What are anti-malware “Best Practices”?
- Install a reputable A/V package before putting your computer online for the first time. must include 2-way firewall
- Set Microsoft (MSFT) updates to automatic
- Make sure your A/V package receives regular updates
- Check for Adobe (ADBE) updates at least once a week
- Disable autorun feature for USB devices
- Never accept “click here to get a program you need”
- Dump all email unless you know the sender
- Test your computer security with a resource such as Steve Gibson‘s Shields Up!
- Send spam to Spamcop, Knujon; ask your ISP what it is doing about spam.
- Abuse from a website or domain – send an email to abuse@….. – ask the site administrator what they are doing about this…”
- Malware / Spyware / Virus – Upload samples of anything found to your AV provider – Demand accountability from the anti-malware provider; “what are you doing about this, am I covered…”
- OpenDNS – it is a free home use service (Registration required), stops most phishing and for corporate infosecs you can set what users can gain access to, e.g. social networking sites, ad-networks…. Another free service is ScrubIt. According to their website, they block out any pornographic, phishing, and many other potentially harmful sites.
- Use Google (GOOG) “Safe Browsing“- Despite some negativity, this will cut off some drive by downloads & web-based infections
- Report bad stuff on the web – tell law enforcement, tell the Feds; The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) or the Michigan State Police, Michigan Internet Crimes Against Children Task Force or send to Host Exploit.
- OpenDNS warns about Google DNS (forbes.com)
- Twitter acquires anti-malware company Dasient (news.cnet.com)