Antivirus programs aren’t perfect — especially Microsoft Security Essentials. If you’re relying on your antivirus alone to protect you, you’re putting yourself at risk. You should still follow basic, common-sense computer security practices.
It’s hard to make a complete list of all the little tips and best practices geeks follow every day. This is an attempt at listing some of the most important security practices that you should swear by.
Run Malwarebytes Alongside Your Antivirus for Maximum Protection
Running antivirus is still very important, but these days the really active threats are from spyware, adware, crapware, and the worst of all: ransomware. That’s where Malwarebytes comes in.
Malwarebytes not only protects your computer from malware, but does a better job of cleaning up an infected computer than anything else on the market. And it doesn’t just work on PCs — they have a Mac version too.
And to protect your browser against zero-day exploits, Malwarebytes also includes Anti-Exploit and Anti-Ransomware features, which can stop drive-by attacks cold. And best of all, you can run Malwarebytes alongside your existing antivirus to keep yourself fully protected.
Even if you’re careful, you should use an antivirus. It’s possible you may be infected by a zero-day vulnerability in a browser plugin like Adobe Flash or your web browser itself. Even if you keep your browser updated, you may be infected by a new, unpatched vulnerability just by visiting a web page.
Now, this isn’t extremely common — but it does happen. An antivirus is an important layer of protection, as it will help protect you even in the face of such vulnerabilities.
Leave UAC Enabled
User Account Control was obnoxious when Microsoft introduced it on Windows Vista, but it’s much less intrusive on Windows 7 and 8. It’s at its worst when setting up a new computer and installing your favorite software — but, after you set your computer up, it won’t bug you too much. UAC helps prevent malicious software from modifying your system without permission. Like antivirus, it’s an important layer of protection.
Leave the Firewall Enabled and Configure It Correctly
Windows has a built-in firewall, so you don’t need to install a third-party firewall. However, you should leave the built-in firewall enabled. The firewall blocks unsolicited incoming connections, protecting Windows and the other software on your computer from malware that exploits unpatched vulnerabilities in system services that listen to the network. This is how worms like Blaster spread so quickly in the early days of Windows XP and why such worms can’t spread as quickly anymore.
You should also configure your firewall correctly — when it pops up and asks you whether you’re on a Home, Work, or Public network, choose the appropriate answer. If you select the Home option when you’re connecting to Wi-Fi at a coffee shop, your laptop may make your shared Windows files available to other people on the coffee shop’s network. The Public option prevents other people from accessing shared resources.
Most web users have an outdated, insecure version of Java running. It’s therefore extremely easy for them to be infected by just visiting a web page. Java has seen a constant stream of massive security holes. The most tragic thing about the Java situation is that Java applets are so rare on the web these days that few people actually need Java installed.
If you have Java installed, visit your Control Panel and uninstall it. If you do actually need Java for something, you’ll be prompted to reinstall it — but you probably don’t.
If you do need Java installed — to play Minecraft, for example — you’ll want to disable the Java browser plug-in to protect yourself.
Keep Your Software Updated — Automatically if Possible
All the software we use every day is likely riddled with security issues. These security issues are constantly being found — whether we’re talking about Windows, Internet Explorer, Mozilla Firefox, Google Chrome, the Adobe Flash plugin, Adobe’s PDF Reader, Microsoft Office — the list goes on and on.
Software companies regularly release security patches for such software. Worse yet, the patches release notes themselves may give information to attackers that helps them develop attacks on unpatched machines. It’s important to install such software updates as soon as possible after they’re available.
To do this, leave Windows Update set to automatically update — or at least set it to alert you to new updates and install them quickly. Internet Explorer, Mozilla Firefox, Google Chrome, Adobe Flash, and Adobe Reader all have automatic-update features — leave them enabled so you’ll always have the latest version without having to worry.
Browser plug-ins are a significant security issue. To be completely sure that you don’t have outdated browser plug-ins, visit Mozilla’s plug-in check website — yes, it works in other browsers and not just Firefox.
Be Careful About Programs You Download and Run
This one may seem obvious, but so much of the malware Windows users encounter seems to be as a result of accidentally downloading and installing bad software. Be careful about the programs you download and run. Only download and run trustworthy software. Get the software from its official website — if you want to download VLC, download it from VLC’s official website. Don’t click a “Download VLC” banner on another website and download it from someone else that may bundle malware or adware along with it.
The same goes for software that arrives via email attachments — don’t open executable email attachments.
And, when downloading software, be sure to watch out for advertisement banners disguised as “Download” links that will take you elsewhere and try to trick you into downloading possibly malicious software.
Be aware that there are many different types of “programs” — for example, screensavers in .SCR format are essentially just programs and could contain harmful malware. We’ve got a list of 50+ different types of file extensions that are potentially dangerous on Windows.
Avoid Pirated and Cracked Software
When you acquire pirated or cracked software from peer-to-peer networks or shady websites, you’re taking a big risk. By running an .exe file from such locations, you’re trusting the distributor to not do anything harmful. Worse yet, the cracks you may need to run to make such software work properly are made by software-cracking groups. You can’t know if they’ve included malware or not.
Downloading pirated software and cracks is just a bad idea from a security standpoint. We’ve probably all seen people download files from peer-to-peer networks and become infected as a result.
Downloading unauthorized software is much riskier than pirating music or videos — software is machine code that can be tampered with. A video is just a media file that can play or not play — although untrustworthy individuals often try to disguise malicious programs as videos so less-experienced users will run them.
Beware Phishing and Social Engineering
Browsers and email clients try to protect you from phishing attacks, but they’re not perfect. A phishing attack is the web equivalent of someone calling your phone, claiming to be your bank, and asking for your credit card number. Your bank would never call you and ask for this information, just as they would never email you and ask you to send the information in an email.
Be very careful when disclosing personal information online. Ensure you disclose it only to legitimate individuals and websites. To access your bank’s website, go directly there — don’t click a link in an email that claims to be from your bank, but may actually direct you to an imposter site.
Don’t Reuse Passwords
Password re-use is a huge problem. If you use the same password everywhere, a leak at one website would mean that your username, password, and email address are known. Attackers could then try your password along with your username or email address on other websites, attempting to gain access to your accounts. They could even try the password and email combination to get into your email account — so if you use the same password on your email account, you’re in trouble.
Such password leaks are happening with alarming frequency. If you use a unique password everywhere, you wouldn’t have to worry if your passwords ever did end up leaked. For help using unique passwords, you may want to use a password manager that makes this easier on you.
Use Secure Passwords
Password managers can also help you use secure passwords, which are reasonably long and ideally contain some combination of letters, numbers, and symbols. Password leaks have shown that many people use alarmingly simple passwords, such as “password”, “letmein”, and “12345” to log into their favorite websites. It should be obvious — these passwords definitely aren’t secure.
There’s no way to make a complete list of all the best computer security practices, so we’re sure we’ve missed some important ones. Feel free to leave a comment and share other important tips people should follow.