Network Security Best Practices for Internet Users – 

The U.S. Department of Homeland Security, in a bulletin issued 1 December 2016, recommended several security steps and actions especially for Windows computer users.

The LMLP encourages all LeverettNet subscribers—Mac and Windows—to follow best practices to protect their equipment and information from malware, phishing, and other scams.

Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses. Even though [malware may be] designed to evade detection, security companies are continuously updating their software to counter these advanced threats. Therefore, it is important to keep your anti-virus software up-to-date. If you suspect you may be a victim of … malware, update your anti-virus software definitions and run a full-system scan. (See Understanding Anti-Virus Software for more information.)

Avoid clicking links in email – Attackers have become very skilled at making phishing emails look legitimate. Users should ensure the link is legitimate by typing the link into a new browser (see Avoiding Social Engineering and Phishing Attacks for more information).

Change your passwords if you think they may have been compromised. (See Choosing and Protecting Passwords for more information.)

Keep your operating system and application software up-to-date – Install software patches so that attackers cannot take advantage of known problems or vulnerabilities. You should enable automatic updates of the operating system if this option is available. (See Understanding Patches for more information.)

Use anti-malware tools – Using a legitimate program that identifies and removes malware can help eliminate an infection. Users can consider employing a remediation tool. A non-exhaustive list of examples is provided [at the bottom of this Homeland Security bulletin]. The U.S. Government does not endorse or support any particular product or vendor.

Source: Avalanche (crimeware-as-a-service infrastructure) | US-CERT