Security 101: February 2013

Nowadays, a lot of people are shopping online. To do that, they greatly rely on internet banking. What precautionary steps or systems are used to make sure users have a secure transaction?

The most important thing to do is to make sure that your computer is not infected with malicious software. For this, you will need to have a security product installed and make sure it is up-to-date. It is also good that full system scans are performed regularly. In case you have a mobile device (smartphone, tablet, or notebook) and you access the internet via WiFi, make sure that the connection to the wireless network is secured (WPA2 Personal will do). If you perform any online banking via a website and not via an app, enter the name of the bank by yourself and do not use links that have been received from anywhere or are saved locally (malware can alter them). Once on the desired website, and before you login, make sure that the SSL seal used is the one of the original website deploys. You can easily check it by clicking on the small lock icon near the address field or on the bottom-right corner.

feb2013

 

 

As time passes, there will be new viruses going around the internet. How does the antivirus (AV) work to determine whether a code is malicious instead of it being a false detection?

The AV developers have a lot of personnel and systems that receive malicious files from different sources. Before these malicious files are blacklisted by the antivirus product, they are checked – either manually or via automated systems – to see if they are really malware. They are also checked against a database of safe files to ensure that they are not falsely blacklisted. Blocking malware only via a (smart) signature is becoming less and less popular and effective as the amount of new malware every day increases in the thousands. The new methods of detecting malware are more and more intelligent as they make use of heuristic and generic detections which are all now tied to cloud based services. Even with these types of detection systems, the AV programmers also test their products against known good files in order to avoid most false positives. Last but not least, when the product goes through many changes, public beta tests are also organised to allow the AV developers to generate feedback from the real world.