What to do if you're a victim of malware
Authored by a Symantec employee
Over the past two decades, the Internet has evolved from something of a novelty to a tool most of us heavily rely upon every single day. The Internet has completely changed the way we do things, from how we work to how we communicate, socialize, shop and learn. When we think about how much we depend on the Internet in our daily lives, it's hard to imagine life without it.
Safety for every device.
Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.
But, as much as the Internet is an indispensable tool, using it leaves us vulnerable to malicious threats. There are an abundance of Trojan horses, bots, adware, ransomware, macro viruses, rogueware, spyware, worms and phishing attacks that target Internet users every day. Crimeware attacks and identity fraud can happen to anyone at any time and the more we use the Internet, the more vulnerable we are to threats.
There are many security measures that Internet users can put in place to minimize putting themselves at risk from malicious attacks. If you are a victim of an attack, check out steps you can take in response to the incident.
If you're a victim of a crimeware attack you should disconnect from the Internet immediately. If you're connected via Wi-Fi, phone or Ethernet cable, you need to disable the connection as soon as possible to prevent data being transmitted to the criminal. Breaking your network connection is the best way to put an immediate stop to the attack.
You can disconnect your Internet connection by physically unplugging from the router or network connection and also disabling the connection on your device via the following the steps:
- Click on the Start menu
- Click on 'Settings'
- In the settings menu select 'Network Connections'
- Right-click and select the 'Disable' option.
If an attack takes place while you are at work, you should contact the IT department immediately. Your company's IT team needs to know about the infection to stop it from spreading or compromising your personal data and that of the company. Your IT department will then be able to take the right steps to recover the damage caused. If an attack takes place on your personal device, you should contact your Internet Service Provider (ISP).
Scan your Device
It's good practice to have antivirus software, such as Norton™ AntiVirus or Norton™ Internet Security, installed and up-to-date in case this kind of incident occurs. Antivirus and antispyware software are the best tools to protect against crimeware. Run periodic diagnostic scans with your software; set up automated scans at regular intervals to further protect your device.
As well as being able to detect crimeware threats from your device, which might otherwise go unnoticed, antivirus and antispyware programs can often remove the threats as well.
In some instances, the software may detect the crimeware but might not be able to remove it. In this case, you can consult Symantec's removal tool listings to see if there's a separate tool which can be downloaded to remove the threat.
Create a backup
It's good practice to create regular backups of your files and folders. While the aim of crimeware is largely to steal information or data, there's a good chance that files may be lost or destroyed during the recovery process. You can make backups by using backup software, using another hard drive or removable media such as a CD, DVD or flash drive.
Monitor Your Online Behavior
Be aware of what you’re clicking on. Avoid suspicious-looking websites and advertisements, and remember if something seems strange or too good to be true, it is.
Reinstall your operating system
Depending on the severity of the attack, it might be necessary to reinstall the operating system of your computer. Some threats are very sophisticated and can hide deep in the system using rootkit techniques, meaning they'll go unnoticed by antivirus software.
Norton software can return your system to its last stable state before the infection took place. In other situations, the date of infection might not be known, and more sensitive data might be put at risk. In this case, the safest option might be to recover your files and reinstall your operating system.
Close all accounts
If you find you are the victim of online fraud or identity theft, the first thing you should do is close all affected accounts immediately. If you work quickly, you should be able to close accounts before the thief has time to access them. Closing or freezing your accounts can save you a lot of time and stress later when it comes to disputing fraudulent purchases made by a cybercriminal. It’s always a good idea to contact the financial institution and discuss the impact an attack would have on your accounts and what the necessary steps are to take if the account has been compromised.
Set up fraud alerts
Set up a fraud alert with the three national consumer reporting agencies, Equifax, Experian and TransUnion. Contacting just one of these companies sets up the alert for all three. The fraud alert tells creditors to contact you directly before making any changes to existing accounts or allowing you (or someone using your identity) to open up new ones. This is an essential step to control the amount of damage an identity thief can do with your stolen information. This step also allows you to order your credit reports from each of the agencies for free.
Keep an eye on your credit reports
Keep an eye on your credit reports from each of these agencies as the information in the reports might differ somewhat. It might take some time for fraudulent activity to appear on your reports, which is why some agencies offer all-in-one reports or just-in-time alerting services for an additional fee. In some cases, it might be worth considering one of these quick turn-around reports depending on the level of threat and the potential impact.
Look for signs of identity theft
It's a good idea to be extra vigilant following an incident of identity theft. Look out for things arriving in the post such as credit cards you haven't applied for, or anything else that seems suspicious. Review your credit card bills and bank statements thoroughly every month. You should also make sure that you're receiving all your utility and other bills that are sent to your home address. In some circumstances, you might be contacted by vendors regarding accounts you haven't opened or debt collectors may contact you regarding purchases made by someone else.
Take These Additional Steps
Take the following additional steps to protect yourself from online fraud: *Create strong passwords featuring numbers and symbols, and change them often. *Avoid using unsecured public WiFi networks. *Don’t overshare on social media platforms.
Security risks online are common and can cause massive amounts of damage when an attack takes place. While we can't control the actions of cybercriminals, we can take the necessary steps to protect ourselves and minimise the risk of becoming a victim of cybercrime by installing good Internet security software, backing up our data and being vigilant.
Don’t wait until a threat strikes.
Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.
Enjoy peace of mind on every device you use with Norton Security Premium.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.