Ten Misconceptions About the Safety of Online Browsing:
You have your antivirus updated, browser version is latest, and don’t browse p0rn or other so-called dangerous sites. So you are sure you are safe online. Not really! Though the above things definitely help you in guarding against cyber crime, they do not ensure 100% safety. The increasing proliferation of business activities on Internet has also made it a haven for criminals.
Sohphos has recently released a report that aims to debunk some of the biggest common myths relating to safe Web browsing. Here’s what you may think ‘safe’ is really not ‘safe’ on the internet.
1. Web is safe as I’ve never been hit by malware
If you are among those who still believe that you have never been under malware attack, read this. According to the Sophos report, many web users may not even know if they are under constant malware attack. The attacks are designed to steal personal information and passwords or use your machine for distributing spam, malware or inappropriate content without your knowledge.
2. Only p0rn sites are dangerous
If you think only p0rn and [email protected] sites are home to hackers, here’s a reason to worry. According to the report, the majority of infected sites are websites that you trust and visit almost daily. The report says, hijacked trusted sites represent more than 83% of malware hosting sites.
3. Only naive users get hit by viruses
Being a computer expert is not a sure shot formula to prevent you from falling victim to any cyber attack. Many attacks happen silently without any user involvement. Malware from drive-by downloads happens automatically without any user action, other than visiting the site. Therefore, it doesn’t matter what level of computer expertise you may have.
4. I can only get infected if I download files
For those who assume that only downloading content makes them vulnerable to cyber threats, need to get facts checked. Most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual Web page content, then it downloads and executes automatically within the browser as a by-product of simply viewing the Web page.
The malware is typically part of a professional exploit kit marketed and sold to hackers that leverages known exploits in the browser, operating system or plug-ins to infect the computer and download more malware. And this happens without a user having to do anything other than visit a hijacked Web site.
5. Firefox is more secure than Internet Explorer
In addition, many exploits leverage plug-ins such as Adobe Acrobat reader software, which runs across all browsers. Although the more popular browsers may get more publicity about unpatched exploits, it’s the unpublicized exploits you should be most concerned about.
6. Lock icon in the browser means it’s secure
When the lock icon appears in the browser, many of us believe we are opening a secure site. This is because the lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the interception of personal sensitive information. However, the report says it does not provide any security from malware.
In fact, it’s the opposite because most Web security products are completely blind to encrypted connections: it’s the perfect vehicle for malware to infiltrate a machine. There have been many cases where hackers emulate bank, credit card sites complete with spoofed SSL certificates that are difficult for a user to identify as fraudulent.
7. Web security is a trade-off with freedom
While the internet has become a mission critical tool for many job functions, whether it’s Facebook for HR or Twitter for PR, it’s completely unnecessary to create a trade-off between access and security. A suitable web security solution provides the freedom to grant access to sites that your users need while keeping your organization secure. Policy settings for groups or individuals don’t need to be complex -— a few quick steps through a wizard are all a user needs to secure and enable your organization.
When evaluating a Web security solution, be sure to focus on the administration tasks you will use most often, such as establishing special policies for users or groups. How easy are these tasks? How much time do they take? How many steps are involved? Is documentation required to navigate through the process? Ask these questions and more.
8. Installing Antivirus Software is Sufficient
Antivirus software is a commonly known requirement for Internet security. However, the myth that antivirus installed is all that is needed for protection is dangerous for Internet surfers. Installing antivirus software is the start of Internet security. Constant installation of the latest virus definition files is required. Most reputable antivirus software has monthly updates for definition files. Download them to ensure the computer can recognize newest threats.
9. Nothing Valuable is on the Computer
Even a laptop used for minor editing and writing can lead to stolen information. Although the user can often forget about it, casual use of a computer can also lead to identity theft. If the computer has a network card, and it’s used for Internet connectivity, it can lead to a breach on the machine’s security. Some users only use a computer for email retrieval. Email is a point for hackers to send phishing emails that can lead to the theft of passwords for banking and finance websites.
10. Hackers Only Target Specific People
The Department of Homeland Security disputes this train of thought. This is a common thought for home users. Several scripts are available that allow others to find security holes on a computer. These people are called “script kiddies.” Script kiddies run common programs that find the security issues on machines that don’t have the latest security patches. For the best protection, purchase an antivirus program that protects against all types of hack attacks.