Answers to frequently asked questions

General questions

Technical questions

General Questions

What does «Swiss Internet Security Alliance» (SISA) mean?
The «Swiss Internet Security Alliance» is an initiative by Swiss ISPs, the domain registry for .ch and .li, Swiss banks, hosters, partners from the security industry and academia. The members share the common goal of reducing the number of malware infected computers ins Switzerland by enabling users to fix issues easily themselves. If members suspect an issue with one of their customers they send him or her to the same SISA check.
For individual support please contact your ISP or any IT-expert.

How much does it cost to use the services?
All content and checks are free to use. Extended licenses for the scanners must be purchased.

How does my internet service provider (ISP) if he suspect a malware infection of my computer
Members use different channels such as online messages, e-mails, letters, sms etc to inform customers.

Will my ISP inform me about any infections he finds?
You ISP does not have access to your computer. He thus will only be able to recognize malware that communicates through known channels on the internet.

Do SISA and its members collect personal date from me?
Neither SISA, its members nor any SISA partners collect any kind of personal data about you. The initiative wants to reduce malware infections in Switzerland. If you computer is infected by malware it is likely that this is recognized by security researchers or ISPs due to specific communication patters. ISPs, by law, are required to store when you accessed the internet for six month and is thus able to inform you.

Technical Questions

What is a botnet?
A botnet is a, possibly large, number of malware infected devices (PCs, mobil devices, etc) governed by a single criminal. They are typically used to commit further crimes.

These criminals use your internet connection and your computer for their illegal purposes. For example to send spam, conduct a denial of service attack or steal your personal data such as passwords, credit card numbers etc.

Operators of botnets strive to enlarge their "assets" and sell or rent them in the underground market.

Estimates suggest that up to 1/4 of all computers connected to the internet are part of a botnet and thus controlled by criminals. Botnets are the fundamental infrastructure on which cyber criminals conduct their evil business. Botnets generate millions of stolen revenue for their owners.

What is malware?
Malware is an abbreviation for malicious software. It hides on computers to serve its owners (See botnet above). Malware today is written by professional IT specialist and comes manuals, updates extension and so on. Different types of malware are:

How is my computers a infected?
Boitnets expand by installing more bots on more computers. There are different means to do this:

  • Infected e-mails:
    An e-mail tries to lure the victim into opening a malicious document or click on a malicious link. If the victim does so malware is installed on his computer. In many cases these e-mails pretend to come from trustworthy sources , e.g. a bank or promises access to "interesting" information, e.g. a bill.
  • Downloads:
    Malware can be integrated into legitimate programs that are made available for download on the internet, typically for free. Installing this software also installs the malware. Such programs called Trojans. Thus only download legitimate software from the vendors original website, and check the download with a virus scanner before installing it.
  • Exploits:
    Exploits use security holes in your web browser, software or operating system. This can happen by opening specially prepared documents (that you received by mail) of by visiting a malicious website. This is called a Drive-By attack.
  • Drive-by Attacke
    In a Drive-By attack a security hole in a web browser or a browser plugin is used to install malware. Most Drive-By websites are hacked, legitimate webpages.

Why are malware infected computers dangerous?
A infected system can be used by criminals for various purposes, such as:

  • Sending Spam:
    The infected computer sends spam. A large botnet can send millions of spam messages per day. .
  • Denial of Service attacks
    If all members of a botnet access a resource, e.g. a website, at the same time, chances are that it wil collap under the load of the millions of often meaningless requests. These distributed denial of Service (DDoS) attacks are often usd to extort money from the victims.
  • Proxies:
    THe infected computer acts as a gateway, a proxy, to attack some one else. Criminals thus hide their tracks.
  • Data theft:
    Most bots can read all the information an a computer and all the information a user types into a webpage. This data is often personal, e.g. passwords.
  • Storage of illegal material:
    Illegal material can be stored on hacked computers for further distribution.
  • There are only a few large botnets, but they have a computing power that often exceeds the largest super computers. In April 2009 the botnet, dubbed Mariosa, was discovered. It contained 13 million hacked systems. It was created through Drive-By attacks and manipulated files from file exchanges.

My computer is acting strangely. What should I do?
Check your computer with our Security-Check.

Why was my computer infected?
Cyber-criminals systematically look for vulnerable computers to infect them with malware. As soon as you move in the internet you should follow out security tips.

What are signs of a malware infection?
Criminals stay out of sight. Thus recognizing malware infections is not easy, not even for specialized anti virus software. If you internet connection or computer itself suddenly becomes slower, or if your browser suddenly shows strange pages and does not let you on others, chances are you're infected. But not all infections exhibit these symptoms.

How do I protect my computer from getting infected?
Check our four rules.
The following measures help you to stay safe online:

  • Careful with attachments. Never open e-mail attachments that come from unknown sources.
  • Careful with strange webpages. Never follow a link send to you for no apparent reaosn.
  • Use a ston password (Then characters, upper and lovercase, numbers, special charactes ).
  • Change you passwords periodically, at least once a year.
  • Back up your data regularly to an external disk, that you disconnect afterwards, or use a commercial online backup service.
  • Only transmit data encrypted over wireless networks.
  • Don't install software from unknown sources.
  • Be careful it an offer sounds too good to be true. Don't fall for strange offers of follow strange links.

What is a Cleaner?
Cleaners asr specialezed programs that remove certain types of malware. They are not a substitute for an up dt date anti virus suite.
More infos…

Why is there less security software for macs and Linux than for Windows systems?
The risk to become infected on a Mac or a Linux system is smaller. Cyber criminals want to optimize their earnigs and thus traget the most common platform, Windows, more often.

However times are changing and Macs and Linux systems are increasingly becoming a target for criminals. Lucily there is an increasing number apf AV products for these platforms to: Use them!

What is the difference between a second opinion scanner and a virus scanner
Second opinion scanners look for certain symptoms of a malware infection and try to remove the software that caused it. An anti virus program tries to detect malware before it is installed and avoids infection in the first place.

How long does the second opinion scanter take to check my system?
THis depends on the system and the number of installed programs. Typically a check takes only a few minutes.

Neither the Virus nor the second opinion scanner found a problem. Is my computer clean?
You can never be 100% sure that your computer is not infected. But if you regularly use our  Security-Check and follow our advice, chances are good, that your computer is and stays clean.

The scanner found a problem and fixed it. What should I do now?
Your best bet is to completely reinstall your computer, even if this is a lot of work.
But at least reboot your computer and rerun all the checks again to make sure your clean. And did we mention that you should follow our security advice?

How do I reinstall my operating system?
It depends. If you ave the original DVDs back up your user data and reinstall from the DVD. If you don;t have a DVD chances are that you system as a recovery partition. Check on your vendors webbage, the manual or the foillowing links for more information(Windows 7 / Windows 8).

What is a safe password?

  • at least ten characters
  • Mix upper, lower case and special characters as well as numbers
  • Don't use easy to guess sequences such as «asdfgh» or «45678»
  • no words from a dictionary
  • a different password for each account
  • Don't write it down or safe it unencrypted

More information…

How can I manage my passwords?
Use a password manager:
Weitere Infos…