Maybe you’ve heard of them running a car with no oil to see how long it takes for the engine to seize? (Normally bets are taken and whoever guesses the closest time, wins.) Well how long can I browse the web without any antivirus protection whatsoever (on a PC) before I get infected? Do you really need antivirus protection? The answer to the second question is unequivocally, YES you do. But when it comes to wondering (for sheer curiosity’s sake) how long you could browse the web before becoming infected there is no definitive answer. A lot of infections come from unsafe browsing habits, and this is where we really need to step up and help people learn how to browse the web safer. You simply can’t rely on your antivirus solution to stop any and every threat. For the same reason on the road you don’t just trust every driver to drive safe. You’ve got to stay alert, and use common sense.
Perhaps a tech savvy geek may believe they could safely browse the web for days or even weeks without becoming infected. Perhaps in their arrogance they would claim they are 100% certain they would not click on any malicious links or visit any malicious URLs, they are certain they can not fall for phishing scams and would never mistype a URL and find themselves hijacked. But in real life, with us more humble folk we are ready to admit we can never be 100% certain, some links look so legitimate they may be able to fool even you! Still, there are some valuable tips you can follow to ensure you’re browsing experience is a little more safe, and charged with a bit of internet common sense.
Failure to Update : The Number one Mistake
First and foremost, the number one thing I see people failing to do is update their software. Everything from your Operating System (OS) to Java, Flash and your browser needs to be updated from time to time. Manufacturers release patches to fix vulnerabilities and other security holes which cybercriminals will use to exploit your system. It seems to me a lot of the people I talk with think that because there system appears to be working fine, there is no reason to update it. They even have turned off Windows automatic updates. So quick tip, update everything. Once you’ve ensured your Operating System is updating regularly I highly recommend Filehippo’s update checker. This fantastic little program will scan your system for installed software and let you know what version you are running and whether or not you are up to date. It will then display all the results in your browser with links to safely download the latest version of all the software on your PC. This can really simplify the update process, which by now you understand is an absolute necessity.
Learn about Social Engineering and beware!
Social Engineering is a term used to describe how cybercriminals use clever marketing and disguise their activities in behavior that appears socially popular. By ‘engineering’ you to click their links they essentially con you and manipulate you into falling for their scams. The theory made popular by Kevin Mitnick is that it is easier to trick someone into giving you their password then it is to hack the system. You can read this fantastic article, 9 Dirty Tricks Social Engineers Use to get a little more detail on how you can be aware of and avoid being socially engineered. Facebook has been a popular target of Social Engineers and the type of scams you need to watch for are applications that try to lure you in with lines such as “This person has a crush on you, click here to find out who it is.” Sophos Labs, which tracks cybercrime trends, is seeing Facebook applications that install adware, which cause pop-up ads to appear on a user’s screen. The other danger, according to Cluley, is that installing many of these applications means you give a third-party access to your personal information on your profile.
Keep your Information Private
This is simple, but you’d be surprised how many people share way too much information online. Addresses, phone numbers, social security (social insurance) numbers, and of course passwords. I advise you to have several email addresses as well, one that you use for all trusted sources and at least several others that you can use for web registrations and other things that you are possibly uncertain of. Certainly there are websites that you can trust and share information with, but you can’t trust everyone. Still, limit the information you give as much as possible. Another tip that goes along with this is keeping your vacation plans zipped up, tweeting, facebook status updates etc, about your plan to be out of the country next week is always a bad idea. It really doesn’t matter how much you trust the people you believe your sharing this information with, it can get leaked… and if your address is out there, than you’ve just invited some criminals to come over to your empty house. Be wise with your personal info!
Use Multiple Complex Passwords
There is much that can be said about passwords and, if you don’t yet understand how to create and use a complex password than I hope you’d take some time and read a few of the articles here on this site. The most significant mistake people make with passwords is using the same one on every site. You may be surprised how many people are using guessable passwords on their facebook page and the same password for their bank. Banking websites may generally be somewhat harder to hack because of their security mechanisms, but if you’re using the same password in multiple locations than cybercriminals have a lot of opportunity to gather information on you. They can utilize dictionary attacks, brute force attacks, or even potentially social engineer you for your password.
Practice Safe Email usage
Phishing scams are prolific in spam emails and it is wise to immediately develop the habit of not clicking on links in emails. Criminals send fake emails that are disguised to look like your bank, or your craigslist account. Click on the links in those emails will take you to a fake site setup to look just like the bank site you are familiar with using. When you enter your login details this information can be used by the criminals to steal and transfer funds etc. Instead make it a habit to type in the URL directly into your browser or use bookmarks that you’ve saved. If you are using the latest version of your web browser most of those come with anti-phishing filters as well.
There are many other tips one must learn in order to browse safe, and avoid malware, scareware, phishing attacks and every other threat that exists in cyberspace. Educate yourself, learn to browse safe and use a good antivirus solution such as the ones I suggest in my 2010 Free Antivirus picks. What safe browsing tips do you suggest?