(Video) How did I get a virus?

We’ve all experienced getting a virus, or we know someone who has been affected with a virus or a worm or a Trojan or any type of malicious malware. So how did it get on your computer, your tablet, your phone?

  • Well, in some cases, it came through a spam email. You’ve opened an attachment to an email that you shouldn’t have. And it’s told you to install this application to see what’s going on. The moment you do that, you’re infected.
  • You got it from downloading from a torrent. A torrent is a system where you can download pirated movies or videos or games. And it is really the realm of the shady area of the internet.
  • You could have downloaded it from a seemingly innocuous place. Somewhere you get your drivers from on the internet.
  • You could have installed it accidentally from a USB, a CD, or a DVD.
  • Or in a number of places, you could have gone to an infected website, and the infected website has gone, you need to install this to see the video. You installed it, the video didn’t work, but you’ve now become infected.

So what are the bad guys after?

Well, in most cases, they’re after anything they can get their hands on. But what they’re interested in is when you’ve got a virus what happens?

Some viruses, cryptoware for instance, will ask you for a ransom. And then they will send you the unlock key, and you can go back to business again.

They will infect your computer for their own purposes. They will make it part of a bot net, or part of a pedophile network where they can install images, videos that you now have no idea are on your computer.

This is also done through things like the torrent system, because a torrent, when you install it, partitions your hard drive because it needs to do things that make the torrent work.

Or they can install a key logger. And a key logger is exactly that. It is something that logs everything that happens on your keyboard. And everything that happens on your keyboard includes passwords, user names, bank account details. So that’s what they’re after – usernames, email addresses, bank accounts. They need all that information so they can steal your identity.

And the final part of it is they will destroy the computer. You’ll notice that when you get an infected virus, the system that is infected slows down. Now the reason why it slows down is maybe it’s a bad virus and it’s just there to destroy everything.

But because it’s slowed down, it’s no longer doing the things you want to do. And it’s now doing the stuff the bad guys want you to do. And that includes setting up all this information, making it all visible to them so they can do whatever they like with your computer.

So how do you get rid of a virus?

In a number of ways, the best thing you can do is you can scan your computer. Now scanning may seem like a really intensive waste of time for most people. But there are two things. If you’ve got a virus and you scan, you may be able to remove it. But if you do a regular scan with the most updated scanning engine on the antivirus that you’ve got, you may pick up viruses that have been installed on your computer to do exactly what we were talking about before, because they didn’t know about them. So that’s why you have to do a regular scan, once a week.

But my most important advice is if you’ve got a virus, re-image and re-build your computer, from scratch. And make sure you’ve got a backup. Because if you need to take all your data and re-build your computer, everything that is on there will get destroyed. And you don’t want that to happen.

And going back to things like cryptoware, if you’ve got a backup and they say, give us all your money, and you know that the only thing you’ve created within the last minute has been a document and you uploaded a couple of photos from your phone, and they’re still on your phone and you’ve got a backup, then you have no worries.

And the last one is once you’ve rebuilt your system and put on a decent antivirus and made sure everything is all working properly, get on the internet and change everything. Change your passwords. Change your usernames if possible. So that what they do know about you can now become null and void.

So how do you stop being a target? And this is the hard part about catching viruses. There’s no failsafe way unless you actually don’t go to the internet. Patch everything. Patch your applications, your operating system, If you’ve got an old operating system, upgrade it.

With apps, we see them every day, they come onto the phones, this app has got a new update. Don’t wait. Just install it. As I said before, install a good antivirus. That good antivirus will make sure that 99.9% of the viruses that come in are getting caught. That 0.1% who don’t get caught would not have been caught by anything else anyway.

Don’t open emails that you don’t know a) where they came from, b) if they have an attachment that you don’t understand, don’t open them. If you open an attachment and it says you need to install this application to see this attachment, cancel. Get the hell out of there.

The other places you can get viruses and malware is from websites. Now websites get infected just like computers do. They get infected because they haven’t been patched. Or they haven’t been updated. Or they’re running WordPress whatever. Or they’ve got HTML 4 still.

Those websites are still a target. You go to a targeted website. It says, do you want to install this Java app? But because you’ve installed the latest Java update, it should start ringing bells and whistles when your website comes up and says, you need to install this. The best thing you can do is go, no thank you, and go away.

One of the big things we say is be paranoid. The digital world and the bad guys in the digital world are after everything that you have. To a level where they will quite happily steal everything that you own. By stealing everything that you own, you have a problem that making sure that the digital world doesn’t affect your real world.

So becoming paranoid on the internet is not really paranoia. It really is just looking after yourself and making sure there’s nothing wrong.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.