Preventing Pop-ups and fake security

We have become so dependent on this electronic world we have built.  With such critical information as medical records and banking, it is imperative that we protect ourselves from the many cyber threats lurking at every turn.  

Common variants of these cyber threats are pop-ups and fake security applications (ie. fake anti-virus, fake anti-spyware, and fake anti-malware). The best way to stop these threats is to prevent them from ever taking hold of your system in the first place.

If you are already infected with something, see my post on Recovering from a Spyware or Virus Infection.  Otherwise these few steps may help keep your systems running cleanly:

  • Upgrade to the latest version of Windows.  Each version of Windows includes stronger security than the prior versions.  To make upgrading easier, Microsoft now allows users to purchase an upgrade to their version of Windows from the Microsoft Store.
  • Install Windows Updates.  Make sure all of your Windows critical updates are installed.  Critical updates often fix these known vulnerabilities, keeping you protected.
  • Stand-alone anti-virus (AV) is not enough.  I usually recommend running a full anti-malware protection suite like VIPRE Business Premium for enterprise machines, or Norton 360 for home users.  These full anti-malware protection suites  include several components to help protect your system from viruses, trojans, worms, and spyware. Both of these protection suites also run resident (runs continuously), keeping your system protected all the time, not just when not running a scheduled scan.
  • Software firewall is important on every PC.  If you’re not running a protection suite which includes one (such as those included Norton 360 or VIPRE Internet Security), Windows comes with a built-in software firewall which isn’t half bad.  Make sure this is turned on so your internet/network traffic is secured.
  • Hardware Firewall or router running Network Address Translation (NAT) can also help protect your entire network.  A wired or wireless router with NAT can provide basic protection. The more protection you have on your network’s perimeter the better.  Just like your anti-virus software, many higher end firewalls require constant updates to help keep your systems protected against new threats.  It is important to renew any subscriptions necessary to receive these updates for years to come.
  • If you do get a pop-up window asking for your input, do not click on any buttons on that window.  Instead, either click the X button to close the window, or press <Alt> + <F4> to close it.  Just because a button says “Cancel” doesn’t mean that there isn’t programming behind it to install a trojan onto your system. 
  • Constant vigilance is the most important component here but requires a bit of work including the following:
    • Make sure you’re viewing web sites from trusted sources (NY Times, Microsoft, etc.)
    • Don’t open attachments to suspicious looking emails or from unknown sources.
    • If an email looks suspicious not only should you not open it, but don’t even view it in a preview pane.  I often times ask senders if they meant to send an email message to me or if this was spam before I open a suspicious looking email.  
    • Before clicking on a link, hover over it to see where the link points to.  If it is pointing to an IP address (eg. 76.22.239.3) or strange URL (eg. http://win.com.ru/2l2k3k3/extra) instead of a valid address (eg. http://www.microsoft.com/windows), then perhaps it is not wise to click on that link, as you have NO idea where it is sending you.

Related Articles:

Robert Borges

About Robert...

I have been in the IT industry since 1993 focusing mainly on networking. Though I got an early start as an amateur computer enthusiast and wrote my first database app at age 12, I started my professional career working in the MIS department of one of the largest liquor distributors in the northeast. I started out there as a systems operator on the company’s two mainframe systems. From there I moved into PC support, and help design and implement the company’s first client-server network… This was back in the days of Win NT 3.51 when I worked on my first migration to Windows NT 4.0 server.

From there I went on to work with Novell 3.x and 4.x along with Windows domains and Microsft's brand new Active Directory. Working my way up from technician to specialist, to an administrator, and eventually all the way up to Sr. Engineer. I spent many years working for MSPs/consulting firms, 9 of which I owned and operated my own firm.

Over the years, I have worked with (at an expert level) various versions of Windows client and server operating systems (including Windows 11 and Windows Server 2019); various virtualization technologies (Hyper-V, VMware, etc.); MS-SQL server 6.5- 2014 R2; Exchange 4-2019, and much more.  Over the years I have built a lot of experience around the Microsoft Azure and Microsoft 365 cloud environments.

I am now CTO at Infused Innovations where our team is focusing on helping clients build a Secure Intelligent Workplace through InfoSec (Zero Trusts Framework), Modern Workplace, and Business Intelligence.

I have been heavily involved in the IT user group community, including serving as president of the board of Boston User Groups, Inc., and president of IT-Pro User Group. In 2017/2018 Microsoft awarded me the Microsoft MVP (Most Valuable Professional) Award, with a focus of Microsoft Azure cloud, for my efforts in the IT community.

I am in a constant state of learning about new products, and new versions of products. Many of which we end up implementing in lab environments and sometimes for our clients. I have a very broad range of expertise and experience. It is my goal to share some of this experience on this blog to help enrich the IT community.

Permanent link to this article: https://www.robertborges.us/2012/10/it-security/preventing-pop-ups-and-fake-security/

Leave a Reply