There are other posters with far more expertise in this matter than I've got, and I hope some of them will kick in, but my advice is that you run
Legacy Download – Little Snitch if you're not already running it.
LS is best described as a reverse firewall, i.e. it prevents calls
OUT of your Mac without your permission, and that's effective medicine against a lot of malware. It's got a bit of a learning curve in that you've got to understand what your allowing or denying every time you click on "Allow" or "Deny", but once you've established your basic rules you can coast.
It's a bit pricey, but I imagine that it still allows a trial that, when I used it, necessitated restarting it every two hours.