A Middle Schooler’s Guide to Malware
It started with a simple download. A website forwarded me to a page with an advertisement for an Adobe Flash update that I needed; accustomed to updating my Flash Player, I clicked on the ‘Update’ button. The pop-up window asked me to enter my password, and I did without hesitation. It was only when my desktop was cleared and my screen went black that I started to wonder what on earth I had downloaded. When I restarted my computer, both my Safari and Chrome browsers were replaced by a platform I had never heard of: SearchMine. My computer was out of action for a few hours, and I came out of the experience with newfound caution and antivirus software, but I was one of the lucky cases. Malware and browser hijackers like the SearchMine malware that I downloaded can have much more serious implications for students, especially as they turn to the Internet for both their classroom and their lunch table.
Some of the world’s most potent malware programs are stretches of code that, under the facade of advertisements or downloads, quickly infect innocent computers and run malicious programs such as keyloggers. Some malware programs can even access search history, personal data, webcams, or sensitive files to be encrypted for a ransom. Games such as Fortnite and Grand Theft Auto can be exploited by malware creators, as can school platforms such as Schoology, Zoom, or Gmail. According to Westport’s Director of Technology, Natalie Carrignan, “Malware is a constant threat to all computer users.” However, malware is avoidable: with knowledge about previous malware threats and skills to combat future ones, Bedford students can remain watchful while thriving online.
According to Ms. Carrignan, the Westport Public Schools system uses an intensive vetting system to make sure that platforms used for distance learning meet state and district malware prevention and data privacy standards. However, malware threats are constantly evolving, and while corporations such as Zoom or Google release patches for vulnerable stretches of code as fast as they can, malware still has a chance of getting through security vulnerabilities. Thus, learning about possible malware threats and the strategies to avoid them is essential to maintaining a positive distance learning environment. Take Schoology for instance: if games have been downloaded on a Chromebook, potential malware in the game can hijack other vetted platforms like Schoology, displaying inappropriate advertisements. Obviously, this type of malware, which may further infringe on the user’s privacy or distance learning activities if not removed, can be taken off by not downloading games in the first place. If malware is downloaded, either antivirus software on a personal computer (which Ms. Carrignan recommends, even though it is not installed on school Chromebooks) or assistance from the Technology Department can help solve the problem. To see if extensions like games have been downloaded onto Chrome, simply click on the three dots in the upper right of the browser and find the Extensions tab; this may be under the More Tools tab. If unwanted games or extensions are found, simply click on the Remove button.
Second, Gmail can be subject to phishing scams, in which malware creators use mass emails to obtain confidential and financial information. Many of these Gmail scams seem believable, often replicating the user interface used by Google or other apps. However, the URL is often a giveaway of phishy websites: instead of starting with https:// or www., many of these websites start with data:text, a domain name that does not show the Lock icon indicating a secure platform. To check whether a link in an email is part of a phishing scam, do not click on links in emails that require a download unless they are from a teacher or a trusted peer. Even then, it may be best to confirm with that person before downloading a file that doesn’t look like other Google attachments or has a fishy URL or name.
Finally, Zoom has been the subject of intense scrutiny over the potential for third-party access to consumer webcams through malware that infiltrates holes in code. While Zoom has released multiple security updates and continues to release patches every two weeks, it does not hurt to be wary, especially regarding a platform that has come under as much controversy and was approved so recently by the Westport Public Schools system. As Zoom grows even more popular (Zoom stock has risen by 100 percent since January), more malware creators are creating fake Zoom download platforms. Before downloading Zoom, make sure to do it off of the original Zoom website, which begins with a secure https:// domain name. Even better, run Zoom on a browser instead of downloading it by entering your meeting ID on the Join page on Zoom: security updates and patches recently released by Zoom reach your computer faster if they don’t have to be manually updated.
Malware doesn’t have to be something that only school administrators handle. By taking internet safety into your own hands, you can understand your own online footprint better and even begin to change your habits to make sure that you stay safe while navigating through this challenging and new period of distance learning.