Suspicious Software
By Peter Andrews-Briscoe, on 13 December 2022
When looking for software to download, it is important to remain aware of the threats that we might encounter. Today I’ll be talking about a type of threat that can quite easily trip up any user if they’re not paying attention: malware.
What is malware?
Malware (malicious software) is software designed to cause disruptions, steal passwords and data, explore your files, gain unauthorised access to systems and other behaviours an attacker wants.
There are various types of malware: for example, some of the most common ones are adware (that spams your searches with a great number of unsolicited adverts), viruses (which try to maliciously alter your files whilst spreading throughout your systems), and ransomware (which encrypts your data and holds it ransom). However, the important thing to know about malware is how to keep it off your systems. Malware is often used with the end goal of financial gain, although it can also be used for other reasons, such as the stealing of personal or corporate data or maybe something as simple as causing an annoyance.
How to choose the safest software?
In the media, hackers are often imagined spending hours looking for vulnerabilities in a computer system to exploit. However, most of the time the greatest vulnerabilities come from simply people making mistakes – often, these mistakes are easy to fix or prevent if you know what they are.
The simplest rule to remember is when you’re downloading and installing software, do so from the official vendor’s website and use the latest version. This will ensure the software has been patched and has not been tampered with. If an update is available for the software, make sure this is installed as soon as possible.
Make sure you’re downloading the correct software, too – if you’re trying to download Zoom, malicious actors might set up an app called “Zoon” to trick someone not paying close attention. One thing to look out for is SEO poisoning, where malware is hosted on a site that looks legitimate and is designed to be in the top few results – make sure you double check where even a top site is sending you. If you wish to make completely sure that a site is not malicious, scan the link in one of the sites listed here: https://decentsecurity.com/#/malware-web-and-phishing-investigation/.
The UCL Software Database (https://swdb.ucl.ac.uk/) offers legitimate copies of software available to staff and students. The availability tab for each software should indicate who it is available to, where you can access it from (for download on a personal device, available on Desktop@UCL Anywhere, teaching rooms, standalone devices, etc), if it is free to download or the purchase of a license is required. The download tab will show a link to the download as well as the system requirements and installation documentation.
If you are unsure about whether to use any software, contact ISG at isg@ucl.ac.uk to advise if it is safe before you download it.
How to avoid malware?
Here are some more general tips for avoiding malware across the internet
- Only open attachments or click on links in emails from people you know and if in doubt, contact them using an alternative method such as a phone number or an official contact email address and query if the email you’ve received is genuine.
- Another tip would be to hover over a link and check if the destination matches the one shown in the status (usually located at the bottom left of the browser window).
- Always check the extensions of the files you are opening, and make sure they line up with what you think you’re opening (don’t open a file you think is a PDF if it has a .html extension)
- Keep your operating system, antivirus software and applications up to date. This won’t necessarily stop the malware being downloaded, but could mean that they’re detected sooner, and the malware may not work if the vulnerability they are trying to exploit has already been fixed with an update. You can explore what antivirus UCL uses here: https://swdb.ucl.ac.uk/package/view/id/166?filter=f-secure.
How to detect malware?
Inevitably, mistakes are bound to happen, and no matter how careful you are, there is always a chance that malware will get on your machine. However, it is vital that you know how to detect and remove malware from your devices as soon as possible, otherwise it could develop into something more serious.
Often, you don’t need a technical solution to become suspicious that your computer might have malware – you might notice that:
- Your computer is running a lot slower than usual
- Ads and popups are showing up more than they used to, and in places they shouldn’t be (such as government websites)
- Your default home browser or default search engine has changed without you having changed it
- Your device won’t let you uninstall software
If any of these are the case, you might want to run an antivirus scan to check to see if there is any malware installed on your device and contact ISG.
How to remove malware?
If you have determined that your device is infected with malware, please do the following as soon as possible:
- Contact ISG immediately at isg@ucl.ac.uk or phone us at (0)20 7679 7338 so we can investigate further
- Do not log into anything online, including banking, online shopping, or any UCL related accounts, until your device is free of malware
- Run a scan on your device for malware and uninstall and delete any of the files or software that the scan has picked up as suspicious. Once this is done, you can restart your computer
Once you have done these, you should be free of malware. Remembering to keep your antivirus and operating system up to date and remaining vigilant can solve most malware problems.