An Antivirus Will Not Protect You from User Error

Cyber security graphic

It would be pretty great if antivirus protected us from all the online security threats out there. Unfortunately, though, this isn’t the case.

Often, customers come to us asking if they should purchase a third-party antivirus software rather than use the basic one that comes with their operating system. Our answer to this question always tends to be: stick to the antivirus that comes with your computer. 

Let’s take a look at why below.

What antivirus can and can’t do

Antivirus software works by scanning your devices, applications and files for traces of viruses or malware. Viruses are a type of malicious computer program designed to alter how your computer operates. It can, for example, steal sensitive data or lock you out of accessing your files.

Viruses are scary stuff – and antivirus is vital for defending against these types of threats. However, antivirus isn’t a holy grail. It only protects against one type of cyber security threat. There are a whole plethora of other threats out there that you need to watch out for. 

Human error is the biggest security threat out there today 

Recent research found that a massive 85% of data breaches can be traced back to human error. This means that it’s not viruses or malware responsible for most successful cyberattacks; it’s people. 

As humans, we all make mistakes – and this is what today’s cybercriminals count on. Many of today’s cyberattacks focus on manipulating victims into clicking suspicious links or sharing financial information with a fraudulent entity. Here are some examples:

  • Phishing emails: Phishing emails are fraudulent emails criminals send to their victims. Typically, the email will impersonate a trusted brand. It will ask the victim to either click a link, download an attachment or share sensitive information. There were 241,342 victims of phishing in the US in 2020 – and those are just the ones that were reported. 
  • Clicking on dodgy online advertisements: Malvertising is a type of cyber attack technique where hackers inject malicious code into advertisements. When you click on the ad, the malicious code launches on your device, enabling the hacker to steal your data or even take it for ransom. 
  • Replying to texts from unknown senders: Similar to phishing is what’s known as SMishing. SMishing happens when a cybercriminal sends a fraudulent text to your mobile, pretending to be a trusted entity. The text will usually contain a link, which takes you to a page where you’re asked to share sensitive information – like your bank card information.

The best protection is education

All of the above cybercriminal tactics are not new. Phishing, malvertising and SMishing have been around for years. However, criminals continue to use these tactics because they have a high success rate. 

While antivirus and other solutions can protect against basic forms of malware, they can’t stop a phishing email from landing in your inbox, nor can they prevent you from clicking on a malicious pop-up ad. 

To that end, the best way to protect yourself from today’s cyber threats is through education. Understanding how to spot these threats can ensure you don’t fall victim. 

Here are some tips to bear in mind.

How to spot phishing

Watch out for emails where: 

  • The tone of the email sounds unfamiliar or strange 
  • You don’t recognize the sender address
  • There are spelling mistakes and grammatical errors 
  • The request seems urgent or unusual 

How to spot malvertising

Watch out for pop-ups where: 

  • The advert looks low-quality
  • There are spelling errors in the copy 
  • The advert promises something too good to be true 
  • The advert doesn’t seem relevant to your recent search history 

How to spot SMishing 

Watch out for texts where: 

  • The message seems too good to be true 
  • The request appears urgent or unusual 
  • There are spelling and/or grammatical errors in the message 

What to do if you’re not sure whether an email or text is genuine

Often, cybercriminals will impersonate trusted brands in their phony emails and texts. They may pretend to be your healthcare provider or bank and request information urgently. 

If you’re not sure whether such a request is genuine, we advise that you validate any requests over a separate channel. For example, if you receive an email from your bank that you weren’t expecting, call them to check if they sent that email. Always call and verify before engaging with these requests. 

Don’t forget that we are happy to support you with your questions about information security and education. If you have any concerns about phishing and SMishing, we’d be glad to take a look at your device for you. 

As well as this, we can help with improving your computer’s security defenses, so you experience less phishing and pop-up ads. 

Protect yourself from common security threats

Contact us today if you need help with protecting your computer or have any questions about phishing, SMishing, and malvertising. 

Contact us today.