How To

How to choose antivirus software: What you need to know

Malware, viruses, phishing, ransomware: it can be a dangerous digital world out there. Global cyber threats are evolving, and everything is fair game — your personal information, your financial accounts, your privacy.

With the threat landscape changing so rapidly, it’s important to remember cybercriminals are changing their tactics, too. They are finding new ways to gain access to your devices and information.

When you think about device security software, you probably think of antivirus protection. It’s one of the most important lines of defense in digital safety, but security technology has evolved beyond antivirus. That’s because threats have grown more sophisticated and stealthier. Think: data breaches and identity theft.

Here are some things to consider before choosing antivirus or security software:

  • What’s being offered and how will it benefit you? For instance, if you have more than one device, look for security software that covers all your devices.
  • Does the antivirus solution come with excellent customer support and real-time protection from malware and viruses? Cybercrime can happen at any time. 
  • Does the antivirus protection software come with data backup and parental controls?
  • What are the differences between free antivirus and paid antivirus protection? Some free options may sell your information to third-party companies and open your devices to advertisements. A reliable security software like Norton Security not only helps keep your PC, Mac, and other devices protected, but it also comes with a 100% guarantee that, from the moment you subscribe, a Norton expert will help keep your device virus free or you’ll get a refund *.

Key antivirus features

Since antivirus and security software have gone beyond protecting your computer and other devices from malware and viruses, here are a few extra features to look for when selecting the right security software for your needs.

1. Multi device protection 

A good security suite offers protection for multiple devices like PCs, Macs, smartphones and tablets. It keeps up with the needs of the individual, knows the risks associated with each device, and offers comprehensive protection for many devices.

2. Malware and virus threat protection

Most antivirus products offer protection from malware, ransomware, spyware, trojans, viruses, phishing attacks, and other online threats. It’s smart to understand what differentiates an average antivirus protection software from an outstanding one. Look for awards, reviews, and the technology behind the service. Some companies may even offer a money-back guarantee.

3. Parental controls

To help keep your family protected from online threats, look for parental control features. Features to look for include content filters that prevent kids from visiting websites that are inappropriate for their age, time supervision, and social media and messaging-apps monitoring.

4. Firewall

A reliable security software uses a smart firewall to help safeguard private information and financial data. It blocks malicious information from entering your network and can help prevent your private information from being accessed or even leaving your device without your consent.

5. Cloud backup

A useful feature to have in a security suite is cloud backup. The automatic-backup feature helps safeguard information like sensitive data, photos, and other files.

How does antivirus software work?

Computer users often think of “antivirus” as a main line of defense against viruses and malware, and it can be. But antivirus is just the start. Consider Norton Security, for example. Its multiple layers of protection work together to help improve the speed of detection and prevention of malware — and antivirus is just one of those layers.

Protection Layer #1: Network | Firewall and Intrusion Prevention Solution

Norton’s Intrusion Prevention Solution (IPS) is a network-level protection technology that analyzes incoming data, looking for signs of malicious traffic, and blocks threats before they hit your computer.

Protection Layer #2: Antivirus | File-based protection

Antivirus is a file-based protection system that looks for and eradicates malware in files on a system to protect against viruses, worms, Trojans, spyware, bots, adware and rootkits. You could liken antivirus to the TSA’s “No Fly List,” where the name of the file, its signature of how it acts to threaten systems, is known and shared from Symantec’s research on millions of threats.

Protection Layer #3: Insight | Reputation-based protection

INSIGHT™ is a cloud-based solution that correlates tens of billions of links between users, files, and websites to detect rapidly mutating threats. By analyzing key file attributes, INSIGHT™ can accurately identify whether a file is good or bad and assign a reputation score, effectively protecting against attacks while reducing scan time.

Protection Layer #4: SONAR | Behavior-based protection

SONAR™ is a behavior-based protection engine that leverages artificial intelligence to provide zero-day protection. This behavior-based layer effectively stops new and unknown threats by monitoring nearly 1,400 file behaviors while they execute in real time to determine file risk.

Protection Layer #5: Repair | Norton Power Eraser

The goal of security software is to prevent threats from reaching the devices they protect. But sometimes it still happens, such as on a device that previously did not have security software installed, or in the case of a zero-day threat. The Norton Power Eraser tool is designed to detect and remove such infections, as well as the downloader that brought the threat onto the device in the first place.

Do Macs and Apple products need antivirus?

Apple computers can get viruses and malware just like PCs can. While they may not be as frequent targets as Windows computers, however, all have their fair share of threats. Cybercriminals can target software and hardware vulnerabilities that affect all devices, whether it’s a Mac, PC, Apple, or Android device.

Meltdown and Spectre were two major vulnerabilities that affected the processor chips of PCs and Macs. This vulnerability allowed malicious programs to steal data that was being processed on the computers’ chip, including sensitive information like passwords stored in a password manager or browser, emails, personal documents, photos, and instant messages. All of these devices were vulnerable until the right software patches were installed.

Macs have also been known to have benign yet annoying pop-up ads. But some can be malicious like the MacDownloader malware. MacDownloader was a form of spyware that attempted to steal personal data. Macro viruses are another form of malware that affect Windows and Mac computers and devices. They’re capable of creating new files, corrupting data, moving text, and formatting hard drives, among other things. KeRanger is one the first forms of ransomware that hold data at ransom.

A comprehensive security software that provides multiple layers of protection can help keep Apple products like the iPhone and Macbook Pro safe from these kinds of vulnerabilities.

What are the risks of not using antivirus protection?

Not having antivirus protection is like leaving your valuables in a vault but not locking it. You wouldn’t store your personal information on a device and leave it unprotected, would you?

Cybercriminals are on the lookout for these kinds of “unlocked vaults.” Cybercrimes may be committed by individuals or large organized crime groups. The mode of operation may change from time to time, but the goal is the same — take advantage of vulnerable devices and people to steal identity, personal info, and bank- or credit card-related info.

There is a huge market in the underground economy on the dark web for stolen forms of personal information. Not having security software to protect your devices could leave room for cybercriminals to access your devices, information and resources to commit crimes.

Take the man-in-the-middle attacks, for example. Cybercriminals take advantage of poorly secured Wi-Fi connections to insert malicious software that’s been created to intercept the data transmitted to and from the victim’s device. Such Wi-Fi connections are often found in public places, like coffee shops, airports, or movie theatres. The aim is to gain access to personal information such as your login credentials, passwords, account numbers and other information stored on that device.

What can you do? Installing and running a robust security software with multiple layers can help protect your information. Most security software will scan and quarantine the malicious file. In the case of a zero-day vulnerability, where a vulnerability has been discovered and a patch has not yet been placed, the file will be destroyed along with the downloader.

It’s up to you to decide the best security software for your needs. Not having antivirus protection could put your devices and your personal information at risk. Having a trusted antivirus software could help you navigate the internet freely and protect what’s yours.

Antivirus glossary

Adware and spyware
Embedded in free software, such as weather trackers and screensavers. This type of malware generates ads and tracks behavior.

Programs and files that are created to do harm. Malware includes computer viruses, worms, and Trojan horses.

Similar to phishing attacks, pharming attacks redirect users from a legitimate site to a malicious one.

Seemingly safe links take users to malicious sites that gather personal data and login credentials. The links can be found within websites, emails or ads.

When downloaded, ransomware blocks access to files and programs until users pay a set fee.

Real time
An immediate action in response to an event, incident, or alert.

May also be called a Trojan horse. A type of non-parasitic malicious code that has unexpected and malicious consequences. Trojans represent themselves as something other than what they truly are. The Trojan may even perform the functions it initially indicates when executed but will also carry out its malicious actions.

Harmful software that replicates itself and spreads to other devices.

The day a security researcher reports the discovery of a new vulnerability to either the technology manufacturer, a security news group, or both. This starts the “time to exploit clock,” which tracks the number of days between the discovery of the vulnerability and the exploitation of it.

Victim of a data breach? LifeLock monitors for identity theft and threats.

Norton joined forces with LifeLock, we offer a comprehensive digital safety solution that helps protect your devices, connections and identity.

*Restrictions apply. Must purchase, renew, or upgrade your Norton subscription, or enroll in Automatic Renewal Service online. See for details.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.