vast majority of tools on the market today must see the malware and be able to identify it before it can be stopped. The bad guys continually develop new strains of malware. The evildoers can blast out millions of attacks of new malware in a matter of minutes. Identifying these new strains and updating anti-malware databases to stop them often takes hours if not days. It is during this window that intrusions manifest themselves.

That’s not to say that anti-malware software should not be installed. After all, it does catch 99 percent (if not more) of the attacks that arrive. But for that very small percentage that gets through, folks need to exercise a couple of simple rules to avoid malware infection.

First, beware of any email that comes from someone you do not know. Virtually all infections come in via email nowadays. Second, and most importantly, take extreme care when opening attachments or clicking on links in ALL emails, even those that look like they come from someone you know.

If you are not expecting an attachment or a link, make doubly sure that the sender is who they say they are. On most computer-based email software, the actual email address is displayed in the message. Oftentimes, purveyors of malware try to make it look like it’s coming from someone you know, but it’s not. Smartphone-based email software often does not show the actual email address, so if you are checking your mail on your phone, you might wait until you get to a computer before further reading the email.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

Finally, even if the email is really coming from someone you know, think about whether that person would be sending you a file or a link. Many malware intrusions compromise email accounts and spawn further infection. Also look at the file name or attributes of the link. If anything seems even remotely strange, don’t open the file or click on the link. Instead, check with the sender to make sure they meant to send you something.

Smarter anti-malware tools are on the way. So-called “behavior based” tools catch malware after the intrusion, based on actions the computer takes. This has proven to be effective especially with ransomware. But that’s a topic for another column.

John Agsalud is an IT expert with more than 25 years of information technology experience in Hawaii and around the world. He can be reached at jagsalud@live.com.