How you can be infected via your browser and how to protect yourself

Reduce your risk with a few simple steps

Personal data is valuable to cybercriminals. Did you know hackers can resell Netflix passwords for $3 each? Financial data is even more valuable, and hackers can get as much as $2,000 for reselling online banking credentials.

Because data is so valuable, attempts to steal it are becoming more commonplace and more sophisticated. Techniques include malware, phishing, SMiShing and social engineering. Here are a few steps you can take to reduce your risks.

How you can be infected via your browser and how to protect yourself

Protecting your devices

Desktops, laptops, phones, and tablets are primary targets of malware. Malware is a piece of malicious code that infects a device, and can spread to different files and programs. Depending on the purpose of the virus, the malicious code can use your device’s computing power to conduct broader cyberattacks, delete important files, or spread to other devices.

Malware is also becoming more sophisticated and there are many different types. You’ve probably heard about ransomware, a type of malware that locks you out of your device until you pay a ransom. A keylogger virus or spyware can record what you type in online forms, such as online banking login credentials, and send that information to a cybercriminal.

Here’s how you can protect your devices from malware:

  • Install an antivirus program on all the devices you use, including your phone and tablet. Make sure to keep it up to date.
  • Use a firewall to control which programs have access to the internet. Your firewall can prevent an infected program from broadcasting your sensitive data.
  • You can avoid malicious webpages and links by installing a browser extension that scans the pages you visit.
  • Secure your home Wi-Fi network with a strong password.
  • Avoid using public Wi-Fi networks. Don’t use public networks to shop online or log in to your online banking account.
  • Be wary of emails with attached files and links. Don’t open files or click on links from unknown senders. The same rule applies to links you see on social media.
  • Online downloads are common sources of malware. You can get malware from illegal downloading sites or from viruses bundled with software downloads that look legitimate.

Phishing and SMiShing are especially prevalent

Phishing and SMiShing, respectively, use emails and text messages that trick you into clicking on malicious links. The links will either download malware to your device, or steer you to a spoofed webpage where you’ll be prompted to enter your login credentials. Spoofed webpages, a web page that closely imitates an actual site, often look like an online banking portal.

It’s important that you be aware of common phishing techniques since more than 90% of cyberattacks start with a phishing email.

Most phishing and SMiShing attempts are fairly easy to identify if you know what to look for:

  • The messages usually convey a sense of urgency. They may claim that your online banking account requires attention or that you have to verify your login information.
  • Some phishing emails contain typos and bad grammar.
  • The message will likely come from an unknown sender, but the email address may resemble one from a legitimate company.
  • A more sophisticated phishing or SMiShing attempt can imitate or masquerade as a legitimate address or come from the email address or phone number of a contact whose device has been compromised.
  • You may receive messages or comments with malicious links from fake social media accounts or even from friends whose accounts were compromised.

Reduce risks by following a few simple rules

You can reduce your risks of having your information stolen if you always think before sharing something online. Ask yourself whether a link or email is safe to open, and consider whether you’re using a safe device and network for certain online activities such as shopping or accessing an online banking portal.

Don’t respond to an unsolicited email, text, or telephone message directing you to a website or requesting confidential information like login credentials or social security numbers. Instead contact your bank, social media site, etc., using telephone numbers or links you know to be good and verify whether the information is required.

Strong passwords are an effective way of protecting your devices and online accounts. Use long one passwords, avoid common phrases, and change your passwords regularly. If two-factor authentication is available, enable it.

Another rule to follow is to avoid oversharing online. It’s very easy to reveal your location on social media or share information that can be used to open one of your online accounts, including your birthday or answers to security questions such as a pet’s name or a school you attended. Keep your social media profiles private and avoid sharing any kind of personal details.

Be sure to follow those online safety tips to protect your devices and avoid falling for common phishing scams.

How you can be infected via your browser and how to protect yourself

It has been common for quite some time that the Internet or the World Wide Web be the most usual angle of attack for hackers, most often targeting software vulnerabilities or using exploits on the receiving client.

Software vulnerabilities can be anything from third party software exploits to Cross-site scripting (XSS).

The most commonly exploited software on your PC has been Oracle Java, Adobe Flash and Adobe Acrobat Reader for many years. More frequently, now browsers such as Google Chrome and Internet Explorer are also being exploited, which make World Wide Web exploits a serious information security risk.

That means that software on your computer or your corporate environment is also a risk, so make no mistake about it. In approximately 70% of web based attacks the direct target is a vulnerability on your computer.

Other angles of attack used by hackers from the Internet are attacks such as phishing, drive-by downloads, watering hole attacks or social website attacks. If you don’t know them, you can read more about each important type of attack.

So, since the Internet or websites are now the most commonly used angles of attack, delivering a variety of attacks types, let’s find out which sources of the Internet are actually delivering them to your computer or which underlying sources are trying to infect your company’s organization.

Please keep in mind that the information below does not refer to websites that a computer user might access (e.g., but it concerns the original source for the malicious content. The source of infection could be the visited website, but also concealed content, which is loaded from another website (e.g. through an iFrame).

Most common World Wide Web exploits used to deliver cyber-attacks

The following is a detailed list of which types of websites are being used to deliver malicious attacks by hackers (data extracted from our comprehensive Heimdal Security Intelligence Database):

  • 90,0% – delivered from advertising networks
  • 4,63% – websites being used only for malicious purposes
  • 4,10% – delivered from remarketing networks
  • 1,20% – the actual website itself, which is malware infected
  • 0,04% – typo squatting normal websites
  • 0,03% – Content Delivery Networks.

Some of the categories above deserve a more in depth look on the type of attack used.

Within the category of websites used only for malicious purposes, the split of the attack type is:

  • 88,6% – websites used to deliver drive-by downloads
  • 10,7% – websites used for phishing attacks
  • 0,70% – websites used for redirecting the user to other destinations on the Internet, which are malware infected.

How hackers target vulnerabilities in your system

Within the advertising and remarketing space, the most often attack type used is targeting vulnerabilities or using exploits on your PC. The rest is a blend of methods used to deliver malware to the computer.

However, looking at the numbers below, we will have to remember that World Wide Web exploits can also be used with a variety of intents. So this is just a view of the initial attack purpose, not the final goal.

The assumed total look of attack types is therefore as follows:

  • Trying to target vulnerabilities and exploits – 75,6%
  • Trying to deliver malware to the PC – 23,9%
  • Trying to fish the user for personal information – 0,50%.

As we have covered in earlier blog posts, it is commonly known that Oracle Java, Adobe Reader or Adobe Flash is present on 99% of computers. Not only that, but the vulnerabilities seen in these types of software are extremely critical, which means that a simple click on an advertising banner could give a hacker full access to your computer.

Also recently Adobe Flash was directly integrated as a component in Google Chrome and Internet Explorer, which means that the number of World Wide Web exploits related to it is likely to increase.

Only 3 weeks ago Adobe Flash had 4 vulnerabilities within a week, so it is fully understandable why hackers take this route to attack your PC.

As a private PC user, CIO or IT manager, we can therefore only urge you to find a web-filtering tool and keep your software up to date. Having traffic filtering enabled will help protect you against Zero Hour vulnerabilities as well.

How you can be infected via your browser and how to protect yourself



  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on Pinterest (Opens in new window)

Fighting off malware, viruses and hackers is a seemingly endless challenge. With the ever-evolving tactics criminals use to attack your computer and its contents, you find yourself going about the drill: install security software, update, repeat. This continuous cycle of protection may have you feeling confident against intruders, however slight. Please don’t get too comfy, as I am here to discuss a ruthless threat that demands your attention.

While you sit back in your comfy desk chair thinking your antivirus and firewall are sufficient safeguards from the evils of the web, think again. Mischievous web dwellers have taken a decades-old malicious software and improved its ability to lock you out of your device until you pay the price, literally, turning it into a new sort of ransomware.

Before exploring how to protect yourself from this insidious software, I must share a few unpleasant details. The most common type of ransomware is an encryption program that replaces your valuable documents with encrypted copies.

Once encrypted, you will not have access to the originals until you pay a ransom, typically in bitcoins, to the perpetrator. This payment is made with the hope of him or her providing you with an encryption key to decrypt your documents.

Tech news that matters to you, daily

Privacy, security, the latest trends and the info you need to live your best digital life.

In general, ransomware has been used to extort money from businesses and organizations. However, one of the most notable widespread incidents was the WannaCry outbreak in 2017 which infected the systems of organizations and individuals in over 150 countries. Reportedly, the hackers made off with $1 billion from computer users who were desperate to save their files.

Note: Ransomware has been detected for Macs.

How did I get ransomware?

According to UC Berkley’s information and security policy, there are a few ways hackers can infect your system. Encrypting ransomware can be spread through phishing emails with malicious attachments or they’re added to your system when you visit an infected website, which is called “drive-by downloading.” It can also spread through social media via web-based instant messaging apps.

When it comes to protecting yourself from ransomware there are several steps you can take that will help ensure you are not one of its victims:

Make certain your system is up to date

Attention Windows XP or Vista users, you should have received a warning from Microsoft that the company is no longer supporting these operating systems. Moreover, unless you upgrade to Windows 10 or purchase a new computer, your existing system is at high risk for a ransomware infection. For users of Windows 7 or newer operating systems, it is essential you enable Automatic Updates. Turning on this setting will allow for the automatic installation of security patches when they become available.

In case you are unsure of how to enable Automatic Updates here are the steps involved:

Click on Settings in the Start menu > Click on Update & Security

How you can be infected via your browser and how to protect yourself

Click Advanced Options

How you can be infected via your browser and how to protect yourself

Enable Turn On Automatic Updates

How you can be infected via your browser and how to protect yourself

Ensure your browser is up to date

In addition to updating the operating system, your browser and any related plugins require attention when it comes to securing your computer. Hackers have found vulnerabilities in common browser plugins such as Java or Flash which can result in infection via the above mentioned drive-by downloading.

Unfortunately, what seems like innocuous tasks such as visiting a website or viewing an ad, if compromised or malicious, they can introduce ransomware to your system.

Install a trusted anti-malware program

Considering how hackers with little effort can make their way into your computer, adding extra security layers to your system will force hackers to work twice as hard to get to your data. And, even though there are no foolproof ways of preventing an attack, installing a reliable anti-malware program will provide an additional level of protection. An advantage of using an anti-malware program is that it will quickly update and block any newly discovered malware.

Back up your data

For numerous reasons, including the threat of ransomware, it is imperative that you get into the habit of backing up your data. The reality is, some ransomware is intentionally designed to encrypt all data regardless of where it may be stored, including your external hard drive, cloud or across your network. There are a couple of options to protect yourself, continue backing up your files to an external hard drive, then disconnect it, or utilize a cloud service that automatically updates your data. This method will allow you to recover earlier versions of your files if any of the most recent ones are encrypted.

Be cautious when opening emails

If you are ever hesitant about opening an attachment to an email or clicking on any links within an email, do not do either. Although you may recognize the sender’s name, understand his or her name can be spoofed all under the guise of being legitimate. When in doubt, contact the sender and verify that he or she sent the email to you.

Preventing viruses and dealing with malware

You can detect viruses, spyware and other malicious programs — generally known as “malware” — running on your computer and remove them with up-to-date tools:

Anti-virus software

Your computer can become infected with a virus through email attachments, from content you download from a website or from infected media (CD-ROM, DVD, ROM, USB drive, diskette, etc.). Anti-virus software helps prevent your computer from becoming infected and your files from being corrupted or lost. It also can detect existing viruses and clean your computer so that they do not spread.

  • Always use up-to-date anti-virus software, from a reputable vendor, that is capable of scanning files and email messages for malevolent software. Most anti-virus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for them as soon as they are discovered.
  • Register new anti-virus software immediately, and sign up for automatic notification of product updates if available.

Anti-malware software

Malicious software attacks are rising at an alarming rate. Malware generally refers to any program that intentionally harms your computer and is typically installed without your consent.

Malware can get into your computer by doing something as innocuous as clicking on an ad, going to a website or even unknowingly downloading a document. The malware “industry” has blossomed so much that some malware actually poses as anti-malware software.

Your best defense is to keep your browser, operating system, and applications up to date, and to run updated anti-malware software.

Anti-spyware software

“Spyware” is a particularly nasty type of malware, and is designed to essentially “spy” on you by tracking and collecting your personal information. The information collected often includes your user IDs, passwords, name and address. Your computer can become infected with spyware through email attachments or from free content that you download from a website. Spyware is often installed on your computer without your consent.

Anti-spyware software can detect these programs running on your computer and clean your machine.

Report abuse

Replies (5) 

Hi El. I’m Greg, an installation specialist, 10 year Windows MVP, and Volunteer Guardian Moderator here to help you.

Where are you seeing this notification? Does it pop up from Action Center? Or is it from a webpage in a browser? The fact it claims it’s from a website makes it sound like one of the push notifications that are easy to accidentally choose when your browser asks if you want these from a website. Go here to see which ones you’ve selected; I would disable all of them unless you know for sure you want their feed:

If it’s a popup from or within a web page This sounds like the Fake Virus scam which can emanate from a mistyped URL it occupies.

Close the Browser window using whichever method is necessary, as it cannot escape the browser unless you download something from the page.

If you cannot close the browser window, right click the Task Bar or press Ctrl + Alt + Delete keys to open the Task Manager, choose Show Less Details, highlight the browser and choose End Task.

If this fails hold the power button to Shut Down. If you do this Edge may reload the page when it starts back up, but it will also give you an option to Start Fresh to avoid opening the previous tabs.

Also in Edge, if you try to X out of the browser WIndow, it may present a dialogue box to end the session. The webpage is allowed to put text in the box but cannot stop it from closing the Windows when you choose OK, so that is safe to do.

If you have a shortcut or Favorite/Bookmark of the site be sure to delete it.

It may have also set itself as your Home page or be lodged in your Browser Add-Ons or Extensions so you’ll want to change the home page if necessary in Browser settings, and disable any Extensions that you didn’t add yourself following this guide:

If you called the scammers and they installed anything on your PC, open Settings>Apps & Features, choose Sort by Date, uninstall anything on that date you didn’t install yourself.

Then run a full scan with Malwarebytes. Set it’s scan settings to search for rootkits. You can turn off the trial version later in it’s Account Settings.

Clean up anything found. If you are seriously infected with Trojans or Rootkits that show up again when you re-run the scan after cleaning, post back for further instructions.

Then check System files for damage with System File Checker from

If you paid them anything, notify your bank that you were scammed.

I hope this helps. Feel free to ask back any questions and let us know how it goes. I’ll keep working with you until this is resolved.

Standard Disclaimer: There are links to non-Microsoft websites. The pages appear to be providing accurate, safe information. Watch out for ads on the sites that may advertise products frequently classified as a PUP (Potentially Unwanted Products). Thoroughly research any product advertised on the sites before you decide to download and install it.

Windows MVP 2010-20

Millions helped via my tutorials and personally in forums for 12 years. Now an Independent Advisor.

I do not quit for those who are polite and cooperative.

Here’s your beginner-friendly explainer on this privacy and security tool for online browsing, and how it works with VPNs.

Tor is an “onion-routing” network that protects your privacy online.

If you’re new to internet privacy and security, you’ve still probably already read references to something called Tor — a widely hailed piece of internet-connected software with its own internet browser. Tor is embraced by privacy aficionados for its reliable encryption and its history of covering users’ internet tracks.

At first glance, the terminology around Tor can seem intimidating and alien. Don’t worry, though. It’s simpler than it seems.

Get more out of your tech

Here’s everything you need to know about Tor.

What is Tor?

Back in the mid-’90s, when the US Navy was looking into ways to securely communicate sensitive intelligence information, a mathematician and two computer scientists emerged from the Naval Research Lab with something called “onion routing.” It was a new kind of technology that would protect your internet traffic with layers of privacy. By 2003, The Onion Routing project, acronymed Tor, was in the hands of the public, where its vast network of users — the engine enabling Tor — has since continued to grow.

Today, thousands of volunteers all over the world are connecting their computers to the internet to create the Tor network by becoming “nodes” or “relays” for your internet traffic.

At a basic level, Tor is a type of internet-connected network with its own internet browser. Once you connect to the internet with the Tor browser, your internet traffic is stripped of its first layer of identifying information as it enters the Tor network, and is then sent bouncing through those relay nodes, which serve to encrypt and privatize your data, layer by layer — like an onion. Finally, your traffic hits an exit node and leaves the Tor network for the open web.

Once you’re in the Tor network, it’s nearly impossible for others to track your traffic’s manic pinballing path across the globe. And once you leave the Tor network via an exit node, the website you view (assuming it has HTTPS in front of its address) isn’t sure which part of the world you’re hailing from, offering you more privacy and protection.

8 Chrome extensions that can save you hundreds of dollars

How do I use Tor?

Normal web browsing is easy with Tor. Head to the official site and download the Tor browser. Follow the installation instructions as you would with any other program. When you open Tor for the first time, the program will ask you to either configure your connection (if you’re in a country where Tor has been banned, like China or Saudi Arabia) or simply connect. Once you click connect, Tor may take a few minutes to find a set of relays to connect you through.

But once you’re in, you can use Tor just as you would any other browser. You’ll also be prompted to review your Tor browser security settings. If you’re aiming for maximum privacy, I’d advise leaving the settings on their default selections.

If you start experiencing slower-than-normal speeds, you can nudge Tor into action by checking for a quicker connection path to the website you’re trying to view. In the top right corner of the Tor browser, click the three-line menu icon and select New Tor Circuit for this Site.

The privacy-focused Brave browser also has an option to route traffic through Tor when inside a private window.

Are there any downsides to using Tor?

Because Tor is a volunteer-run network, speed can often be an issue. As your traffic moves from node to node, you’re likely to notice more speed loss than you would, for instance, with most commercial virtual private networks . This becomes particularly noticeable if you try to watch streaming Netflix content over Tor or make voice-over-IP phone calls or video calls with an app like Zoom . Tor technology isn’t necessarily built to provide seamless audio-video experiences.

Speaking of videos, there are also limits to the amount of privacy Tor can offer you if you enable certain browser media plugins like Flash. Likewise, your browser’s JavaScript plug-in — which enables you to view a lot of websites’ embedded media — can still leak your IP address information. Torrenting files with Tor also exposes you to privacy risks. Because of these risks, Tor’s privacy settings have these kinds of plug-ins disabled by default.

If you’re just looking to do general, daily internet perusal using a browser that will better hide your traffic from spying eyes, Tor probably isn’t the best choice due to its slow speeds and incompatibility with most embedded media. But if you’re concerned enough about privacy around a particular topic of internet research (and you don’t have a VPN), Tor is probably the best choice for you.

Will Tor work with a VPN?

In some cases, yes. Most of the time, however, it takes some know-how to be able to configure your VPN’s connection to work in harmony with Tor. If you don’t get it right, you can risk making both Tor and your VPN ineffective when it comes to protecting your privacy. We recommend getting familiar with both types of software before marrying the two.

On the plus side, however, a successful combination of the two can be useful. While Tor protects your internet traffic, your VPN can be set to encrypt the internet traffic of any other applications running on your device in the background.

To investigate VPNs further, check out our beginner-friendly guide to all the VPN terms you need to know and our directory of the best VPNs of 2021 .

Four ways to protect yourself and others from COVID-19

  1. Pay attention to personal hygiene. Yes, we know you’ve heard all this a million times already. It bears repeating. There are a lot of things we don’t know about this virus, but we do know it spreads through respiratory droplets produced when an infected person coughs or sneezes. Other individuals may be infected when they touch a surface that has virus particles on it and then touch their own mouth, nose, or eyes. Hand hygiene is the very best weapon in any fight between human and contagious disease.
    • Wash your hands frequently with soap and water, scrubbing for at least 20 seconds, or use an alcohol-based hand sanitizer.
    • Don’t touch your face. This is a lot harder than it sounds and requires conscious effort. The average person touches their face 23 times an hour, and about half of the time, they’re touching their mouth, eyes, or nose — the mucosal surfaces that COVID-19 infects.
    • Cover coughs and sneezes with the inside of your elbow or upper arm.
    • Stay home if you are feeling sick, and seek appropriate medical guidance.
  2. Practice “social distancing.” Social distancing is exactly what it sounds like: keeping your distance from other people. It’s often used to describe public health measures imposed by local governments — measures like quarantining the sick, closing schools, and canceling public gatherings. And, when it’s done early enough during a pandemic illness, it’s been shown to save lives. Here’s how to do it:
    • Keep your distance. The number of people in any given location is important, but density is even more important. Stay at least six feet away from others — the distance respiratory droplets from a cough or sneeze are thought to travel. Protect yourself by staying out of range.
    • Make your meetings virtual. Or postpone meetings entirely.
    • Don’t hug or shake hands. If you have to meet with someone in person, stay at least six feet apart, and find an alternative greeting. While research has shown that fist bumps —and even high fives — transfer far less bacteria than a handshake, no-contact options are better. Tip your hat, wave, or curtsy.
    • Make a conscious effort to avoid crowds. For example, think about walking or riding a bike to get where you’re going instead of taking the subway or a bus.
  3. Wear a mask. The Centers for Disease Control and Prevention (CDC) recommends wearing a non-medical-grade, cloth face covering in public settings where it may be difficult to maintain social distancing, such as grocery stores. This is because we now know that people infected with the virus are most contagious during the 72 hours before they develop symptoms. In addition, a significant number of other individuals who are infected with the virus remain asymptomatic but able to infect others. By blocking a significant amount of respiratory secretions, your mask protects others, and their masks protect you.
  4. Keep surfaces clean. While we know that the virus is primarily spread from person to person, it is theoretically possible to contract COVID-19 by touching a contaminated surface and then, inadvertently, touching your mouth, nose or face. In any case, we know that the virus is susceptible to disinfectants. Here’s some cleaning tips:
    • Use the right product. According to the CDC, diluted household bleach solutions, alcohol solutions with at least 70% alcohol, and most common EPA-registered household disinfectants should be effective against the COVID-19 virus. See the CDC’s environmental cleaning and disinfection recommendations and this list of EPA-registered disinfectants.
    • Use the product right. First, clean dirt off of the surface. Then wipe the surface with disinfectant. Leave the surface wet with disinfectant for as many minutes as the product instructions require. This is a vital step that people often miss. It’s not enough to just wipe the surface and go.
    • Clean the right surfaces.
      • High-touch areas such as door handles, phones, remote controls, light switches, and bathroom fixtures.
      • Horizontal surfaces such as countertops, kitchen tables, desktops and other places where respiratory droplets could land.
      • AND your mobile phone! It’s filthy. Did you wash your hands and then touch that phone? Just like that, you’re re-contaminated.
    • Do not reuse disinfectant wipes on multiple surfaces. This can transfer germs from the used wipe to other surfaces. Use one wipe for each surface and then throw it out.
    • Do not dry surfaces after wiping them down. Surfaces you are disinfecting need to stay wet for the amount of time listed on the label. The contact time with the disinfectant is what actually kills the germs.

This virus is likely to be with us for many months or years, so developing these habits is a good long-term strategy for keeping our community healthy. And, don’t forget, COVID-19 is not the only germ in town. Seasonal influenza, colds, and other viruses will continue to be a concern, so good hand hygiene and proper disinfection practices are habits that never go out of season.

Chris Hoffman is Editor-in-Chief of How-To Geek. He’s written about technology for over a decade and was a PCWorld columnist for two years. Chris has written for The New York Times, been interviewed as a technology expert on TV stations like Miami’s NBC 6, and had his work covered by news outlets like the BBC. Since 2011, Chris has written over 2,000 articles that have been read nearly one billion times—and that’s just here at How-To Geek. Read more.

How you can be infected via your browser and how to protect yourself

Ransomware is a type of malware that tries to extort money from you. There are many variants, starting with CryptoLocker, CryptoWall, TeslaWall, and many others. They hold your files hostage and hold them for ransom for hundreds of dollars.

Most malware is no longer created by bored teenagers looking to cause some chaos. Much of the current malware is now produced by organized crime for profit and is becoming increasingly sophisticated.

How Ransomware Works

Not all ransomware is identical. The key thing that makes a piece of malware “ransomware” is that it attempts to extort a direct payment from you.

Some ransomware may be disguised. It ma y function as “scareware,” displaying a pop-up that says something like “Your computer is infected, purchase this product to fix the infection” or “Your computer has been used to download illegal files, pay a fine to continue using your computer.”

In other situations, ransomware may be more up-front. It may hook deep into your system, displaying a message saying that it will only go away when you pay money to the ransomware’s creators. This type of malware could be bypassed via malware removal tools or just by reinstalling Windows.

Unfortunately, Ransomware is becoming more and more sophisticated. One of the most well-known examples, CryptoLocker, starts encrypting your personal files as soon as it gains access to your system, preventing access to the files without knowing the encryption key. CryptoLocker then displays a message informing you that your files have been locked with encryption and that you have just a few days to pay up. If you pay them $300, they’ll hand you the encryption key and you can recover your files. CryptoLocker helpfully walks you through choosing a payment method and, after paying, the criminals seem to actually give you a key that you can use to restore your files.

You can never be sure that the criminals will keep their end of the deal, of course. It’s not a good idea to pay up when you’re extorted by criminals. On the other hand, businesses that lose their only copy of business-critical data may be tempted to take the risk — and it’s hard to blame them.

How you can be infected via your browser and how to protect yourself

Protecting Your Files From Ransomware

This type of malware is another good example of why backups are essential. You should regularly back up files to an external hard drive or a remote file storage server. If all your copies of your files are on your computer, malware that infects your computer could encrypt them all and restrict access — or even delete them entirely.

When backing up files, be sure to back up your personal files to a location where they can’t be written to or erased. For example, place them on a removable hard drive or upload them to a remote backup service like CrashPlan that would allow you to revert to previous versions of files. Don’t just store your backups on an internal hard drive or network share you have write access to. The ransomware could encrypt the files on your connected backup drive or on your network share if you have full write access.

Frequent backups are also important. You wouldn’t want to lose a week’s worth of work because you only back up your files every week. This is part of the reason why automated back-up solutions are so convenient.

If your files do become locked by ransomware and you don’t have the appropriate backups, you can try recovering them with ShadowExplorer. This tool accesses “Shadow Copies,” which Windows uses for System Restore — they will often contain some personal files.

How you can be infected via your browser and how to protect yourself

How to Avoid Ransomware

Aside from using a proper backup strategy, you can avoid ransomware in the same way you avoid other forms of malware. CryptoLocker has been verified to arrive through email attachments, via the Java plug-in, and installed on computers that are part of the Zeus botnet.

  • Use a good antivirus product that will attempt to stop ransomware in its tracks. Antivirus programs are never perfect and you could be infected even if you run one, but it’s an important layer of defense.
  • Avoid running suspicious files. Ransomware can arrive in .exe files attached to emails, from illicit websites containing pirated software, or anywhere else that malware comes from. Be alert and exercise caution over the files you download and run.
  • Keep your software updated. Using an old version of your web browser, operating system, or a browser plugin can allow malware in through open security holes. If you have Java installed, you should probably uninstall it.

How you can be infected via your browser and how to protect yourself

Ransomware — CryptoLocker variants in particular — is brutally efficient and smart. It just wants to get down to business and take your money. Holding your files hostage is an effective way to prevent removal by antivirus programs after it’s taken root, but CryptoLocker is much less scary if you have good backups.

This sort of malware demonstrates the importance of backups as well as proper security practices. Unfortunately, CryptoLocker is probably a sign of things to come — it’s the kind of malware we’ll likely be seeing more of in the future.

Malware infection occurs when malware, or malicious software, infiltrates your computer. Malware is a type of software created with the intent of damaging the victim’s computer, stealing private information or spying on a computer without the consent of the user.

The most popular categories of malware are Trojans, viruses, spyware, ransomware, adware, rootkits, worms, etc. Each of these malware types have varying capabilities. From spying on your online activities to slowing down or locking down your computer, malware can wreak havoc on your computer if you do not protect yourself against them.

Since more people are connected to the internet than ever before, hackers are tricking unwary users into downloading malware.

How Malware Infects Your Computer

Are you confused about how you get malware on your PC? When you download an mp3, video file or any other software from suspicious sites, malware can be downloaded into your PC without your knowledge. Similarly, malware can get into your PC if you click on links from suspicious emails sent from unknown email addresses.

Hackers use advanced tools to design and spread malware, so it is critical for users to protect their PCs. The easiest way to do that is to install a free antivirus and malware removal tool like Comodo Antivirus.

Whether you use the internet for business purpose or personal use, you can be a victim of a malware attack. If your PC gets infected with spyware, it can steal your personal information and gives it to the third party (hacker) who in turn can send you thousands of spam emails or use your personal information for nefarious activities like identity theft.

If your PC gets infected with a virus or worm, it can slow down the performance of your computer and also damage your system. Both viruses and worms run in the background, and you cannot find them unless you have the best antivirus or virus removal software. This is also applicable to an organization with multiple endpoints operating at various locations.

Comodo Advanced Endpoint Protection- Endpoint Protection without Compromise

Malware can infiltrate endpoints in various ways. If an employee download music, pictures, and video from shady sites, then their device may get infected with malware. Comodo Advanced Endpoint Protection (AEP) software has the most extensive array of tools to identify known good and known bad files.

For all unknown files, Comodo AEP’s auto-containment technology and verdict decision engine deliver a verdict (either good or bad), with zero impact on the end user experience.

When malware infects your PC they not only slow down the system performance, they can also prevent you from using your PC by bombarding your screen with ads. You may also face problems like endless pop-ups and changes in your browser homepage, browser settings. The spyware can track down the websites you visit.

Why Choose Comodo Advanced Endpoint Protection?

Comodo Advanced Endpoint Protection provides real-time protection for all of your endpoints so that your organization can stay protected from malware threats at all times.

Comodo AEP outsmarts all other endpoint protection systems as it isolates malware from penetrating the company’s local area network at the device layer and executes the malware in an isolated or restricted system environment. It is the most intelligent endpoint protection solution that offers multiple layers of protection against known and unknown threats.

Get Comodo Advanced Endpoint Protection today and secure your endpoints against any malware threats.