While the media doesn’t pay as much attention to malware as it did a decade ago when the threat was new, tens of millions of PCs remain infected worldwide. Some are damaged by their infection and become unstable, others allow criminals to steal private information, and still others force the target to join a botnet.
You’d think such threats would make people take malware more seriously, but many myths persist. Here are five common misconceptions that can lull you into a false sense of security.
A Virus Can’t Infect Your PC If You Don’t Download Anything
Most people think of a virus as a malignant executable that runs harmful code and, as such, come to the conclusion that malware is only a problem for people who download sketchy files. In fact, this perception is well over a decade out of date, and can leave those who hold it vulnerable to a wide variety of threats.
The computer worm, a self-replicating virus that spreads itself through vulnerabilities in its victim’s software or operating system, is a prime example of malware that can infect its victim without the user knowing. Worms sneak into target PCs by using a loophole or bug. In most cases the vulnerability can be found in software, but sometimes it can be found in firmware; some Linksys routers, for example, are vulnerable to a worm that can infect the router remotely.
Even if worms didn’t exist, there are other avenues of attack. Hackers sometimes attack legitimate sites and sneak a virus onto them, opening up a wealth of targets who presume the site in trustworthy. A website may cause no harm for years then, without warning, become an avenue of attack.
The lesson is simple; install an antivirus on your PC, even if you visit a small selection of sites that you trust.
My Computer Runs Fine, So An Antivirus Will Slow Me Down
Users who think that they can protect themselves without an antivirus also tend to believe they’re not infected because their PC seems to run fine. And why not? Hollywood has convinced many that a virus throws up laughing skulls or a picture of Calvin pissing on a PC; at the very least, the Task Manager should show excessive processor usage. Right?
Wrong. While it’s possible to detect some viruses without an antivirus, many others try to leave no trace. This is true with some botnet malware, which tries to obscure its access to the infected PC’s resources, and also true of keyloggers and Trojans that seek to obtain a user’s personal information.
Want proof? Read Ars Technica’s article on “ratting,” which exposed a voyeuristic subculture based on tools that make it possible to spy on people via webcam without the victim knowing. The “ratters” even discover and discuss ways to disable the light which most webcams activate when in use, thus disabling a security feature many users think impossible to defeat.
While it’s true that an antivirus will put some strain on your PC, it’s unlikely to be so much that you’ll notice; most use less than a hundred megabytes of memory while running in the background, and processor usage is generally low unless you’re running a full system scan. And, since you have the antivirus install, you can rest easy knowing there’s no malware trying to trick you into thinking your PC is fine.
All Antivirus Apps Are The Same
There are a lot of antivirus apps to choose from, and choosing between them can be confusing. Perhaps it’s no surprise, then, that some users throw up their hands and declare all of them to be more or less the same.
Nothing could be further from the truth., security suites that score poorly detect and protect against up to 20% fewer zero-day attacks and 15% fewer “known” threats. Put simply, choosing the wrong antivirus can leave you vulnerable even to common malware.
While paid security suites tend to perform better than those that are free, some no-cost options, like Avast and AVG, hold up well. The rankings can vary significantly from year to year, however, so you should read AV-Test’s latest results before deciding which suite to download and/or purchase.
I Don’t Run Windows, So I Don’t Need An Antivirus
Excluding mobile operating systems for tablets and smartphones, Windows still owns about 90% of the global computing market, so it’s no surprise it remains a prime target for malware. That doesn’t mean other operating systems are perfectly safe, however, as they too can prove easy pickings.
Mac OS X, which takes up about 6% of the global market, has become the victim of numerous attacks over the last few years; one, discovered in 2012, infected 600,000 computers. While this is still limited in scope compared to even moderately successful Windows malware, it proves that Macs are not invulnerable, and users are often ill-prepared to handle an infection because they believe OS X to be safe.
Even Linux can be infected. Don’t just take our word for it; read the Linux Foundation article on malware, which points out that no computer is absolutely impervious to attack.
Malware Won’t Target Me, Because [Insert Reason Here]
Some users, for various reasons, decide they don’t have to worry about malware because…reasons. Those reasons range from “my computer is too slow” to “I don’t buy anything online.” I even once eavesdropped on a passer-by who declared, in reference to malware, “That doesn’t worry me, there’s nothing in my checking to steal!” Queue the laugh track.
Here’s the thing; malware is a program. Like all programs, it does what it’s programmed to do; nothing more or less. If malware is programmed to spread via an old Windows XP networking vulnerability and, once it infects a target, set up a keylogger, then that’s what it will do every time. A virus doesn’t care about your credit score.
Even if you rarely use your computer for “important” things, like purchasing items or paying bills, malware can cause problems. As mentioned previously, there are thousands of people who use relatively simple tools to spy on people infected with a Trojan via their webcam. A keylogger can also pick up information related to your email or social network accounts which, even if not used to target you specifically, could be sent to or sold to illegitimate organizations looking to send spam from compromised accounts.
In short, you don’t have the luxury of opting out from malware. And to make matters worse, it’s harder to rely on antivirus after malware is installed, because the malware might prevent the antivirus from working properly. Stay safe; get an antivirus now, rather than after you think you’re infected.
Malware a threat many people fail to take seriously until it’s too late. A user can go for months, maybe years without being infected; but when it takes root, it’s difficult to remove even when detected. That’s why it’s important to forget the myths and protect yourself with an antivirus immediately.