Pardon my bluntness as I take the time to inform you that your antivirus software is not foolproof and will not keep your computer completely safe. There is a huge illusion that many people have that as long as they have one of the most popular antivirus programs out there running in the background of their system that they are absolutely safe from any and all computer threats that come their way from the internet. This assumption is absolutely incorrect and wrong. Even though these programs are still essential as part of a multi-layer defense against cybercriminals and hackers, this layer in particular provides significantly less protection than the typical computer user realizes. This is why, day in and day out, I personally see so many computer users finding their systems infected with viruses, trojans, and other malware despite having the latest and greatest in antivirus technology software installed. Let’s look for a second at the term “antivirus”. This term is quite misleading and has been transformed into a broader purpose application that also covers security, anti-spyware, anti-adware, anti-rootkit, anti-trojan, and other anti-“malware”. I’m not sure if most of you realize, but our computers are a target for organized cybercriminals who are trying their best to install malicious software (or malware) onto our computer systems in order to steal information, attack other computers on the internet, or simply be a nuisance for productivity. In fact, there is money to be made in this type of criminal activity — more than you know — and they are getting more and more clever. And, unfortunately, our antivirus companies are finding it very difficult to keep up with them. As crazy as it seems, the #1 security exploit that these cybercriminals take advantage of is one that we all know very intimately and may be too proud to admit – YOU. Malware that has its foundation rooted in “social-engineering”, meaning they trick computer users into downloading and running malicious software from the web (i.e. utilities, free movies, screensavers, coupon printers, false virus alerts, etc.), is easier to deploy because it’s easier to trick people into giving consent. Can an antivirus application protect us against all social-engineered tricks? I doubt it. A recent study by NSS Labs showed that AVG, a popular antivirus application used by many, only blocked about 54.8% of the attacks. This was bested by Trend Micro blocking 90.1%. So, using socially engineering, cybercriminals have a 10-45% chance of bypassing your antivirus without triggering an alert (depending on your application). The #2 security exploit that these hackers take advantage of are flaws in software code.  Software programmers commonly find mistakes in their code that, when discovered by cybercriminals, leave you vulnerable.  (I’ve written about these exploits in a previous blog posts.)  These exploits can be used by cybercriminals to install malware in secret and this is why software programmers will release software patches and updates to their software to fix these coding errors. If a computer user has unpatched software on their system and visits a malicious website built to exploit that software, that website will deliver its malware to the computer user. Most times in this situation, the computer user doesn’t even know it happened.   All they did was surf the web with an unpatched computer system. They weren’t even surfing any unsavory websites. Legitimate websites are hijacked frequently for the purpose of infecting people surfing by. Should an antivirus application protect us from these types of attacks? They should, but let’s look at the statistics. The NSS Labs report shows that even the most successful protection (F-Secure and Kaspersky) stopped less than 75% of the attacks with most tested products stopped less than 50%!  Cybercriminals using software exploits would have a 25% to 97% chance of success (depending on your application). That is worse than the socially-engineered kind!! So, as a computer user, it may seem pretty hopeless.  Fortunately, we are far from being helpless.  However, we do need to understand exactly how we can defend ourselves by using a Multi-Layer Protection approach.  We must realize that there is no single tool, single application, or single device that will keep up safe.  It pains me to see that the antivirus industry has lulled the public into such a false sense of security by having us think that their tool is the end all and be all of protecting against this stuff.  As a result, we as computer users have developed a certain expectation of this software that will never be met. So, first and foremost, the simplest way to protect yourself against cybercriminals using software exploits is to apply software patches.  Microsoft notifies you when you have a patch to install. Don’t ignore it. Adobe Flash, Adobe Reader, and Java will also notify when patches are available. Please install them! This type of computer maintenance is so important and yet it is one of the most neglected. Next is to fight against socially engineered trickery using the best defense possible – education. Beware of software from websites and developers that you are not familiar with. Not all websites that show up in a Google search are safe. Make sure you read reviews and stay with websites that are popular and well known. If you have questions or have doubt, ask a trusted friend who is knowledgeable in recognizing such sites. Small businesses should use web filtering tools to prevent their staff from going to websites that are not business related (on purpose or by accident). These types of tools are good investments in preventing a catastrophe that could be detrimental to keeping your business running. Once inside your network, cybercriminals can form a foothold and getting back on track can prove to be difficult. It is important to stay proactive about protecting yourself and your business.  If you are serious about your security and protection, contact ATCG-TECH. If you suspect you may be compromised or simply need to get your PC maintained, contact us now. ATCG-TECH uses top of the line remote monitoring software that will detect and inform you if a breach has occurred. We make hardware and software recommendations to protect your business’ Internet perimeter and also your laptops in the field. We ensure that you have a multi-layer defense plan in place including security, backup, and support so you can have peace of mind that we have your back. Call us to get your free network assessment. Call us now at 424-234-8324 In conclusion, you should definitely use antivirus software, but do not rely upon this tool as your one and only defense, but more as a last resort.