7 myths of safe internet browsing

Wed26Jan11

You have your anti-virus updated, browser version is latest, and don’t browse porn or other so-called dangerous sites. So you are sure you are safe online. Not really!

Though the above things definitely help you in guarding against cyber crime, they do not ensure 100% safety. The increasing proliferation of business activities on Internet has also made it a haven for criminals.

Sohphos released a report that aims to debunk some of the biggest common myths relating to safe Web browsing. Here’s what you may think ‘safe’ is really not ‘safe’ on the internet.

1. Web is safe as I’ve never been hit by malware
If you are among those who still believe that you have never been under malware attack, read this. According to the Sophos report, many web users may not even know if they are under constant malware attack.

The attacks are designed to steal personal information and passwords or use your machine for distributing spam, malware or inappropriate content without your knowledge.

2. Only porn sites are dangerous
If you think only porn and gambling sites are home to hackers, here’s a reason to worry. According to the report, the majority of infected sites are websites that you trust and visit almost daily. The report says, hijacked trusted sites represent more than 83% of malware hosting sites.

3. Only naive users get hit by viruses
Being a computer expert is not a sure shot formula to prevent you from falling victim to any cyber attack. Many attacks happen silently without any user involvement.

According to the report, malware from drive-by downloads happens automatically without any user action, other than visiting the site. Therefore, it doesn’t matter what level of computer expertise you may have.

4. I can only get infected if I download files
For those who assume that only downloading content makes them vulnerable to cyber threats, need to get facts checked.

The report says, most malware infections now occur through a “drive-by” download. Hackers inject the malicious code into the actual Web page content, then it downloads and executes automatically within the browser as a by-product of simply viewing the Web page. The malware is typically part of a professional exploit kit marketed and sold to hackers that leverages known exploits in the browser, operating system or plug-ins to infect the computer and download more malware.

And this happens without a user having to do anything other than visit a hijacked Web site.

5. Firefox is more secure than Internet Explorer
There is no fool-proof browser that can prevent you from falling prey to hackers’ trap.

The report highlights, all browsers are equally at risk because all browsers are essentially an execution environment for JavaScript, which is the programming language of the Web and therefore used by all malware authors to initiate an attack.

In addition, many exploits leverage plug-ins such as Adobe Acrobat reader software, which runs across all browsers. Although the more popular browsers may get more publicity about unpatched exploits, it’s the unpublicized exploits you should be most concerned about.

6. Lock icon in the browser means it’s secure
When the lock icon appears in the browser, many of us believe we are opening a secure site. This is because the lock icon indicates there is an SSL encrypted connection between the browser and the server to protect the interception of personal sensitive information. However, the report says it does not provide any security from malware.

In fact, it’s the opposite because most Web security products are completely blind to encrypted connections: it’s the perfect vehicle for malware to infiltrate a machine.

There have been many cases where hackers emulate bank, credit card sites complete with spoofed SSL certificates that are difficult for a user to identify as fraudulent.

7. Web security is a trade-off with freedom
While the internet has become a mission critical tool for many job functions, whether it’s Facebook for HR or Twitter for PR, it’s completely unnecessary to create a trade-off between access and security. A suitable web security solution provides the freedom to grant access to sites that your users need while keeping your organization secure. Policy settings for groups or individuals don’t need to be complex -— a few quick steps through a wizard are all a user needs to secure and enable your organization.

When evaluating a Web security solution, be sure to focus on the administration tasks you will use most often, such as establishing special policies for users or groups. How easy are these tasks? How much time do they take? How many steps are involved? Is documentation required to navigate through the process? Ask these questions and more.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: