Phishing and Malware
The most common threats your learners are likely to face online are links and files pretending to be something they’re not — in other words, phishing and malware. Defending against these sneaky hacking strategies is less about downloading new tools or software, and more about building up learners’ awareness and understanding.
How to: Avoid Phishing Attacks
Comprehensive guide to best practices
Animated Overview: Protecting Your Device from Hackers
A short (2.5 minutes) animation explaining malware— what it can do, how you can get malware from emails, USB, and links.
How to: Protect Yourself Against Malware
More targeted at preparatory protections from state-level actors. Good examples of phishing of sensitive targets.
Digital First Aid Kit
What to do if you suspect you’ve been targeted for phishing.
PBS’s Cybersecurity game has a phishing recognition quiz and other helpful guides:
Anticipated Questions and Answers
Q: What is the best antivirus program to use?
A: We tend to recommend using the manufacturer’s own antivirus (AV) software (Windows Defender, Apple’s built-in systems). Discussions about how badly-written anti-virus software can make things worse can be dispiriting and don’t provide solutions that participants can use.
Q: If you think you might be infected, what should you do?
A: You can go to the Digital Defenders’ First Aid Guide. It’s critical to make regular backups just in case your device gets infected. Wiping (or “factory resetting”) your phone or laptop is also important. You can learn more here: https://www.digitaldefenders.org/digitalfirstaid/#section-malware
Q: We use attachments all the time! Are you telling me I can’t send or receive documents?
A: Suggest using a shared store for frequent documents, like Dropbox or Google Drive. We talk a little about EFF’s own practices here—we send documents, but we digitally sign our own messages, and encourage external groups to upload their files where we can examine them safely. You can also highlight that this is not an all-or-nothing proposal. You can certainly send and receive documents—and while you do, it’s good, common-sense practice to be on the lookout for strange things that could indicate phishing and malware.
Q: How can I report phishing?
A: Emphasize the difference between mass phishing (like spam), and spear-phishing. Spear-phishing of a vulnerable group is something that researchers tend to be working on and interested in helping identify and prevent. You can email EFF at firstname.lastname@example.org, or call Access Now’s Digital Security Helpline (email@example.com) for assistance. The U.S. Federal Trade Commission also collects examples of mass phishing, which can be forwarded to firstname.lastname@example.org. The FTC’s phishing page explains how to include useful information in that email.
Q: I am worried I am infected with malware. Can you check?
A: There are no consistent or obvious indicators of compromise for malware; slow computers and/or batteries that drain quickly, for example, have many alternative causes. It’s very possible that an audience member may be infected with something from opening spam or generic phishing, and you can suggest installing anti-virus software to check this possibility. For most communities, it is relatively unlikely that it will be from a targeted attack by a government or other large group. If you want to reassure your questioner, you can talk a little about the labor and research costs of sending targeted phishing emails.