Malware writers’ tactics have developed significantly in recent years. Protecting your PC online is no longer a one-click fix.
Whether you realise it or not, it’s likely that your approach to PC security has changed significantly over the past few years. Even though advances in security software may have encouraged you to install a security suite and then leave it to do its job, people have come to appreciate that software alone is no longer sufficient to keep viruses, spyware and other malware away from their hard drives. The human factor has taken on increased importance, and most PC users now know not to visit the sites promoted in spam emails or click on banner adverts offering implausible discounts.
Yes, you probably still receive countless emails with dodgy attachments that could install something malicious on your PC, but even less experienced users have learned not to click on anything attached to an email from someone they don’t know. What’s more, the security capabilities of the email applications we know and love have improved significantly in recent years and are much more capable of blocking dangerous content.
But cybercrime is a billion-dollar industry and, as the threat of unwanted email attachments recedes, other types of attacks are thriving. Whereas once you were implored to protect your inbox, watching your step online is now the key. For one thing, malware makers have succeeded at compromising legitimate websites, exposing users to malicious code hosted on third-party servers. These sites can then be used to distribute adware, spyware, malware, keyloggers and rootkits to visitors. And rather than requiring you to click on a link or ad, such attacks can install something on your PC as soon as you visit an infected site.
This is the new battleground for security software vendors, who are acutely aware that protecting against vast lists of known bad sites and services is no longer sufficient. Now, Symantec, McAfee and others focus on additional layers of security, including firewalls and behavioural scanners, which detect dangerous code based on the way it behaves rather than on its signature. Gone are the boasts about their superior virus signature databases; these companies now brag about their ability to protect your PC against unknown threats.
But while multilayered security such as that offered by the latest crop of suites we've tested this month has never been so important, you are by far the best defence against the latest tactics used by malware writers. You can significantly reduce the chances of your PC getting infected by taking a sensible approach online and by watching for tell-tale signs of danger.
Taking responsibility for ourselves
Many of the steps you should take are painfully easy. For example, the most successful online criminals react immediately to new vulnerabilities, so the need to keep all of your Windows applications updated has taken on new importance. Some 60 percent of viruses targeted Office-type applications last year, according to security firm IronPort, while the likes of Adobe Reader, Quicktime and RealPlayer were exposed several times during 2007.
But the IT world is not about to get crippled by cybercrime. Threats to PC security have always been with us – it’s just that we’ve never been so aware of them. On the plus side, the number of tools available to protect PCs is growing, and so is consumer awareness of the best practices to stay safe online. So read our round-up of the best security suites on the market, but remember: they can’t do the job on their own.