Three Reasons Why Anti-Virus Alone is No Longer Enough

[+Warwagon MVC]

So many home, and even business users, are complacent about the level of protection they are currently receiving from their traditional anti-virus (AV) software.

Nope. Not any more. The malware ecosystem has changed drastically in the past 10 years, to the point that the old precautions are just no longer enough. Here are the three top reasons for this:

1. You don’t have to click to get hit.In the past, it was sufficient to simply avoid clicking on suspect links or visiting bad sites. This is no longer the case because of new attack vectors like malvertising. In a malvertising attack, a legitimate site unknowingly pulls malicious content from a bad site, and the malicious content seeks ways (often exploits) to install itself on your computer.  You may have heard these attacks called “drive by downloads.”  Just by visiting a good site on the wrong day, you get infected.

   To learn more, you can read our other posts about malvertising.

2. Traditional AV response times to new threats are too slow.  According to data compiled by Panda Research, traditional AV only stops 30-50 percent of new zero-hour malware when it’s first seen.

   A few take up to eight hours to reach even the 90 percent level, with the majority needing a full 24 hours. And it takes them a full seven days to get to the high 90’s. That’s a whole lot of time to be missing protection!

   A recent study by the Enterprise Strategy Group showed that almost half of the enterprises polled had suffered a successful malware attack even though they were running anti-virus.

3. Exploits are everywhere.  Many software products, notably including Java and Flash, were designed in an era when computer security was a much less serious concern. And the worst part of exploit based malware is that the time from the initial exploit to detection and remediation – is on average almost a year.

At Malwarebytes, we believe in what’s called a layered approach to security.

The layered approach is just like using a seat belt and an airbag – they both help keep you safe, but they work in different ways.

 

https://blog.malwarebytes.org/security-threat/2015/11/three-reasons-why-anti-virus-alone-is-no-longer-enough/ 

I've been saying this for a while, yet a lot of people still say common sense is key... not visiting dangerous websites and such.

Edited November 14, 2015 by warwagon

[+Elі Subscriber²]

I heartily agree on this, I'm using three different layers of protection right now on my PC,  call me paranoid if you want, I rather be over protected than sorry. 

[+Warwagon MVC]

I heartily agree on this, I'm using three different layers of protection right now on my PC,  call me paranoid if you want, I rather be over protected than sorry. 

I'm just using 2. Secureaplus and Malwarebytes Anti-Exploit

What's your 3rd?

[+Elі Subscriber²]

 

I'm just using 2. Secureaplus and Malwarebytes Anti-Exploit

What's your 3rd?

Besides the ones you are using SecurePlus Beta 4 and Malwarebytes Anti- Exploit Premium I'm also using an antivirus solution, Bitdefender Plus 2015.

[Circaflex]

curious why one would run secureaplus along with bitdefender antivirus, isnt the idea behind secureaplus they bundle 11 different av scanners in the program?

[kozukumi]

Why is it the only people I know with infected machines are people with well protected machines? The reason is because most people are dumb and will find a way to screw up their system no matter how safe you make it.

Want to know the best way to protect your computer? Don't use ######## Flash!

 

[+Red King Subscriber²]

I haven't been infected in a long time and I don't use anything else than what Windows provides.

[+Warwagon MVC]

Why is it the only people I know with infected machines are people with well protected machines? The reason is because most people are dumb and will find a way to screw up their system no matter how safe you make it.

Want to know the best way to protect your computer? Don't use ######## Flash!

 

Or just use an addon for Firefox called "Flash Control"

[kozukumi]

 

Or just use an addon for Firefox called "Flash Control"

The problem with Flash is that even "good" sites can get infected. A great example of this is the Jamie Oliver site which was infected twice with malicious Flash ads. Far better to just not bother with Flash. Let it die. If a site you use needs it tell them to move onto newer and safer technologies.

Using an ad-blocker is also an excellent way of preventing such things. Yes I know many sites rely on ads to survive and it sucks for them that I have to block ads to be safe but until the advertising model is fixed I will continue to block. I once white listed a site only for them to serve up a dodgy ad a year or so ago. Since then I refuse to white list any site which uses a third party ad serve. The only ones I trust/allow are static ads managed by the site itself.

[+Warwagon MVC]

The problem with Flash is that even "good" sites can get infected. A great example of this is the Jamie Oliver site which was infected twice with malicious Flash ads. Far better to just not bother with Flash. Let it die. If a site you use needs it tell them to move onto newer and safer technologies.

Using an ad-blocker is also an excellent way of preventing such things. Yes I know many sites rely on ads to survive and it sucks for them that I have to block ads to be safe but until the advertising model is fixed I will continue to block. I once white listed a site only for them to serve up a dodgy ad a year or so ago. Since then I refuse to white list any site which uses a third party ad serve. The only ones I trust/allow are static ads managed by the site itself.

Which is why I use flash control. Blocks all flash on the site, ads included. and to play the video I just click the play button and it enables flash for just that video.

[spaceelf]

It's pretty bloody simple to just keep Flash up to date (or use a browser which does so automatically) which blocks most Flash threats.

This is pretty much FUD.  Most people still get infected by running programs they shouldn't or not keeping their software up to date.

[cork1958]

Actually,

AV's have never been enough alone except maybe when the internet first caught on and before crap got so prevalent!

 

I use an AV along with a good host file and adblocker and common sense. Haven't had anything in ages according to Malwarebytes and Hitman Pro.

[Jason S. Global Moderator]

i havent had antivirus on a computer in probably 5-8 years. ive had zero issues. What are people doing that theyre getting malware and virus'? perhaps i dont want to know...

[+Warwagon MVC]

i havent had antivirus on a computer in probably 5-8 years. ive had zero issues. What are people doing that theyre getting malware and virus'? perhaps i dont want to know...

Driveby downloads. People suck at keeping stuff up to date. Most people if they have java and it appears next to the clock to update it, they just X it out.

[kozukumi]

The biggest issue I see with friends and family is Flash infections. Java not so much as most people don't even have it installed. Flash is a nasty ######er though.

[Klownicle]

Why is it the only people I know with infected machines are people with well protected machines? The reason is because most people are dumb and will find a way to screw up their system no matter how safe you make it.

Want to know the best way to protect your computer? Don't use ######## Flash!

 

Bingo.  Disable Java, Flash, Adobe in browser, update Windows and the rest is common sense.  No need to install loads of software in a perceived protection.  I'd rather go naked.  If there's anything you should do its a whitelist based protection.  Anything else is only as good as its software. 

[xrobwx71]

Why is it the only people I know with infected machines are people with well protected machines? The reason is because most people are dumb and will find a way to screw up their system no matter how safe you make it.

Want to know the best way to protect your computer? Don't use ######## Flash!

 

It's because when their AV software says stop, they don't stop. If a person has 2+ layers of protection and they still get infected it almost always has to be a "clickable offence". They had to ignore a warning or pass through a warning or allow a warning to be trusted.Perhaps not 100% always but almost always....

[Praetor]

i havent had antivirus on a computer in probably 5-8 years. ive had zero issues. What are people doing that theyre getting malware and virus'? perhaps i dont want to know...

Simple: just visit the Huffington Post website when it was serving malicious ads. Not the actual site was infected, just the ads. Didn't required to click at anything at all as well.

http://www.cyphort.com/huffingtonpost-serving-malware/

In this days there is NO 100% bullet proof solution, but then again common sense alone isn't enough. It's like not using a condom and only selecting "trusted" sexual partners... until one of them gets infected without even knowing it.

Using an account without admin rights, using AppLocker / SRP (Software Restriction Policies), using an good Ad-blocker (i use ublock origin), a good AV solution and keeping Java / Flash (if it's realy necessary to use) + Windows / Office and all the other software very updated is pretty good, but still not a 100% solution. I've seen recent Crytowall malware in this controlled environment still trying to deploy it's payload (unsuccessfully), yet it corrupted part of the OS in the process.

[exotoxic]

 

Or just use an addon for Firefox called "Flash Control"

I tried this on firefox, it blocked flash but caused it to crash over and over again.

[oldtimefighter]

I'm just using 2. Secureaplus and Malwarebytes Anti-Exploit

What's your 3rd?

 

Besides the ones you are using SecurePlus Beta 4 and Malwarebytes Anti- Exploit Premium I'm also using an antivirus solution, Bitdefender Plus 2015.

 

Warwagon and Ely, no disrespect but why not just disconnect yourself from the Internet if going to be that paranoid?

I guess Malwarebytes can't make money just selling anti-virus software anymore as Windows is more secure now then in the past so most people will only run the free version so they... Tell people anti-virus is not enough and then create another product for just $24 a year. Genius!

I haven't had a malware infection in like two decades so I have gone in the opposite direction since going to Windows 10. I have ditched installing a separate anti-virus program altogether. This is my layered approach to protect my PC...

5. Run a complete Malwarebytes scan once a week (or so)

4. Windows Defender/Windows Firewall enabled and Windows updates installed promptly

3. No Silverlight, Flash, or Java installed

I just fire up Chrome if really need to browse a site that requires Flash.

2. Ad-blocker

1. Common sense! <--- Anyone who works at a computer repair place will tell you most malware cleaning jobs are repeat consumers.

Total cost...free.

[Rippleman]

malwarebytes pro has been able to solo protect me against EVERYTHING for the last 6 years....  

before you say no, you need more:

1) I love testing new av's all the time. So i do scan regularly with many different vendors. Have never seen a different vendor pick up something MB missed. Never.
2) I surf porn, warez, and unknown streaming sites (disclaimer: with an ad blocker of course)

Side note: For the last 8 months now I have been trying out 360 total security and seems just as good, perhaps even a bit too aggressive in some cases.

[Astra.Xtreme]

Common sense goes a lot further than 10 layers of software protection.  Somebody that has no restraint from clicking on things will always find a way to get infected no matter how much AV they have.  Same as somebody without anything, but is highly aware of what's fishy and places not to go.  It's worked fine for me since the Windows 98 days.

For the average user, give them a reputable AV program, make sure Windows auto-updates, and wish them good luck.  That's about as much as we can control.

[Gotenks98]

This and the fact that people don't read during software installs. They click yes to all the defaults like sheeple do and virus up their computers that way.

[JustGeorge]

I personally don't use Flash/Java and run AV/Ad blocker. ABs anger websites I know, but its no longer just about blocking annoying ads. Its a security thing now. If the internet implodes because of them, then perhaps the internet we have now isn't the internet that we need.

Whitelisting apps like SecureAplus are nice, but clueless PC user will click Yes right to the scene of infection, rendering them useless. I can tell them to click No every time and it won't matter. It's handy for savvy people like us though

[oldtimefighter]

Simple: just visit the Huffington Post website when it was serving malicious ads. Not the actual site was infected, just the ads. Didn't required to click at anything at all as well.

Using an account without admin rights...

 

No, I am not going to get infected by malicious ads as I have been using an adblocker for like almost a decade now.

You still use Windows XP or something? You can use an admin account as it doesn't run with "admin rights" as UAC has been a thing for a while now.

Edited November 25, 2015 by oldtimefighter