This subject has probably been touched on before by myself but I wanted to write a bit more of an in depth guide on how to stay safe online and avoid viruses, phishing and other nasty malicious stuff that the Internet has to offer!

I’ve said it before, but the most important security tool you can use on your computer is common sense. Hackers are always going to find ways to bypass anti-virus software and solely relying on it for your computers protection is never a good idea. The simple fact is that no anti-virus program is ever going to catch every single virus; it’s never going to happen!

Bad neighbourhoods on the Internet

Like the real world, the Internet has some great places that are safe and full of Interesting stuff, sadly though, it also has some not so nice places that can be dangerous and put your computer at risk. Where you choose to spend your online time is important and it’s a very big factor on deciding whether you might get infected with a virus or not. Ideally, these are the types of sites you should avoid:

  • Porn sites
  • Hacking sites
  • Keygen / Crack sites
  • Some torrent sites
  • Survey incentive sites

I know what you’re thinking; “What? No porn?”, obviously this might be a hard one (no pun intended) to give up on but you would be surprised the amount of porn sites that are setup with drive-by JavaScript exploits that will attempt to infect your computer as soon as you visit them. If you do have to look at porn then stick to the more well-known sites (you know which ones I mean) and avoid straying too far.

Sites that are offering free keygens and cracks for applications and games are also very common for malicious code. You might find the keygens or cracks themselves are infected so these really are places you should avoid. The same goes for some torrent sites, I won’t start a debate on software piracy and what’s right and what’s wrong, but a lot of torrent sites have malicious intentions, and if the site doesn’t, then a lot of the files you download from them will do.

Sites like the ones I have listed above all carry a risk when you visit them, the majority will probably be ok but there are certainly plenty of bad ones in there that can leave you infected with some nasty malware or root-kit.

Malware warnings

Most web browsers nowadays have a security feature which warns you on potentially harmful websites which may contain malware. These are usually reported by users or by the spiders which crawl the web and may come across exploits in the code. Google also offer this service when you are using the search engine. An example of such a warning is the one below:

malware warnings

You are well advised to pay attention to these and subsequently not visit the site! The warnings are there for a reason and there is a very strong chance if you do visit the site you could get infected.

Downloading – the risks

This is a big factor when it comes to online safety and most people who get a virus will have done so through a file or program they downloaded off a malicious site. We should clear something up here first; you are only really at risk of viruses from executable files and script files. You CANNOT get infected by opening an image file or an audio file unless your default viewer has vulnerabilities in it. There are no viruses associated with jpeg files or mp3 files (please prove me wrong if you think otherwise!) Executables on the other hand are a prime target for virus creators. A lot of hackers may take an existing program and ‘re-pack’ it with a virus. The end file will look and operate normally but will also silently install a virus on your computer should you load it.

The important thing to remember here is to only download programs and applications from reputable websites. Be careful of certain sites that claim to scan their files for spyware and be careful of fake ‘spyware-free’ logos. You should always scan any files you download with your anti-virus software being running them. Also, try to get into the habit of running the files through an online service like virustotal. Sites like this will scan a file with a large number of anti-virus engines (virustotal use over 40 last time I checked). This gives you a much clearer picture of whether a file is infected. Your anti-virus can easily miss an infected file, but there is much greater chance of getting an accurate result if you scan it with many different engines.

virustotal interface

Security software

The bottom line is this – you should always run some kind of security software on your computer and make sure it’s updated frequently, this means daily if the vendor releases daily updates. Some people get carried away with security software and end up having three or more different packages running at the same time doing essentially the same job. This kind of practice is only going to slow your computer down and give you no real benefit.

There are some great free solutions nowadays that offer virus / malware / spyware protection all in one, programs like Avast and Avira are my personal recommendations. Avast have a good total internet security package which is usually worth shelling out a few bucks for. Failing that, the free version will suffice in most situations.

I usually run a weekly scan of malwarebytes as well to make sure I don’t have anything that my anti-virus program didn’t pick up on, it doesn’t take long and is usually worthwhile doing (just make sure you update it first!).

That’s it for now; I will be writing a part two to this guide which will include a look at firewalls, emails and web browser security.

 

Share