Saturday, January 29, 2011

myths of safe internet browsing

1 ) You have your antivirus updated, browser version is latest, and don't browse porn or other so-called dangerous sites. So you are sure you are safe online. Not really!

Though the above things definitely help you in guarding against cyber crime, they do not ensure 100% safety. The increasing proliferation of business activities on Internet has also made it a haven for criminals.


2 ) If you are among those who still believe that you have never been under malware attack, read this. According to the Sophos report, many web users may not even know if they are under constant malware attack.

The attacks are designed to steal personal information and passwords or use your machine for distributing spam, malware or inappropriate content without your knowledge.


3 ) If you think only porn and gambling sites are home to hackers, here's a reason to worry. According to the report, the majority of infected sites are websites that you trust and visit almost daily. The report says, hijacked trusted sites represent more than 83% of malware hosting sites.

4 ) Being a computer expert is not a sure shot formula to prevent you from falling victim to any cyber attack. Many attacks happen silently without any user involvement.

According to the report, malware from drive-by downloads happens automatically without any user action, other than visiting the site. Therefore, it doesn't matter what level of computer expertise you may have.

5 ) For those who assume that only downloading content makes them vulnerable to cyber threats, need to get facts checked.

The report says, most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual Web page content, then it downloads and executes automatically within the browser as a by-product of simply viewing the Web page. The malware is typically part of a professional exploit kit marketed and sold to hackers that leverages known exploits in the browser, operating system or plug-ins to infect the computer and download more malware.

And this happens without a user having to do anything other than visit a hijacked Web site.

6 ) There is no fool-proof browser that can prevent you from falling prey to hackers' trap.

The report highlights, all browsers are equally at risk because all browsers are essentially an execution environment for JavaScript, which is the programming language of the Web and therefore used by all malware authors to initiate an attack.

In addition, many exploits leverage plug-ins such as Adobe Acrobat reader software, which runs across all browsers. Although the more popular browsers may get more publicity about unpatched exploits, it's the unpublicized exploits you should be most concerned about.

7 ) When the lock icon appears in the browser, many of us believe we are opening a secure site. This is because the lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the interception of personal sensitive information. However, the report says it does not provide any security from malware.

In fact, it's the opposite because most Web security products are completely blind to encrypted connections: it's the perfect vehicle for malware to infiltrate a machine.

There have been many cases where hackers emulate bank, credit card sites complete with spoofed SSL certificates that are difficult for a user to identify as fraudulent.

8 ) While the internet has become a mission critical tool for many job functions, whether it's Facebook for HR or Twitter for PR, it's completely unnecessary to create a trade-off between access and security. A suitable web security solution provides the freedom to grant access to sites that your users need while keeping your organization secure. Policy settings for groups or individuals don’t need to be complex -— a few quick steps through a wizard are all a user needs to secure and enable your organization.

When evaluating a Web security solution, be sure to focus on the administration tasks you will use most often, such as establishing special policies for users or groups. How easy are these tasks? How much time do they take? How many steps are involved? Is documentation required to navigate through the process? Ask these questions and more.

No comments:

Post a Comment