Are You Safe Surfing the Internet?

McAfee just released their annual report talking about the dangers of surfing the Internet. In the report they highlighted the most “dangerous” online celebrities.

Fans searching for “Jessica Biel” or “Jessica Biel downloads,” “Jessica Biel wallpaper,” “Jessica Biel screen savers,” “Jessica Biel photos” and “Jessica Biel videos” have a one in five chance of landing at a Web site that’s tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware. Searching for the latest celebrity news and downloads can cause serious damage to one’s personal computer.

I know McAfee is a provider of anti-virus/malware software so they have a lot to gain by going public with this report. But software alone doesn’t make it less dangerous.

I’ve talked to a number of people who don’t worry about viruses or malware because they are using a anti-virus program and think they are safe. I even know someone who goes to sites to download music knowing that most of the downloads are infected (they get warning messages from their anti-virus program all the time). They think their anti-virus program will protect them.

No software on your computer can protect you completely. Operating systems are very complex and WILL contain bugs that hackers can exploit. Once vendors know about these holes they do try to patch them but it may be too late for some users. Anti-virus/malware programs try to protect you but they may not always be up-to-date or in some cases are not able to detect/fix the problem.

In the past most viruses/malware were spread by email attachments or clicking links in emails. Now, you can be infected by going to the wrong website. These sites take advantage of bugs/holes in the operating system or in applications like Adobe PDF reader, Flash player, etc. A while back there was a flaw in Windows where all you had to do was go to a website with an inflected photo, and your machine was infected. No piece of software on your computer would have protected you from that.

What can you do to keep from getting infected and stay safe? Buy a Mac (just kidding). Mac users don’t have the same issues with viruses and malware but that could change. Apple has put out a number of security patches for Mac OS 10.5 lately and there are rumors that they will include anti-virus software in the upcoming release of Snow Leopard. Reports on viruses for the Mac have been few but that may change as the number of users grow and hackers refocus their attacks.

So here are my tips to keep your computer safe (for both Windows and Mac):

  1. Keep your computer Operating System (OS) up-to-date. Don’t disable or put off updates your OS vendor sends. Chances are they are patching a problem that is currently being exploited.
  2. Keep your applications up-to-date. In the past you may have put off updating to the latest Adobe Reader because you didn’t see any problems with the one you’re using. Now the update may include a security fix too.
  3. Don’t click on unknown links. Be careful clicking on links in emails or social sites (like Twitter and Facebook). If your bank sends you an email saying there is a problem with your account and says “click here,” close the email and enter the bank’s website address yourself so you know you’re going to the right place.
  4. Don’t go to risky sites. Some browsers (i.e. Firefox) use a list of infected sites and will warn you if you about to go there. Google search does the same. http://googleonlinesecurity.blogspot.com/
  5. Be careful when you get a message box saying that a program wants permission to install or access one of your computer’s resources. Don’t blindly hit Yes/Ok unless you know that is what you want to do.
  6. Don’t believe message boxes that pop up when you go to a new website. A common popup is a warning that your computer is infected and you need to click this link to run a scan of your computer or download a program to remove the infection. Generally, the program you download (and install) IS the infection! Once, I ran this scan on my Mac and it told me my Windows computer was infected with a virus.
  7. Don’t reuse passwords. A lot of sites require you to sign up for an account and create a password. Don’t use your email account password for your online banking account. Get a program to manage your passwords and use a different password for each site. Most of these password programs will generate a long random password that can’t be guessed. (I use 1Password for the Mac, and Personal Passworder for Windows.)
  8. When going to secure sites, like banks or sites to purchase items, make sure you have a secure secure connection when you are about to enter sensitive information (i.e. credit card number, password, etc.). You should  look for the small padlock symbol at the bottom of your browser window and make sure the URL to the site begins with HTTPS, indicating that you are using a SSL (Secured Sockets Layer) connection. The URL should match what you are expecting. If you go to the Bank of America website make sure the URL shows  https://www.bankofamerica.com and not https://www.bankofamerica.com.myxyz.com.

I know the above list doesn’t cover everything that you should do to keep your computer safe, but I think it’s a good start.

If you’re a regular to Geek News Central, you most likely know what to do and what not to do to be safe. Do your family and friends a favor and send them a link to this post or, at the very least, talk to them about how to be safe on the Internet.

73’s, Tom