As senior Chloe Lovato sat surfing the Web while doing her homework last year, a series of ads began popping up on her laptop. Soon, a new window popped up warning her she had a virus on her computer and included a phone number for her to call.
By inadvertently visiting a website, Lovato unknowingly installed malware, malicious software that allows a hacker to manipulate a computer, causing it to shut down, crash, drain its battery or grant access to the user’s personal information.
“There was one pop-up ad that said, ‘Hi Chloe, check this out,’” Lovato said about a personalized message from an unknown source. “It was so creepy.”
Unintentionally installing malware is common, as computer users often click on ads or links that look like they come from legitimate sources, according to Network Administrator Hoover Chan.
“There are so many different kinds, but the most common kind of malware that we run into at school is phishing,” Chan said. “Certainly inside our school, I see signs of attempts everyday.”
Phishing, luring a computer user to reveal personal information or send money, usually takes place through a link or file attachment sent through an email that the hacker wants the user to click.
“Usually you click a link of that nature, and it takes you to a site that tries to inject stuff or break into your computer,” Chan said. “To some degree, they’re trying to deny service. They’re trying to extort money or get access to money.”
The phone number that Lovato was provided appeared to be from a legitimate company, but the person Lovato spoke to was asking for hundreds of dollars and wanted to take her laptop for a few weeks, which suggests it was an act of phishing and part of the scam.
The sender often poses as a contact from the user’s address book, increasing the chance of opening the email.
“I got an email that was supposed to be from a former colleague of mine stating that she was in Turkey on business, and she was in need of some cash immediately,” chemistry teacher Roderick Mobley said. Mobley said he contacted his former colleague to confirm the email was a scam.
The best way to prevent installing malware on a computer is to think twice before clicking on links and file attachments that are sent through email, according to Chan.
“Never click on unsolicited links,” Chan said. “When in doubt, especially if it seems to come from someone you know, pick up the phone and call that person, or talk to that person directly and say ‘Hey, I got something that looks like it came from you. Did you really send it?'”
Lovato chose not to wipe her hard drive because she had unsaved data. Removing the malware under these conditions would have cost at least $800, which she put towards purchasing a new laptop.
“I should have gotten it fixed right away, but I needed a computer because it was junior year,” Lovato said. “I’m trying to find a reliable security software for my new computer.”
Fiona Mittelstaedt contributed to this story.