Review by Sean N. Henderson
The August 2014 presentation by Bob Gostischa was an eye-opening view into the world of computer and personal security. If you haven’t been to a DACS meeting on this topic in a while, a lot has changed. “Bob G” brought everyone in attendance up-to-speed and clued us in to the state-of-the-art in his presentation: “Protecting Yourself, Your Computer and Your Identity.”
There were two big takeaways from the presentation. One is that it’s no longer possible to humanly detect infected Websites and emails. The sophistication of modern threats makes it hard to impossible for the user to visually identify such sites. His statistics on what types of sites are responsible for most of the malware distribution were a surprise – mostly legit Websites of all sizes and types of companies. So, it’s now impossible to safely surf and shop the Web without modern virus protection.
The other takeaway is that the old style of virus prevention, using just patterns and virus signatures, is not going to work very well. Modern anti-virus programs should provide boot time scanning, boot sector scan, notification of updates to commonly used software, zero-day protection, and more. Bob’s presentation was rich with details and examples of how computer threats are distributed and what the effects are. It was also a presentation that went beyond the machine and talked a bit about personal identity theft and actual home and auto theft. Note that Avast! is available for other types of devices, including Android devices. Another surprising statistic Bob shared was the 600%+ increase in recent years of infected smartphones.
One item that may be new to DACS members and the general public is crypto viruses. This is a type of malware that encrypts the data on your machine with a very high level of encryption – so high as to be practically unbreakable. The malware then notifies you that your data will be unlocked for a fee. This malware is also known as “ransomware.” There is no fixing this and the only solution is to pay the ransom and hope that the data is actually returned. The way to mitigate this sort of attack is to make regular and frequent “image” backups of your system. Bob notes that the device on which this backup exists must not normally be connected to the machine or Internet, and when the backup is being produced the machine must not be connected to the Internet.
Bob is a very likable presenter and obviously very knowledgeable, with a track record of maintaining his own system malware free for over 10 years. His presentation has been approved by AARP. Bob provides this presentation free of charge to any organization. While his expenses are paid by Avast Software, his presentation does mention and/or promote other software titles by other software manufacturers. Bob has over 20,000 interactions in the Avast! forums.
Bob’s presentation was full of wise tips such as don’t put your home address on your car’s GPS, and don’t do banking from more than one machine. Another strategy was to use different types of software protection to achieve “layered protection.” The types of software recommended by Bob were anti-virus, anti-malware, system cleaner, and system setup monitoring software.
Some DACS members may have had previous experience with Avast! software. The new version of this software includes a crowd-source virus detection element. While other software titles may also claim this feature, there are none that come even close to Avast!’s user base. Avast! has been making software for over 20 years. If you had changed from Avast! to another anti-virus title due to too many or ill-timed notifications, Bob says Avast! now has “game mode” which leaves the protection turned on, but disables notifications. This feature would be useful not just for those engaged in playing computer video games but also those working in audio-video production and other times when notifications would be unwelcome.
So what can someone do to prevent identify theft? Bob’s suggestion was to regularly check your email address book for new and/or unknown entries. He mentions that sometimes the thief will insert their address into your address book prior to taking over your email account so that when you notify your address book of your new email address, the thief will also know.
Bob warned about conducting shopping or banking on public Wi-Fi without a virtual private network or VPN. Freely available VPN connections are often times slow, while paid VPN services offer reliable and faster connections.
Another suggestion was to not use apps and games provided within a social media site. If it is truly desired to use such software, visit the manufacturer’s site and download the desktop/laptop version. Using the social media versions of apps and games gives the manufacturer access to your private information.
Someone can also recognize identity theft, Bob says, by noting if any charges to credit cards or claims to insurance include services or procedures for health conditions known NOT to exist. This can also include bill collector calls to the home for payment for such non-existing conditions.
Finally, Bob shared a shortened URL pointing to a Google Doc where attendees can get the exact online locations of the software described, along with how to download them and other tips and enhancements to the mentioned software. All the software discussed at the meeting is freely available. Included in the document located by the URL is a coupon for a 40% discount on the paid version of Avast!. Many other software titles, video links and tips are listed on that document as well.
Bob’s blog is http://bob3160.blogspot.com.