The most dangerous places on the webPresentation Transcript
The Mos t Dangerous Places on the Web A presentation by J. Joel May
Your E mail Inbox • Moderately Dangerous• Email attachments carrying malware are the most common way attackers get into your computer. – Viruses – Worms – Trojan Horses – Rootkits• Phishing: The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Your E mail Inbox If you have to go there:• Delete suspicious emails with attachments• Be sure that your anti-virus software is configured to scan incoming email• Update your virus definitions files “regularly”• Look for spelling and grammar errors• Look for faked or numerical URLs – www.warstaw.ly/www.citibank.com – http://188.8.131.52/• Call the company that sent you the message, but don’t use the phone number in the email
Video Download S ites • Moderately Dangerous• Hackers exploit flaws in video players like QuickTime and Windows Media Player• These can trigger bugs that let attackers in to spy on your computer activity, plant other malware, and more• Or you may be prompted to install an additional codec which could be infected
Video Download S ites If you have to go there:• Keep your player software up to date• Avoid downloading videos at random• Stick to well-known video sites such as YouTube or to download services like iTunes
Webs ites that Us e Flas h • Moderately Dangerous• Adobe’s Flash is widely used to display video• Flash cookies can track the sites you visit• When you delete your browser cookies, Flash cookies get left behind
Webs ites that Us e Flas h If you have to go there:• Keep your Flash browser plug-ins up to date with get.adobe.com/flashplayer/
Webs ites that Us e Flas h If you have to go there:• If you use Firefox as your browser, download Better Privacy at www.pcworld.com/downloads/file/fid,80462/description• If not, go to www.macromedia.com/support/documentation/en/flashp and follow the instructions there
S oc ial Networks • Moderately Dangerous• Way too much sharing of information• Information stays on the Web permanently
S oc ial Networks If you have to go there:• This threat is easy to avoid with just a little common sense• Be mindful of what you post• Be certain to check your privacy settings
J us t A bout A ny A d-S upported S ite • Moderately Dangerous• Cybercriminals have taken out ads on popular web sites to lure in victims• Even the NY Times web site has been affected• As has Google’s Sponsored Link ad program• Ads that look like links to major companies’ websites redirect you to sites containing malware
J us t A bout A ny A d-S upported S ite If you have to go there:• Move your mouse pointer to the link and hover over it. In the lower right corner of the screen you will see the URL of the site to which a click would take you• Inspect it carefully, and if it looks suspicious, don’t go there
Twitter • Very Dangerous• Because of the 140 word limit on a “tweet,” Twitter relies heavily on shortened URLs• It is very simple to hide malware or scams behind shortened URLs
Twitter If you have to go there:• Simply don’t click on shortened links (but that takes all the fun out of it!)• Use a Twitter client app. Tweet Deck ( http://www.tweetdeck.com/desktop/) has a preview feature that lets you see the full URL• Another alternative is http://www.expandmyurl.com/
S earc h E ngines • Very Dangerous• “Search engine poisoning” is the practice of building tainted sites that are designed to rank high in a search for a given topic• Breaking news topics, facebook, and female rock, tv and movie stars are frequent examples
S earc h E ngines If you have to go there (and you do)• Pick and choose which search results to click on• Check each URL first to make sure that it really leads you to the site you want• Use tools like AVG’s Link Scanner (linkscanner.avg.com), McAfee’s SiteAdvisor (www.siteadvisor.com), or Web of Trust (www.mywot.com) to help identify malicious sites
Downloaded PDF Files • Very Dangerous• PDF files can be crafted so that they trigger bugs in Adobe Reader and Adobe Acrobat• Downloaded, they can let an attacker commandeer your PC and access your files and personal information• A newer variant can take an otherwise innocent PDF and insert malware into it• According to security firm Symantec, in 2009 attacks using malicious PDFs made up 49% of all Web-based attacks
Downloaded PDF Files If you have to go there:• Make sure you always have the latest version of Adobe Reader• Better still, use a different PDF reader – Foxit (http://www.foxitsoftware.com/pdf/reader/) – Sumatra ( http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-re ) – Nuance ( http://www.nuance.com/for-business/by-product/pdf/pdfread )
Hacked Legitimate S ites • Downright Unsafe• In a common attack method, criminals will hack a Web page, often on a legitimate site, and insert code that will download malware to your computer
Hacked Legitimate S ites If you have to go there:• Keep your security software up to date• Run regular malware scans• Try a program like WinPatrol that takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. ( http://www.winpatrol.com/)
Fake A nti-Virus Programs • Downright Unsafe• Fake anti-virus programs are contained in pop- up windows on legitimate web sites• They typically report finding a virus, even though your computer is actually clean.• The software might also fail to report viruses when your computer is infected.• Sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect
Fake A nti-Virus Programs • Downright Unsafe• Once downloaded, the trial version will nag you for a purchase• When you buy, the criminals will steal your credit information
Fake A nti-Virus Programs • Downright Unsafe• Rogue security software might also: – Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program). – Install malware that can go undetected as it steals your data. – Launch pop-up windows with false or misleading alerts. – Slow your computer or corrupt files. – Disable Windows updates or disable updates to legitimate antivirus software. – Prevent you from visiting antivirus vendor websites.
Fake A nti-Virus Programs If you have to go there:• If you get an alert saying you’re infected with malware, but it didn’t come from software you knowingly installed: – Immediately stop what you are doing – Close the browser (end the task) using Task Manager. Don’t click on the close button! – Try booting into Safe Mode and running a scan – In no case should you download the suggested software or run the suggested system check
Torrent S ites • Downright Unsafe• Most often used for sharing pirated music, videos, or software• Which can easily contain malware• By comparison, many porn sites are deemed trustworthy
Torrent S ites If you have to go there:• Don’t use your primary computer• Use anti-virus software and keep it updated• Scan downloaded files• Wait a couple of days before opening them; scan again before opening
S ome Tips forS taying Out Of Trouble
Tip #1• Ensure that you have antivirus software installed and that it is updated at least once a week, either manually or automatically. Check occasionally to ensure that it really is up to date. If your antivirus software subscription has expired, renew it as a matter of urgency.
Tip #2• Never click on a link within an email message, or download an attachment linked to an email message, unless you are 100% confident that the source can be trusted. If in doubt, just delete the message. Remember, banks never email you to ask you to log in to your account.
Tip #3• If you havent turned on the firewall in Windows, do so. To learn how to do this, click on Start, then Help and Support. Type “firewall” (no quotes) in the search box and press Enter.
Tip #4• Ensure that you have enabled the Automatic Updates feature in Windows. To learn how to do this, click on Start, then Help and Support. Type “windows updates” (no quotes) in the search box and press Enter.
Tip #5• If you have a broadband or cable router that is providing wifi access, you must enable encryption. Without encryption, neighbours and strangers can access your internet connection and, possibly, the files on your PC. WEP encryption is an older standard and is not as strong as WPA, but is better than nothing if your router doesnt support WPA.
Tip #6• If you are using your computer for online shopping, always buy from sites run by reputable companies that you trust.• If you use online banking, or other online services where security is paramount, always use a different password for each bank or site.
Tip #7• Before entering personal information such as a password or your credit card number into a web site, check that the address of the site starts with https (sometimes accompanied by a picture of a padlock).• An example:
Tip #8• If you have confidential documents stored on your PC you should therefore consider the use of an encryption program, or look up details on how to use the EFS (Encrypting File System) feature built into Windows.• (I use lockdir.exe available at http://www.filecluster.com/downloads/KaKa-Fo )
Tip #9• Make copies of all the important files that are on your computer, such as documents, emails, photographs, music tracks, video clips, and so on. The most convenient way to do this is to use an external USB hard drive or a “flash drive", depending on how much data you have. Never keep your backup near your computer.
Keeping S oftware Up to Date Secunia is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. http://secunia.com/vulnerability_scanning/onlinehttp://secunia.com/vulnerability_scanning/personal/
S ummary • Keep up on patches and version updates • Be password smart • Use security software • Back up your data regularly • If it sounds too good to be true. . .well, you know the rest • Assume that everyone is out to get youStay up-to-date, Stay paranoid, Stay protected
S ome S ites that Make it Worthwhile• YouTube (www.youtube.com)• The Drudge Report (www.drudgereport.com)• The Art Project (www.googleartproject.com)• Government Made Easy (www.usa.gov)• US1 Events Search (princetoninfo.com/index.php?option =com_us1event&Itemid=2)
This presentation is available on the Web at www.joelmay.org/presentations The E nd