A browser pop-up appears warning that your computer is severely infected and you must call a phone number immediately to fix it. What is the most accurate interpretation?
AYour antivirus has detected an infection and is alerting you through the browser
BThis is almost certainly scareware — a social engineering attempt to trick you into installing malware or giving a scammer access to your computer
CYour operating system has detected a critical security breach that requires immediate phone support
DA drive-by download has already infected your computer and you must act quickly
Legitimate antivirus software does not deliver alerts through browser pop-ups, and no genuine security system requires you to call a phone number. This is a textbook scareware attack: the goal is to frighten you into calling scammers (who will then install real malware or steal credentials) or clicking an install button. The pop-up itself is not malware — your computer may be fine. The correct response is to close the tab without interacting with it.
Question 2 Multiple Choice
You download a free PDF converter found via a web search. Your antivirus does not flag it. After installation, you notice new browser toolbars and redirected searches. Which malware category best describes this?
ARansomware — the software has encrypted your files for payment
BA virus — the software self-replicated across your other files
CAdware or a trojan — the software posed as a useful utility but delivered unwanted software alongside it
DSpyware — the software is silently recording your keystrokes
Browser toolbars and redirected searches are classic symptoms of adware, often bundled with trojans — software that presents as legitimate while carrying a hidden payload. The antivirus not flagging it doesn't mean it's safe: signature-based detection misses bundled adware that is technically 'disclosed' in fine print, and new variants evade detection until signatures are updated. This illustrates why free software from unknown publishers is risky regardless of antivirus clearance.
Question 3 True / False
Modern malware generally produces obvious symptoms like computer slowness or unexpected pop-ups, making it detectable without antivirus software.
TTrue
FFalse
Answer: False
Modern spyware is specifically designed to remain invisible while silently collecting data — keystrokes, screenshots, browsing history, credentials. A well-designed information-stealing trojan may cause no perceptible slowdown and generate no pop-ups. Assuming 'no symptoms means no infection' is exactly the behavior sophisticated malware authors rely on. Antivirus software running behavioral analysis in the background is the practical defense against symptom-free malware.
Question 4 True / False
Quarantining a file flagged by antivirus is safer than immediately deleting it because quarantine is reversible, allowing you to verify whether the detection is a false positive.
TTrue
FFalse
Answer: True
Legitimate software occasionally triggers false positives — a developer tool or custom script might have behavioral characteristics resembling malware. Quarantine moves the file to an isolated location where it cannot execute, preventing harm while preserving the option to restore it. Deletion is permanent. The recommended procedure is to quarantine, then search the detection name to see if others report it as genuine malware or a known false positive. This 30-second check can prevent accidentally deleting software you need.
Question 5 Short Answer
Antivirus software provides strong protection against malware. Why is cautious user behavior still considered the most important defense?
Think about your answer, then reveal below.
Model answer: The most common malware delivery mechanism is social engineering — convincing a user to voluntarily run malicious software. An email attachment from a 'bank,' a download from a misleading search result, a pop-up claiming your computer is infected: these succeed by getting the user to click, install, or enable something. Antivirus can only detect malware after it reaches your device, and signature detection is blind to brand-new threats. It cannot prevent you from voluntarily running a trojan. A user who evaluates suspicious requests skeptically and avoids unsolicited downloads reduces the attack surface that no software can close.
Technical defenses operate after an attack has begun; behavioral defenses prevent it from beginning. The attacker's goal in social engineering is to get you inside the technical perimeter — once you've clicked 'run,' antivirus is your last line of defense rather than your first. Understanding this shifts the most important security resource from software to judgment.