As part of National Cyber Security Awareness Month, we are featuring an article from Emsisoft that takes a detailed look at Trojan Horse infections. Last week, we looked at how Trojan Horses work and at the different forms they can take. This week, we review their distribution methods and how you can avoid them.
What Are the Most Common Trojan Infection Points?
Because trojans are not capable of replicating or spreading themselves independently, they require user input to be successful. Of course, few users are willingly going to play a role in downloading and installing malicious software on their own system, so hackers have to use disguises and deceit to coerce you into running their software. Trojans generally camouflage themselves as harmless software or hide among the lines of code written within real, legitimate software.
Generally speaking, there are three main ways that Trojans are distributed online:
1. Downloaded Software
Trojan horses are frequently uploaded to websites that provide free software both legally (such as shareware applications) and illegally (such as pirated software). Due to the sheer number of programs that are uploaded to these sites, it’s not always possible for site owners to check that every piece of software is safe and secure, and as a result many Trojan-containing applications slip through the cracks. When you, the user, download and install the software – even if it’s from an otherwise reputable site such as the CCleaner example we mentioned above – there’s a risk that you could be unleashing a Trojan on your system.
2. Email Attachment
Your emails are another common source of Trojan infections. Cyber criminals send out convincing messages that appear to be from widely known, trustworthy companies (say, Microsoft, Amazon or similar) and attach Trojans disguised as an ordinary file such as an image, video, mp3, or download link. After you execute the file, the malware is free to run rampant.
3. Instant Messaging
Instant messaging services are home to their fair share of Trojans. In August, we saw a resurgence of the classic fake Facebook video trojan, a malware disguised as a video sent via Facebook Messenger to other people on the infected machine’s friend list. When users click the fake video, they’re prompted to download a file which, when executed, releases the Trojan.
Instant messaging is particularly effective as a distribution channel because the chat is so casual and fast paced. In this sort of environment, it’s easy to let your guard down and may make you more liable to click harmful links and download files without the same precautions as you would elsewhere on the web.
Trojan Virus Removal and Protection
Unsurprisingly, you are the first and most effective line of defense when it comes to Trojan protection. Adopting safe browsing habits and exercising a high level of caution online can go a long way toward reducing your risk of infection and should be an important part of every IT security plan.
Safe browsing habits might include:
Avoiding pirated software and piracy-related websites.
Only downloading software from reputable sources.
Triple checking email attachments before opening.
Being wary of unsolicited messages on social media and instant messaging services.
Checking file extensions before opening any file (no image should end in .exe!).
Being conscious of what you click on when browsing the web.
While you might be leading the charge, the good news is that there are a number of tools that can help you in the battle against Trojans. For example, reputable IT security solutions can prevent them from penetrating your defenses and remove any malicious software that may have crept in while another antivirus product was supposed to be keeping watch.
In addition, ensuring the Windows Firewall (or a comparably comprehensive product) is active and configured correctly to block unsolicited connections can further reduce the chances of a Trojan breaching the wall. Finally, keeping your operating system, web browser and other software up to date is vital for reducing potential security vulnerabilities and minimizing the risk of becoming the victim of a zero-day exploit.
Leaving the Horse Outside
The ancient people of Troy lost their city when their defense system failed to see through their enemy’s disguise and recognize the Trojan horse for the threat it really was.
Don’t let history repeat itself. With the information in this blog post, your citadel guards (you!) will be better equipped to identify potential threats, bolster your computer’s defenses and keep your system safe from the ongoing Trojan threat.
We know that keeping your computer and software up to date can be complicated and bothersome, that’s why we developed our Service Plans, to help you stay safe and up to date! We start with a fresh Tune Up of your computer, then add our monthly Service Plan to keep things running smooth. Call or email us today to secure your system!