Sanjeev Sabhlok's notes on technology, hardware, gardening

How to prevent ransomware from attacking your computer

This is a cut-paste from various sources in the internet. In due course I plan to systematically organise this info.

1) DO NOT USE WINDOWS XP OR WINDOWS 8

Users of Windows Vista, Windows 7, and Windows 8.1 can easily protect themselves against the main route of infection by running Windows Update on their systems.

Microsoft’s policy is that some commonly used versions of Windows no longer receive security patches; those versions include Windows Server 2003 and Windows XP, both of which have not been sold for over a decade; and Windows 8, which some users prefer to the supported Windows 8.1 because of differences between the two versions of the operating system. [Source]

2) CREATE A SECURE ADMIN ACCOUNT ON WINDOWS AND ALWAYS USE GUEST ACCOUNT FOR DAY-TO-DAY PURPOSES

The admin account must be ultra-secure.

3) DISABLE REMOTE DESKTOP ACCESS

Visit the appropriate Microsoft Knowledge Base article below:

4) YOUR BROWSER IS YOUR ACHILLES HEEL. STRONGLY SECURE THE BROWSERS

https://heimdalsecurity.com/blog/ultimate-guide-secure-online-browsing/

Also remove outdated plugins and add-ons from browsers. + use an ad-blocker to avoid the threat of potentially malicious ads.

5) TAKE ALL USUAL PRECAUTIONS

Never open spam emails or emails from unknown sender, never download attachments from spam emails or suspicious emails, never click links in spam emails or suspicious emails. Keep all software updated. Use antivirus etc. software. Keep offline backups of everything.

6) INSTALL FREE HEIMDAL SECURITY

https://heimdalsecurity.com/

7) USE (FREE) IBM SECURITY TRUSTEER RAPPORT

Get the free version here: http://www.trusteer.com/en/landing-page/ebay

Then for EACH highly secure website (e.g. bank account), enable Rapport. This will STOP any unauthorised screenshots from such websites.

8) ENABLE ‘Show file extensions’ OPTION IN WINDOWS

This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several extensions to disguise a malicious file as a video, photo, or document (like hot-chics.avi.exe or doc.scr). [Source]

9) MONITOR PROCESSES ON TASK MANAGER

If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading. [Source]

10) AVOID ONEDRIVE/ GOOGLE DRIVE, ETC. BEING HACKED

Dropbox/Google Drive/OneDrive/etc. are very vulnerable since they are turned on by default. Try to stop them from doing so, and only turn them on once a day to sync. [Source]

11) TURN OFF MACROS IN MICROSOFT OFFICE SUITE

Such as Word, Excel, PowerPoint, etc. [Source]

12) REMOVE ADOBE FLASH, ADOBE READER, JAVA AND SILVERLIGHT PLUGINS from browsers.

If you have to use them, set the browser to ask me if these plugins are to be activated when needed.[Source]

13) USE A VIRTUAL PRIVATE NETWORK

By using a VPN, you can greatly reduce your exposure to attacks looking to “sniff” and exfiltrate the confidential data you send and receive over the Internet. [Source]

14) SET UP A PROXY

A proxy is a dedicated computer or software that runs on a computer which acts as a middleman between your computer and your Internet connectivity requests. [Source]

Some backlists (both free and paid) you can use to set up your proxy are:

http://urlblacklist.com/?sec=download
http://www.squidguard.org/blacklists.html
http://www.squidblacklist.org/

15) TURN YOUR FIREWALL ON

Windows has its own firewall you can use for free and we encourage you to keep it on. Some antivirus products include a firewall in their suite, next to their antivirus engine. This may disable Windows Firewall, so make sure to check your settings to ensure that you’re using a firewall from a trusted source. [Source]

Print Friendly, PDF & Email

sabhlok

View more posts from this author

Leave a Reply

Your email address will not be published. Required fields are marked *