A Complete Guide to Antivirus Protection & Internet Security in 2021
Since we’re all hopelessly addicted to technology, no one wants a virus on any of their devices, be it a smart TV, laptop, smartphone, and more. Antivirus software, while it’s not 100 percent effective, is a smart way to guard against not only viruses but also malware, spoofing, and other cyber threats. However, many people don’t know where to start when it comes to antivirus software. That’s where we come in, giving you the information you need to decide which antivirus software is right for you. But first, let’s take it back to basics.
What Is Antivirus Protection?
In a nutshell, antivirus protection is software that preventatively detects, neutralizes then gets rid of malware. Using a regularly updated database of malware and viruses, it runs scans comparing a device’s files to the files in their database. It also scans the device for any suspicious behaviors that could indicate malware, which allows the software to detect malware even if it’s not already in the database. Again, no antivirus protection is 100 percent foolproof, but with up-to-date databases and behavior-based detection, the best antivirus software is your best bet against cyber attacks.
Antivirus Software Features
Now that you have an idea of what antivirus protection is, let’s break down what it does more specifically.
What Does Antivirus Software Scan For?
Antivirus software scans for a few things both on-demand and on-access. While an on-access scanner, or OAS, runs in the background of your device, an on-demand scanner, or ODS, only scans when you “demand” a scan manually or schedule scans in advance. But what exactly is the software scanning for, in the first place?
- Malware: Malware is an umbrella term that covers a number of different types of cyber threats, including ransomware, adware, and spyware. At its core, though, malware is designed to access people’s devices without their consent or awareness. Once they’ve gained access, malware is used to steal people’s personally identifiable information, which can be used for identity theft, or simply to mess with their settings. Malware can be in the form of computer worms, which are programs that duplicate themselves throughout a network to collapse it. Computer works can exist in email messages or attachments, which is why you should never click on unknown emails. There’s also trojans, malware that’s disguised as legitimate software, just like the Trojan horse, that lets hackers access and control devices. From there, the different types of malware break down as follows:
- Spyware: Spyware refers to programs that infect devices and collect the user’s information, like their bank and credit card information, names, and more. One type of spyware is keyloggers, which record keystrokes to steal credentials.
- Ransomware: People aren’t the only things that can be held ransom; devices can be held ransom, as well, if hackers hijack into a computer and block access until a ransom is paid.1
- Adware: Adware hides on devices and shows the user advertisements as well as monitors their online behavior. This helps brands create targeted advertisements based on what the user searches for.
- Scams: Scams can occur in many forms, be it text, apps, online messages, emails, websites and more. They can come in the form of unsolicited commercial or bulk email, known as UCE or UBE, commonly referred to as junk mail. And here’s a hint: most reputable services will not spam their customers with this sort of junk mail. Here are two other types of spam:
- Phishing: In a nutshell, phishing is a form of email fraud that occurs when emails contain malicious attachments to dangerous websites or downloads.2
- Pharming: Pharming is similar to phishing in that it involves fake websites and malicious code. However, rather than contacting users via email, pharming occurs when that malicious code is inserted directly onto a computer or server, bringing users to fake websites without them clicking anything.
- Spoofing: Spoofing happens when a person pretends to be someone else to get a user’s credentials so they can access their systems, steal information and spread malware. This can be done through email, websites, texts, GPS, and other methods.
- Remote access attacks: Next to last, remote access attacks are malicious actions that target either one or an entire network of computers. Rather than affecting the computers themselves, these attacks find the machine’s vulnerable points to view and steal data, introduce malware and viruses, and more.
Note: Remote access attacks are also known as remote exploit attacks.
- Viruses: Finally, a virus is any malicious code or program that attaches itself to legitimate files or programs and corrupts data, harming the software itself.
How Antivirus Software Prevents Cyber Threats
Now that you know everything to be concerned about when it comes to cyber threats, here’s exactly how antivirus software can stop them from happening in the first place.
- Reactive file scanning: Before you open any new file, antivirus software scans it against a database of known malware.
- Complete system scans: On top of that, the software will also scan entire devices for compromised data, although this process takes much longer than scanning individual files.
- Web browsing protection: Files aren’t the only things that can contain viruses. The best antivirus software will also scan URLs and web pages for potential risks.
- Real-time prevention: Not only will antivirus software scan for threats on-demand, but it’ll also do so automatically and constantly to prevent malware from taking shape.
- Rapid infection and threat removal: If the antivirus software finds malware, it’ll quarantine the malicious files in a safe folder, letting the user review them manually.
- Threat detection rates: When it comes to antivirus software, the chance of it detecting threats is entirely dependent on its database. Each company maintains its own database of malware, which they update constantly, known as a known-threat database. The detection rate is how accurate the software labels clean files versus potential threats, taking into consideration false positives and false negatives. Companies like AV-TEST, NSS Labs and A.V Comparatives are independent and verified labs that can vouch for these rates, as they test antivirus software on multiple devices and operating systems.
How Antivirus Software Detects Cyber Threats
We know that antivirus software uses a database of malware to look out for your device, but just how does it detect threats?
- Behavior-based detection: These days, most antivirus software uses behavior-based detection in addition to signature analysis, which we detailed below. Behavior-based detection looks for code that can make changes to devices without permission, or anything that seems suspicious. Unlike signature analysis, behavior-based detection doesn’t rely solely on a database of known malware but can also detect new malware.
- Signature analysis: Signature analysis, in comparison, compares the signature or “fingerprint” of threats to their malware databases. However, if the threat isn’t already in the database, then signature analysis cannot detect it on their own, which is why so many softwares have switched to a behavior-based method.
- Heuristic-based scanning: This type of scanning detects something called “polymorphic viruses,” essentially malware with code that changes to avoid detection.
Machine learning: In order to identify threats, machine learning processes files’ data to detect patterns using computing power.
- In-memory scanning: In-memory scanning just means that potential threats are examined after they’re already on a computer or device.
Sandboxing: Finally, sandboxing, otherwise known as quarantining, means segrating suspicious files in a safe part of an operating system so that they can’t attack the rest of the device.
Antivirus Software Extras
Along with the main features of antivirus software, many companies bundle this software with other services, including VPNs, identity theft protection, parental controls and more. However, you may have to pay more, if the antivirus software is available on its own.
- Parental controls: Parental controls typically let parents control what their children are seeing online, what they can search, and how much they’re using certain devices.
- Firewalls or network protection: Firewalls scan not only devices for threats, but also their entire networks; these are usually bundled with antivirus software for free, although sometimes they’re included only in more advanced packages. In essence, network protection scans your network for devices and alerts you of any potential invasions.3
- Secure browser: Secure browsers differ from software to software, but at the minimum, they’ll make sure that you don’t go to any malicious websites or click on malicious attachments.
- Password manager: Password managers will store all of your usernames and passwords in an encrypted vault. They will also perform a password audit and generate new passwords for any that are old, weak or repeated.
Pro Tip: Is your password good enough to truly protect your account? Use our free password strength checker to find out.
- Encrypted cloud storage: Some packages include a finite amount of encrypted cloud storage for any type of file that contains sensitive information.
- System performance optimization: In order to boost your browsing speed and keep all of your programs up to date, some software offers optimization tools, although we generally believe that these are unnecessary to pay extra for. Instead, set your preferences to update software automatically, and manually clean out your files to clear up some space.
- Identity theft protection: Some software also offers identity theft protection, software that will scan key criminal and financial areas for your credentials. Sometimes, this program also includes identity theft insurance.
- VPN: Last but not least, VPNs are Virtual Private Networks that hide devices’ private IP addresses and encrypt their web activity, making them less susceptible to hacking. Learn more in our best VPN review.
How We Test Antivirus Software
In order to protect your computer from viruses, you want antivirus software, but you can’t test it out without compromising your device…right? Exactly. That’s why we test out antivirus software not only for its general usability and features, but also for its ability to detect malware and viruses.
- Malware: To see how well the software detected malware, we use test results from AV-TEST, which displays results for the most “widespread and prevalent” malware in terms of a percentage detected.
- Viruses: We test out the virus detection ourselves using five different file types that contain viruses, which we download but do not open. Then, we run the software’s full device scan to see how many of the viruses it detected, which we compare to the results of over 40 other softwares.
While antivirus software can appear intimidating and confusing, it’s actually a lot less complicated than you probably make it out to be. Plus, once you download the software and turn on automatic scans, there’s very little work that you’ll have to do in terms of upkeep, making antivirus software fall into the “set it and forget it” variety of services.
Frequently Asked Questions
Still have some important questions regarding antivirus software in general? We’re happy to answer your questions.
What is the best free antivirus?
The best free antivirus software is AVG. Its free plan covers one Mac and detects spyware, ransomware, malware, viruses, and unsafe downloads, attachments and links. It also scans networks for threats.
Is it worth paying for virus protection?
It is worth paying for virus protection if you want coverage on all of your devices and detection for things like phishing. Usually, free subscriptions have some limits compared to paid versions, such as on the amount of devices connected or the types of threats detected.
What is the best antivirus for Windows 10?
The best antivirus software for Windows 10 is Trend Micro, which costs either $29.95 for one year or $59.90 for two years. The software scans your device for malicious behaviors and has a firewall booster as well.
Does Windows 10 come with virus protection?
Windows 10 does come with virus protection in the form of Windows Security Microsoft Defender Antivirus, built into their devices from the start .The software scans your computer for malware, security threats and viruses and updates itself automatically with the latest threat prevention. However, if you want to use a different antivirus software, Microsoft Defender Antivirus will be shut down automatically.
BBVA. (2019). Antivirus software guide: what are they for and how to use them.
Indiana University. (2020). About spam.
Kaspersky. (2020). What to Look for In an Antivirus Software: Choosing Protection for an Android, Mac or Windows System.