According to the AV-Test Institute, every year, criminal hackers create over 140 million new malware programs and that number continues to rise. Malware includes viruses, worms, and Trojans – as well as some creepier-sounding varieties such as spyware, ransomware, and scareware. These malicious programs are designed to sabotage your computer, steal your sensitive information, cripple your network – and generally make us all miserable. Anyone who browses the internet is at risk, so firewall protection, anti-virus software, and anti-malware are a must for maintaining a clean system.
Malware can be very sneaky, often masquerading as “legitimate” downloads or embedding itself in other files. The good news is that making smart choices while you browse can drastically reduce your chance of infection. Your friends have at eSOZO compiled an array of strategies, including safe browsing habits, that will help you avoid the common pitfalls. With the brand new year ahead of us, let’s make 2016 “malware-free” by following these safe browsing tips:
- Mount Your Defenses
Before you even begin browsing, make sure that you have all your lines of defense in place:
- Firewalls are designed to prevent unauthorized access to your computer. Windows (versions XP and above) comes with its own firewall, which can be accessed easily via the Control Panel. Make sure your firewall is turned on for real-time protection.
- Anti-virus: Do you have anti-virus software installed and activated? Keeping your system virus-free is…free. Windows 8 and above comes with Defender anti-virus already installed. For Windows 7/XP/Vista, the free anti-virus software is called Security Essentials (Defender is included as well, but is anti-malware only). Make sure Defender/Security Essentials is “On” and updating regularly.
- Installing a 3rd party Anti-malware program is a great idea, and there are several well-respected anti-malware applications available for free. My preference is MalwareBytes because it’s updated frequently and it has been a top choice amongst reviewers for years.
- Make sure you are downloading and installing Windows Updates on a regular basis. Malicious hackers are always looking for new ways to exploit your OS, and most windows updates are security patches deployed to fix bugs which malware can exploit.
If you want to browse the web confidently, let’s start with the browser itself. Use only secure browsers with frequent security updates: Opera, Google Chrome, Mozilla Firefox.
Do not use Internet Explorer (IE). Because it’s popular and included free with (previous) Windows operating systems, it makes a more attractive target for hackers. Furthermore, several of IE’s features such as ActiveX and VBScript are highly exploitable.
What about Microsoft’s new Edge browser, which comes packed with Windows 10? Edge is clearly faster and more lightweight but as far as security goes… The jury is still out: Some say it is vastly improved over its predecessor, while others urge caution citing Edge’s significant overlapping vulnerabilities with IE11
- Beware of Flash:
Steve Jobs was famously critical of Flash, citing “reliability, security and performance” issues amongst others. And he wasn’t the only one to feel that way. In July 2015, Firefox drew attention by dropping support for the Adobe Flash plugin, with Google promptly following suit. Flash was a staple of the early internet, but these days most browsers can handle multimedia content without it.
Removing the Adobe Flash plugin will certainly make you less susceptible to malware attacks. Some popular sites (Facebook, most notably) still require the plugin to view certain content – but fortunately there is a solution available to minimize the risk: Click-to-play. Google Chrome comes with a click-to-play feature that disables the Flash plugin unless you deliberately click on the content to view it. Firefox has a similar built-in feature, though it’s a bit trickier to implement. Installing the free Flashblock extension is an easier way to get the same functionality out of Firefox.
- Block those Pop-ups
Who doesn’t hate pop-up ads? All browsers have a pop-up blocker feature these days. Enable the pop-up blocking feature in your favorite browser to avoid accidentally clicking on a pop-up, as they may lead to dangerous websites. You can also use programs like Adblock to kill pop-ups more aggressively.
Ironically, sometimes the pop-up ad disguises itself as a security alert or virus warning. Again, do not click – not even the “X” button. If closing your browser makes the “warning” go away, you can be certain it was a fake. It is also a good idea to clean out your browser’s cache, since the malware responsible for the pop-ups may be stored in cache and resurface again and again.
- Don’t Click on Ads!
It’s common sense by now that you shouldn’t click on banner ads. But some websites today are like a minefield, with ads that redirect to malicious sites disguised as “legitimate” links or buttons. They are incredibly sneaky – fake “Like” buttons, for instance. These imposters are known as Malvertisements, and they can infect even the most reputable websites.
The deceptive nature of malvertising demands that we slow down our browsing to distinguish legit links from the fake ones. Here’s how: By rolling your mouse cursor over a questionable button or link, you can see what URL it points to in your browser’s status bar (at the very bottom). If the link is directing you towards a different domain, don’t click it.
- Stick to Safe Sites
If you need to download popular applications from the internet, it’s safest to get the file directly from the developer’s website. For example, if you need Acrobat Viewer, type Adobe.com into the navigation bar and go from there. Why? Because hackers take advantage of popular search terms to lure you to unsafe sites. These faux websites usually manifest as “Sponsored Links” or high-ranking search results, and are used to distribute malware. It sounds kooky, but Consumer Reports has done the research.
Concerned? Here’s a trustworthy site that hosts the most popular free programs and packs them into one convenient installer: www.ninite.com
- Don’t Run… Download
When you download files from the internet, make sure your browser is set to ask you first before running the file. Do not run the file directly from the browser. Instead, save it to your hard drive first. Then open the folder to which it was saved and scan the file with anti-virus software first. Most anti-virus programs will provide an option to scan the file when you right-click. Don’t run the installer or executable until after your virus scan comes up clean.
- Watch that Wily Wizard
How is it that so many programs are FREE? Annoyingly, it’s often because they “monetize” their free offering by bundling with malware (usually ad- or spy-ware). When you run the Installation Wizard, you are tricked into opting-in to malware if you mindlessly click “Next.” However, if you are vigilant, you can avoid infection by choosing “Custom Install” or a hidden “No Thanks” button.
- Sharing is Daring…
It might seem obvious, but if you’re concerned about preventing malware infections it’s best to steer clear of torrent, file-sharing, and illegal download sites. The greatest risk, of course, is that you are downloading files from complete strangers. Even if you don’t end up downloading a virus outright, you’ll subject yourself to all the dangers discussed above, since torrent sites are riddled with malvertising, pop-ups, and fake links.
Keep Your Business Protected
We hope these safe browsing tips were useful and help protect the home user and business user alike from malware infections. The damaging effects of malware go far beyond slow performance and crashes. A virus infecting your company’s network, for instance, can halt productivity for a whole day or more while the culprit is quarantined. For a small business, this can be crippling.
Businesses can benefit from encouraging their employees to adhere to safe browsing behaviors. But for some businesses, the risk of a network-crippling malware attack might be too great. If your business has suffered the negative effects of an infection, or cannot afford to take chances, protecting your network with security technology is a wise precaution. For instance, eSOZO offers a Cloud Security solution that automatically detects threats and eliminates them quickly and effectively. Cloud Security is a sophisticated, compact network security product and a perfect fit for small to midsize businesses (SMBs). You can read more about it here or contact one of eSOZO’s representatives if you’re interested.
Whatever you do, make sure you and your employees are browsing safely and keep your computer systems malware-free!
Author: Aaron White, Date: 28th January 2016
Follow eSOZO on Social Media