Free Anti-Virus Software Really Ain't Free

The lure of free anti-virus software is powerful. Many companies such as Norton and McAfee offer free versions of their pro products, but AVG was the first to offer a free version of their software over 10 years ago. The software can be free indefinitely or free for only a trial period, often lasting 14 to 30 days. These free versions are generally stripped down and limited in features and options. In the case of 14 or 30 day trial software, you have access to all the options and features for the duration of the trial. After that, the software is downgraded.

Free anti-virus software looks like a real bargain. In fact, I'm willing to bet that many of you are using it right now. However, it is advisable that you switch to a paid version. There is a hidden cost to using such software. Before we examine the hidden cost I'm going to list those features that are commonly reserved for paying customers:

• Link checking
• Email protection
• Personal data protection
• Automatic and frequent updates
• Complete and timely tech support
• Automatic scanning for threats
• Automatic scanning of removable storage

The above list is a composite list. I examined many of the leading anti-virus software maker's websites to generate that list so be aware that your options may vary. Now, let's examine the list in detail.

Link Checking

Pro anti-virus software interrogates each webpage before it loads in your browser. If it discovers suspect code it stops the page from opening. Free versions often leave you to fend for yourself.

Email Protection

Link checking also takes place in your inbox. Links in emails are scanned for malicious content, and built-in email rules stop virii from ever reaching your inbox. Free versions don't perform thorough email protection, potentially leaving a hole in your protection.

Personal Data Protection

Cybercriminals make money by stealing and selling your personal data. Many free anti-virus software will only provide limited protection, where pro versions provide users with proactive protection by blocking unauthorized outside connections to your computer.

Automatic and Frequent Updates

Pro versions of anti-virus software update several times per day, even up to once (or more) per hour. Free versions either require you to manually perform the updates or updates are performed automatically but infrequently. You are less protected that way, and the downloads are quite large resulting in long waits.

Timely Tech Support

Pro versions offer you telephone support, or at least a response via email that is measured in hours, not days. If you are using the free version, you'll still get help. Just not right away, and you may have to visit a forum to get answers.

Automatic Scanning for Threats

Anti-virus software should sit in the background and watch over your shoulder as you work, much like a bodyguard. Just as a bodyguard will spring into action even before you realize there is danger, your antivirus software should neutralize threats as soon as they are found. Free versions require you to manually start the scans - you aren't constantly protected.

Automatic Scanning of Removable Storage

Attacks can come from anywhere. Flash drives are those little dongles that have taken the place of 3.5" floppies and are used to carry data from one computer to another. Pro versions of anti-virus software will begin a scan as soon as a flash drive is inserted into the computer, looking for any harmful software and stopping it in its tracks. Free versions require you to manually scan the flash drive. Forgetting to manually start a scan could lead to your computer getting infected.

Free anti-virus software has a hidden cost and it is expensive once you add it up. Firstly, many of the free versions just aren't as robust and feature filled as the pro versions, leaving you without comprehensive protection. Secondly, you have to invest a lot more time into the free versions, doing chores such as:

• Manually scanning for threats as you work on the web throughout the day
• Remembering to update the database several times, daily
• Searching for your own answers, or waiting for email replies while malicious software is infecting your computer
• Scanning those portable flash drives that can also carry harmful code

Forgetting to do any of the above chores could potentially leave you open and vulnerable to attack. It is advisable that you switch to a paid version of anti-virus software to protect yourself and your sensitive data from online threats.

How Spammers Find Your Email Address

Spammers use a variety of techniques to harvest email addresses. However the two main techniques are (a) the use of automated spiders and (b) directory harvesting.

Automated spiders

These are software agents that are known under a variety of names... spiders, crawlers, robots and bots. These spiders are the seekers of content on the internet. They form the basis of how search engines, such as Google and Yahoo!, work.

Search engine spiders trawl the internet unceasingly looking for content. Their searches are based on important words known as key words. The engines keep an index of the words they find and the website where they find them. Users of the search engines can then find these sites by keying in the search words. A major search engine will index hundreds of millions of pages, and respond to tens of millions of queries every day.

A spammer collects email addresses in a similar way... by sending an automated spider throughout the internet looking for addresses that are found on web pages or in links used to send emails. The spider sends them back to the person who is compiling the spam list.

The spammer's spider will trawl a variety of websites looking for addresses. These include dating sites, chat rooms, message boards, Usenet newsgroups; in fact any type of webpage that might conceivably contain an address.

If you have ever sent your address to anyone on the internet, have inserted it in a form or have you own webpage with your address on it, you can be absolutely sure that your email address has been harvested by numerous spiders working for compilers of spam lists.

Directory harvesting

A directory harvesting attack, aka a dictionary attack, is another common technique for creating lists of addresses. It is used to collect addresses from internet service providers (ISPs), mail services such as Yahoo!, Hotmail and AOL, and large companies with their own mail servers.

The attacking software sends millions of emails to addresses on a particular server. It makes these addresses up using sequences of minor variations on a basic address. For example, the software could send the same email to a series of addresses such as akennedy / bkennedy / / ckennedy@yahoo.com and so on.

Nearly all these addresses will be invalid, in which case the server will respond with an SMTP 550 error message. The harvesting software will ignore these addresses. But every now and then the software will get lucky and the server will respond with a message that an email address is valid. The software will compile all the valid addresses into a list for spamming.

The software will probably send out millions of email messages just to find a few hundred valid addresses, so this seems a very inefficient way to harvest email addresses. But the whole process is automated, so it costs the spammer very little.

Other email collection techniques

There are several other ways email addresses can be harvested.

One of these is to set up a webpage offering to send a product or service free of charge as long as the user provides an email address. Examples of these kinds of sites are those that promise to send a joke-of-the-day, daily quotes from the bible, news or stock alerts, and so on. I recently came across a site that stated that there could be a registered sex offender in my area and that I could get further information by email!

In sum... there is little you can do to avoid having your address harvested by spammers. The best you can do is to make sure you are running good anti-spam software and that you keep it up to date.

Protecting Against Email Viruses

Anti-virus and anti-malware scams pose a serious problem for today's Internet users. Although more people are becoming aware of these risks, there are still many email users and casual web readers who don't know about the tricks and ploys scammers use to trick you into sharing information or making your system vulnerable to attack.

Despite the ingenuity of many viruses and malware, there are two basic ways most virus scams target your computer: via email or through pop-up ads. Email from unknown addresses may be dangerous, as it can include viruses in the form of attachments. Make sure that your entire management team sends out company-wide emails, warning employees of their danger. Standardize your internal processes to make a security a top priority. Pop-up ads are more likely to advertise bogus products to remove viruses you don't actually have - and then seize your personal or financial information.

There's noting more destructive to a small business than the leaking of sensitive information. Don't let that happen. Take preventative measures today! Start by addressing two of the most common threats utilized by hackers: Email Viruses and Pop-Up Ads.

Email Virus Dangers

Email virus scams are very common, and they disguise themselves well. Viruses are often sent to thousands of email addresses under the guise of a real company that you might have had contact with, such as eBay, PayPal, UPS, FedEx, DHL, or other commonly used service providers.

The email may look exactly like a legitimate email from the alleged company - or it might have typos and spelling mistakes that give it away. In either case, these "phishing" emails will ask you to take some urgent action that could endanger your computer or your personal information. For example, it might ask you to respond to email you sent, inquiring about hiring a new IT firm with your account information, open an attachment that will explain the email further, or click on a link that will take you to a site that requests your address, phone number, credit card information, or other personal data.

Opening the email could unleash a virus on your computer, or give scammers access to your PC to take credit card information or other data that would allow them to use your name and identity. If you receive an email and aren't sure if it's legitimate, contact the company directly - through the "Contact" page on their website - and ask them whether or not they actually sent the email. Most groups taking phishing very seriously and will respond quickly to these kinds of inquiries. As a rule of thumb, never open it if you aren't sure.

Pop-up Ads and Scam Anti-Malware

Scam or "rogue" antivirus software can sometimes appear in the form of pop-up ads when you visit legitimate websites (often because the website itself has been hacked by scammers). I've seen it too often: an accidental click on the wrong link corrupts data for weeks to come. Some of these bogus sites have very sophisticated designs that look virtually identical to the websites and software you use on a regular basis. These pop-ups may warn you that your computer has been compromised, listing a series of viruses or other alleged problems on your computer that their software purports to fix - for a price. Then, when you order the software, your computer will become infected with a virus or your personal information will fall into the wrong hands.

If you receive one of these pop-up messages warning you about viruses on your system, be forewarned: it's almost certainly a scam, intended to solicit cash and personal information from unwary web users. The best way to be sure, however, is to check with a reputable site like Snopes, McAfee, or Sunbelt to find out whether the notification is legitimate.

2014 And Beyond

Today's hackers are growing bolder and bolder. Unlike their forefathers in the early 1990's they use increasing complex codes, applications, and password generators to keep one step ahead of firewalls and other security measures. And while staying on the cutting-edge of virus protection is a must in today's business world, staying informed of these threats is the first step. If you don't have an internal IT department or staff, contracting your email & server protection to an outside IT services firm could be your best strategy. They'll be able to offer a wide range of customized strategies to align with your budget.

Now that you know how to spot the red flags, you won't be caught unaware the next time one of these messages turns up on your computer screen or in your email inbox.