Is My Antivirus Software Working?

Is My Antivirus Software Working?

The StopSign Support staff fields a lot of different calls every day, and a common question heard by our techs is “How can I tell if my antivirus software is working?“. With hundreds of new viruses and other kinds of malware being written or released every day, it’s natural to suspect that your antivirus software isn’t up to snuff if you don’t see it catching anything.

Like most antivirus vendors, the StopSign Research lab keeps a closed-off network of computers (i.e. not connected to the Internet or our internal networks) with live viruses to test our software before it goes out to our members. For us it’s easy to run our antivirus software against live viruses in our “snakepit” of malware safely because we have a closed environment to test the StopSign Threat Scanner, but that’s not the case for everyone.

Luckily the European Institute for Computer Antivirus Research provides, free of charge, the EICAR Standard Anti-Virus Test File as a tool to test antivirus software using different test files to see if your scanner takes the bait. The EICAR anti-malware test file is a safe (i.e. not truly infected; it only contains patterns and not any actual virus code), publically available anti-malware test file which contains code that should trigger detections by antivirus and/or anti-malware software.

Testing your antivirus software is as easy as 1-2-3:

  1. Download:

    Go to EICAR’s web site and download an anti-malware test file on to your computer (and be sure to note where you downloaded it to). There are several versions of the test file available if you scroll to the bottom of the page. Feel free to choose any (or all) of them.

  2. Scan:

    Using your antivirus software (we, of course, recommend StopSign Internet Security software), scan the anti-malware test file you downloaded.

  3. Review:

    When your security software is finished, it should have detected any of the anti-malware test files you downloaded as infected.

If for some reason your antivirus software doesn’t pick up the “infection” it could just mean it’s time to update your software with the latest anti-malware definitions. Update your security software and try it again, and if it still doesn’t pick up the EICAR anti-malware test file then contact your security software vendor to see if there is a problem.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Stranger Danger: Geolocation Features and Internet Safety.

Stranger Danger: Geolocation Features and Internet Safety.

Location-aware features are becoming more and more prevalent in today’s online services and tech gadgets. From GPS in the latest smart phones to adding a geolocation tag on social networking sites like Twitter or even Google, its easier than ever to let people know where you are any time of day or night. But with the ability to publicly display your location lies an inherent risk for being a victim of cyber-stalking or worse.

When it comes to technology and online services in our digital world, it’s easy to forget how all the strings tie together. As we tweet, blog, or update our Facebook statuses during the day we’re supplying everyone who can see our profiles with sensitive data regarding our day-to-day activities. From what and where we had lunch to when we’re going to bed, every time we post anywhere we’re opening our lives a little more. This isn’t necessarily a bad thing, but basic precautions should be taken, especially with tools that can display our location on a map.

Thinking of geolocation data as sensitive information is important not only for your privacy, but for the safety of yourself and your possessions. Because of this we recommend that, if you add geolocation info with your online posts, you exclude certain places from being published. Examples of recommended sites to exclude are:

  • Your house:

    GPS data these days is so accurate that if your geolocation data is posted online it can show you not only your general neighborhood, but the precise location of your house. With a good satellite image from Google maps it’s even possible to discover what kind of car you drive and where good hiding spots are around your home.

  • Where you work:

    For most people a large part of the day is spent at work. Geo-tagging from work allows anyone wishing to follow you to easily track where you are when you’re on the job.

  • Schools & daycare:

    Our children are our most precious gift, and showing the world where they go to school or daycare is just about as dangerous as doing it from your home. Resist the urge to post location information when you’re waiting at the school pick-up circle.

  • Vacation spots:

    We already know that tweeting can potentially lead to a home burglary, and if you add your geolocation tags to your vacation posts when you’re out of town, you’ll not only let criminals know you’re gone, you’ll let them know how long your house will be empty.

It may seem far fetched at first, but here’s an all-too-possible scenario: Person A follows Person B on Twitter, and vice versa. Person A likes to tweet a lot about everything she does during a day. On her profile Person A has a profile picture of herself, her first and last name, and the latitude/longitude of her current location updated whenever she tweets. If Person B is an unscrupulous character, he can cyber-stalk Person A to his hearts content and begin to build up his own profile on her: Where she works, where she shops for groceries, who her friends are, what her neighborhood is like, and when she’s at home or running around town. Mix in real-time geolocation tagging and he can not only follow her online, he can take his stalking to the real world.

While geolocation tools and services can add a fun, new dimension to your virtual life, you need to understand the risks of opting-in to them. Just be sure to not share any location-based information that can put stalkers close to you.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Bionic Passwords: Better, Stronger, and Faster.

Bionic Passwords: Better, Stronger, and Faster.

OK, we can’t get your passwords to become faster, but certainly we can give you tips on how to make them better and stronger (read: harder to break). Our last post on passwords gave a lot of information on how good passwords can be easily created, and we’ve come up with more ideas for you to secure your passwords.

A strong password is the first line of defense against anyone who would want to break into your account, so the tougher you make it on them, the less likely it will be that they get what they want. Use these tips to create a bionic password that will make it tougher to crack.

  • Get creative with words:

    You can get a lot of traction out of one word if you can figure out different ways to use it in your password. For example the word “crystal” is pretty clear (pun intended), but you can muddy it up a bit by doing things like removing all vowels, changing how it’s spelled, or reversing certain letters. Examples include “crstl”, “krYs+al”, and “ltsrc” (the first one, only backwards). Mix that up with another word to increase the length of the password and you’ll be good to go.

  • The same word, only different:

    Maybe you like birds, and your favorite bird is the Pine Grosbeak bullfinch. Well, as we all know (sarcasm) the genus for those birds is “Pinicola”. Maybe you also happen to love Coca-Cola. You take out the “cola”, insert “Coke”, and now you have a 2-word password that’s easy to remember: “PiniCoke”. Substitute some of the characters to something like this: “p1niCok3” and you’re good to go.

  • Don’t use common number patterns:

    Your phone number, street address, even your jersey number from the high school football team… these are all very bad things to use in a password as they are. If you plan on using one of them, be sure to mix things up. If you live on 1313 Mockingbird Lane (Quick… what TV show is that address from? The first person to comment on the blog with the right answer gets a free year of StopSign.), you could use the street number like this: “+h1rT3en13”.

  • Mix it up:

    Using only alpha-characters or only numbers isn’t a very good idea for a password at all. Your password is a digital cocktail. Mix. It. Up. If a decent password is made up of 8 or more characters, you should try to use at least 2 numbers and one non-alphanumeric character (a hash symbol “#”, an exclamation mark “!”, etc.).

  • Use multiple passwords:

    Ideally you should have a unique password for every account that you have. Your home email, work email, computer login, bank account, Twitter… any account you have that requires a user name and password should have its own unique password.

These suggestions are not the end-all, be-all and we don’t necessarily advocate using every single password tip listed. But they can be food for thought when devising a new password. You’ve seen my repeated suggestion to mix things up, and that’s a big thing. Keep things fresh, get creative, and you’ll be far and away ahead of the pack when it comes to creating a strong (and difficult to crack) password.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Twitter-forced password changes; possible phishing attacks.

Twitter-forced password changes; possible phishing attacks.

There are reports coming in regarding Twitter forcing people to update their passwords. The reason: real or potential Twitter phishing attacks. Many people are talking about seeing an email from Twitter that reads:

Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset.

At this time there is no confirmed threat, but it appears that if nothing else, Twitter is taking a proactive role in helping to reduce and/or pre-emptively kill any phishing attempt that may be occuring. Even if Twitter hasn’t changed your password and/or you’re not affected by this possible phishing attack, we recommend the following course of action for increased security:

  1. Change your password. Make sure to use a good mix of letter and numbers.

  2. Review and rethink any third-party services you’ve allowed in your Twitter Connections setting.

  3. It’s also a good time to go through your followers (and those you’re following) and check for spammy and/or suspect accounts. Things to look for in these types of accounts include, but aren’t limited to:

    • Very few, if any, tweets. Ever.
    • No tweets in the last
    • Following thousands but followed by few.
    • The same kinds of tweets sent out over and over and over.

We will report on this issue again as we find out more details. For more tips on staying secure on Twitter, check out our blog post “Six Secrets of a Safe Twitter Account.“.

UPDATE: Twitter addresses the password resets with their status update entitled Reason #4132 for Changing Your Password.

Twitter-forced password changes; possible phishing attacks.

Image courtesy of Twitter

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Sure-Fire Ways to Keep Spyware Away.

Sure-Fire Ways to Keep Spyware Away.

Steering clear of spyware can be a difficult thing to do, especially with all the clicking you have to do just to get the information you’re looking for. A single-click here, a double-click there, lather-rinse-repeat this process for a few months and generously sprinkle that time with a few instances of drive-by downloads and a couple of missed opt-ins and before you know it your once speedy computer is slower than molasses in January.

Spyware happens, but there are things you can do to help stem the flow of it on your computer. By making a few easy-to-adopt changes to the way you browse the Internet and taking an extra minute before you download something, the tips we’ve compiled below will help you stay spyware-free.

  1. Watch where you’re browsing:

    Spyware (and malware in general) tends to get on your computer from a shady source. Staying away from untrusted or unknown websites is an easy way to fight spyware. If you need to download updates or specific software packages your best bet is to get it directly from the manufacturer’s website (i.e. go to adobe.com for Adobe Acrobat updates). If you’re looking for software in general (i.e. you’re looking for DVD burning software but don’t know of a specific maker) then try a major download site like tucows.com or download.com.

  2. Download with caution:

    A popular tactic with spammers is to send you to a fake website that looks like a legitimate one. Spyware makers have taken that lead and run with it for their own purposes. Stay one step ahead of them both by making sure you’re looking at, and downloading from, the site you’re actually supposed to be on. You can learn more about detecting fake websites in one of our previous blog posts.

  3. Read the Fine Print:

    There are 2 common places to look for the tell-tale signs of spyware on a website you aren’t familiar with:

    1. The download or info page:

      Some software or websites, by their very nature, need to contact the mothership every now and again. Anonymous usage statistics, passing along pertinent information such as items in a shopping cart before you purchase, and things of that nature are part and parcel of getting things done online. What you don’t want, however, is to have things like your social security number, credit card, or email address passed around without it being absolutely necessary. Entering your Visa number in a shopping cart is one thing, but there’s no real reason for that cart to ask for your SSN. Keep an eye out for oddities like that when you’re browsing, and make sure what they’re asking for makes sense.

    2. The EULA:

      “What’s a EULA”, you ask? A EULA is an acronym for “End User License Agreement”. It’s where all the technical and legal mumbo-jumbo is put in (or before) a download (or install). Most people consider reading the EULA a nuisance and click on “yes” without having read a word. Keep in mind that acceptance of the EULA is a legal agreement you’re entering into with a software vendor, and if you don’t read it you won’t know what you’re agreeing to. Give a EULA the once-over before you install anything and make sure that everything is on the up-and-up.

  4. Get protected, stay protected:

    Your antivirus software, in all likelihood, won’t do anything for you about spyware. It’ll work viruses all day long, but spyware is a different beast, and you need special antispyware software to deal with it. To make sure you’re completely protected you need to make sure your computer is protected with both antivirus and antispyware software. The one-two punch of antivirus and antispyware software will go a long way in keeping your computer as free from infection as possible.

Pretty simple stuff, actually. A lot of it is common sense, but keeping those things in mind when you’re browsing the Internet will help keep your computer protected from spyware.

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.

Five New Years Resolution Suggestions.

Five New Years Resolution Suggestions.

As 2009 comes to a close and all of the holiday decorations begin to come down (you are taking down those lights before Valentine’s Day, aren’t you?), many people choose to make New Years Resolutions. Some people choose to promise themselves to lose weight, others to spend their money more wisely, but we’re asking you to make a different change: the way you use your computer and the Internet.

Making a change is never easy (most people don’t seem to like change at all); but change can be good if it’s done for the right reasons. Meet the New Year head-on by resolving to make the tech-related aspects of your life a little safer and a little more secure by following our 5 simple suggestions for changes to your computer and Internet use:

  1. Change your passwords

    It’s a simple enough change, and possibly one of the most important. By not letting a password live for too long, you help to reduce the chances of it being captured by spyware or a keylogger and sent out on the web to someone with mischief on their mind. Read the StopSign blog post on creating a good password and update all of your passwords in 2010.

  2. Update Privacy Settings

    Crack open your browser(s) and review your current privacy settings. It’s probably not a set of options that you look at all the time, and you might have accidentally set some of the settings too low for certain things, or maybe even added certain web sites to a white list that you didn’t mean to. Now’s the time to clean all of that up. And while you’re at it you may as well clear out your cookies, browser cache, and all that jazz. Start the New Year as fresh as possible.

  3. Update Vital Information Online

    From the address and phone number on your online banking profile to dusting off that Facebook or Twitter account and removing any personally identifying information that anyone can see, there’s no time like the present to update your information online. We can help you to stay safe online with some tips on things to look out for when putting your info online.

  4. Back up Important Files

    If you’re like us, you probably do a lot on your computer: your taxes, edit family photos, post videos online, and more. Don’t be caught without a backup: Burn your important files and other data to a CD or DVD, buy an external hard drive and copy everything over, or even use an online service to keep a copy of it all off-site. Between hardware failure (something a friend who didn’t have backups of wedding photos recently went through) and data corruption, much less any other calamity, keeping a backup of the things that are important to you should be a top priority in the coming year.

  5. Patch it up

    Check your operating system, installed applications (web browsers and plugins, document editors, PDF viewers, spreadsheets, etc.), and antivirus/security software for updates. Without the latest version of software you leave yourself open to out-of-date problems at best, and security-related and/or data-loss problems at worst. Most software apps have a simple method of updating themselves anyhow, so it shouldn’t be too difficult to figure out.

If you enjoyed this post or any of our other StopSign Blog posts from 2009, just wait until 2010! We’re going to keep posting online safety and security-related topics here on our blog. You can also follow the StopSign Blog on Twitter to get the whole scoop on what we’re doing, what we think you might find interesting online (and sometimes offline), and more.

Happy New Year! We look forward to hearing from you in 2010. 🙂

If you're looking for great anti-virus software that won't break the bank, try StopSign. You don't pay extra for tech support for difficult malware, and our web protection software just works. Download & install StopSign to find out why our members choose us over the other options.