This Site Requires JavaScript Enabled.
Action Required!
Please select your Toolkit from the left sidebar.

Step 4

Prevent Phishing
and Malware

Use these tools to strengthen your defenses against phishing attacks and better defend against malware. Start by selecting your operating system.

Phishing Overview

Common Phishing Examples

Detecting a Phishing Email

What is Ransomeware

Avoiding Ransomeware

Imagine you’re a contributor at a major television station. You’ve long been contracted to provide expert analysis on breaking news events. You’re by the station so often that the staff has even lent you a computer and carved out some desk space for you. Your work is highly specialized and sometimes requires you to download large files from around the world.

One day, you’re about to go on the air for a primetime roundtable discussion. You edit your notes, which you researched and fact-checked thoroughly, up until minutes before you go on the air. It’s no big deal. Like clockwork, you run into the studio during a commercial break, ready to grab your papers and take your seat – except this time, there are no papers in the printer. You panic a bit but have no choice but to join your fellow panelists and improvise on air.

You go live, and all is going relatively well until the teleprompter freezes. The host, without skipping a beat, announces a commercial break, hoping to fix the issue. But the commercials don’t start. All of the computers in the building have frozen and some have shut down entirely. Engineers in the control room resort to pushing physical VHS tapes into ancient hardware to keep the station on the air. The station likely suffered from a malware attack, and it probably came from one of those files you downloaded.

This story echoes one that happened in 2017 at one of the largest public broadcasters in the United States. In less than a day, all 503 employees found that their phones had stopped working, access to the Internet had frozen, and hundreds of hours of recorded interviews were rendered inaccessible. A malware attacker demanded $2,500 worth of bitcoin to return every computer to normal. The malicious software was likely introduced by a contributor or employee who was permitted to install third-party software onto a station-owned computer.

The FBI advised the station not to comply with the attacker’s demands, as it might lead to further vulnerabilities. The station’s nine IT professionals took to erasing all computers and devices, leading to months of hand-written communications and analog technologies lending to broadcast. In the end the station was able to recover but only after investing nearly half a million additional dollars into cybersecurity infrastructure.

There are many ways to prevent a situation like this. They begin with a good sense of what’s safe or not safe to do on the Internet, but there are also software solutions that can catch an issue before it spirals out of control, affecting sources and colleagues.

4.1 Anti-Virus

Select “Anti-Virus” under the Category menu, and choose any one of the tools listed to assist you in installing anti-virus software on your systems.

Narrow your search by selecting your OS
Project Galileo
Type
2
Level
0h 30min
Time

Project Galileo: Cloudflare VPN (WARP)

Use this tool to secure all of your device’s Internet traffic.

Project Galileo
Type
2
Level
0h 30min
Time

Project Galileo: Cloudflare Gateway

Use this tool to block malicious content, ransomware, phishing and gives administrators complete visibility of network traffic using DNS filtering.

Type
1
Level
0h 05min
Time

Quad9 App for Android

Use this tool on your Android device to help block you from accessing known sites that have viruses or other malware.

Quad9 Logo
Type
1
Level
0h 05min
Time

Quad9

Use this tool to prevent your computers and devices from connecting to known malicious sites.

Additional Training & Resources

Explore training courses, videos, sharable content and other resources about this toolbox topic. Browse additional training resources below.

Recently Added Phishing image on keyboard

Report Phishing Scams and Fraud

Read More
Recently Added

Check a Website

Check a website is an easy-to-use online tool which helps determine whether a website is likely to be legitimate or a scam…before...

Read More
GCA logo

GCA Cybersecurity Toolkit Workshop

This GCA workshop provides real-world scenarios and walks participants through the implementation of recommendations through...

Read More
Totem training

Totem Project | Phishing Attacks

Totem is an online platform that offers interactive courses to learn how to increase digital security and privacy. The optimal...

Read More

Umbrella

Umbrella is a free, open source security handbook app. It provides practical steps to stay secure, up-to-date security information,...

Read More

Phishing Policy

Use/customize this template to build your company's phishing policy.

Read More