Ah, the Internet. It used to be that the only thing you had to worry about when you were online were viruses, which typically was prank code written by college kids seeking bragging rights.
Nowadays, online security is a big business thanks to the large numbers of threats constantly being developed by increasingly sophisticated criminal gangs. We’re definitely not in Kansas anymore. So, here are some of the most serious issues in online security and some tips to help you maintain your privacy and productivity, rather than waste time cleaning up the mess after an intrusion.
Viruses and Trojans
Viruses are still around, but their methodology has changed. Rather than compromising machines to perform some vandalism-type damage, such as corrupting files or erasing a hard drive, today’s viruses are increasingly used to take over machines for the use of the hacker. Why destroy a machine when you can use it to make money by sending out spam or discovering the owner’s financial information, right?
Trojans are particularly troublesome, as they simply lay and wait on an infected machine and then “dial home” to a server which delivers the actual payload, which as a program that allows remote control of your desktop. This means total control, with access to all files. File-sharing sites are hotbeds for Trojans, but they can also be acquired from scripts which run automatically when visiting a malicious website.
The solution is to get a robust malware program which ensures online security. There are currently two major types, Signature-based and Cloud-based programs:
- Signature-based antivirus programs are what most of us are familiar with. These include offerings from well-known companies such as Norton, McAfee, Kaspersky and AVG. The way they work is by downloading signature files, which contain information that help detect each unique virus when files are scanned. The problem with this system is that hackers are constantly developing new viruses, making systems vulnerable until the software vendor catches on, releases a new signature file and the user installs it.
- A potentially better solution is a Secure Cloud-based model, where all of the signature hosting and the scanning itself are conducted on remote servers, freeing up a machine from bloated signature files that must be constantly updated. Vendors include Symantec and Webroot, which claim to prevent infections before they make it onto a machine, rather than clean it up afterwards as in signature-based programs.
Keyloggers
Keyloggers are a subset of malware used to record everything you type, which is then normally saved to a text file and surreptitiously delivered to a hacker via the Internet. Keyloggers are typically introduced to a computer via a virus or Trojan, so maintaining a strong malware protection scheme will usually prevent keyloggers from infiltrating a system.
Other forms of keylogger delivery are apparently legal and available for purchase by anyone who wants to spy on people. One such program is Refog’s Keylogger which touts its ability to remain completely unseen and unable to be removed “by your teenage kids or the spouse.” Lovely.
The solution to something like this? Block access to anyone trying to install programs manually by requiring a password whenever your operating system is first launched, when it wakes up from “sleeping,” or when resuming from a screensaver. And make sure it’s a good, strong password!
Social Engineering & Phishing
Social engineering comes in many forms, some of which do not involve a computer at all. But one growing area of concern is social media. The Facebook experience has led many of us to put our entire lives on the Internet — family photos, political and religious beliefs, career information and even every single place we go thanks to the ability to “check in” when we visit places. It is a stalker’s paradise, and this should make you reconsider what you share online.
This goldmine of personal data can easily be used by black hats to construct a virtual “you” and cause mischief, including tricking friends and relatives into sending money or revealing account passwords. To avoid this, take a real close look at your friend list and get rid of people you really don’t know. Then, tighten up your privacy settings so that only friends can see any of your information — and avoid sharing too much in the first place.
Also part of social engineering is “phishing,” which involves fake emails ostensibly from a bank or other service provider which try to trick the end user into revealing login information, usually through some emergency claim such as “Your account needs to be verified immediately!” To protect against this, carefully read the email — any typos or weird grammar are red flags that the request is not legitimate. And never type in your password or PINs if you have the slightest doubt; call your bank or service provider to double-check first.
Conclusion
It takes an increasing amount of vigilance and common sense to avoid getting burned by the constant barrage of new exploits unleashed daily. Make sure you keep your antivirus up-to-date (or use the cloud), choose strong passwords and be wary of suspicious contacts from people you do not know.
Be safe!
How do you ensure online security in your business and life?
Photo by FreeDigitalPhotos.net.
Powered by Article Dashboard urgent care, Powered by Article Dashboard stay at home mom, Powered by Article Dashboard social issues, Powered by Article Dashboard how to care for, Powered by Article Dashboard take care of, Powered by Article Dashboard work at home based internet business, Powered by Article Dashboard chicago area, Powered by Article Dashboard international business management, Powered by Article Dashboard penal code, Powered by Article Dashboard what are the two types of software
Discussion