Five internet security myths busted
Why using an anti-virus won’t keep you safe, why your favourite website may be evil and why your PC may be a hacker’s dream come true. Here's busting some internet security myths.tech reviews Updated: May 01, 2010 18:39 IST
1. I have an anti-virus so nothing can harm me
This is probably the single biggest myth about protecting yourself online. Most people think that as long as they have their virus-busting software in place, they can go on a mad clicking-spree all over the Web. “A lot of people think that they are protected as they get an anti-virus program bundled with their computers,” says Shantanu Ghosh, vice president of India product operations, Symantec, makers of the anti-virus suite, Norton. “What they don’t realise, however, is that unlike regular programs like word processors and media players, anti-virus programs need to be constantly updated.”
When Rujuta Phalke, a Mumbai professional lost some critical documents on her laptop to a virus-strike, she was astounded. “I had been running an anti-virus program for years!” she says. “And I didn’t even have a backup of my documents – I thought I was safe.”
Think of an anti-virus like a law-enforcement agency. Much like an intelligence agency needs a constant stream of information to be on the top of new and emerging threats, an anti-virus program needs new ‘virus definitions’ to protect your computer against the latest viruses. Most anti-virus makers release these updates on a daily basis.
Typically, most of the anti-virus software comes with subscription, which you need to renew every year or so. If you don’t renew it (or forget to renew it), you won’t get the latest virus definitions and will not be protected against newer viruses. Phalke, it turned out, had never renewed her subscription. “I just didn’t know!” she says.
Paid anti-virus products offer well-rounded protection, but if you would rather save some cash, there are plenty of excellent, free alternatives that offer solid basic protection, such as Microsoft Security Essentials (www.microsoft.com/ Security_Essentials), Avira AntiVir Personal (www.free-av.com) and AVG Free (free.avg.com).
2. What’s on my PC that a hacker would want?
This is exactly what Sharan Sharma, a businessman from Delhi, thought when he set up a computer at home for his son to play games on and browse the Web with. “I don’t know how it got infected,” he says. “All I know is that after I once used my credit card to buy a new game for my son online, multiple charges started appearing on my credit card statements every month. Fortunately, the amounts were not very big and once I notified my credit card company, they were able to take care of it. It was scary.”
“Malware (software that is potentially dangerous) is sophisticated these days,” says Shantanu Ghosh. Even if a single piece gets onto your computer, it will not only look at what information you keep on your hard disk (credit card details, passwords, etc), but will also know when you are visiting banking and shopping sites. “The malware will then proceed to systematically log each keystroke and send your vital information to its makers. So you are basically at the mercy of whoever wrote the malware,” he adds.
There’s an even scarier possibility. A hacker might take over your computer and turn it into a ‘bot’. This means your system will then be a part of a larger, worldwide network of bots known as a ‘botnet’ and will be used to perform a host of illegal activities – sending out spam, attacking well-known websites and scamming online shoppers – even as you play games and watch movies, blissfully unaware.
The solution? “Besides keeping your anti-virus up-to-date, use a firewall and make sure you keep your operating system updated with the critical patches that are released,” advises Ghosh.
3. My friend sent me a link, surely that’s fine?
Social networking sites are the places to share anything and everything these days. Your photos, music, blog-posts and stuff on the Web that you find interesting – you want to share it, you put it in your Facebook, Twitter or Google Buzz feeds where they rachet up hundreds of clicks from your contacts. This also makes them the best places for the bad guys to plant fake links that lead you to malicious websites. And because email addresses can be easily ‘spoofed’ by hackers, you can’t assume that an email from Facebook or Twitter is really from those sites.
Unlike the early days, Malware now uses the trusted identities of your friends in order to lull you into a false sense of safety. “Use your common sense,” says Rajiv Popli, consumer and online director for Windows, Microsoft. “If it doesn’t sound like something your friend would say, be extremely wary. If you’re unsure, try to contact them through another channel and see if the link is legit. You can no longer simply assume that because someone you know posted a link, it’s automatically safe.”
Your best defence against malicious links is to make sure that you are using the latest version of your web browser. “All the latest browsers offer stringent safety measures when it comes to malicious links,” says Popli. “This includes anti-spam and anti-phishing technologies and services that will scan links for you even before you visit them. Since we launched the latest version of our browser, we have blocked over 125 million malicious websites.”
Companies regularly plug security holes in their web browsers (and improve performance), so make sure you’re using the latest versions – Internet Explorer 8, Mozilla Firefox 3.6.3, Apple Safari 4.0.5, Google Chrome 5.0.360.0 and Opera 10.52 at the time of this writing.
4. I only visit legitimate websites. Isn’t that ok?
In September last year, visitors going to the
New York Times
website found themselves bombarded with flashy pop-ups that claimed their systems were infected with viruses. The ruse was designed to scare people into buying a clean-up utility of little or no value.
The website fixed the problem and issued a warning on its front page saying that the pop-ups were the result of an ‘unauthorised advertisement’.
“Typically, the banner ads that you see on websites (legitimate or otherwise) are not being served by the website owners themselves,” explains Ghosh. “Instead, the ads themselves are syndicated through other channels. If these channels are somehow compromised, an attacker can easily insert malicious code in the ads. Since the website has no control over what ads it displays, all hell can break loose!”
Using the latest browsers is the first step to prevent this issue. But experts say that a far more effective solution would be to use an advertisement and pop-up blocker like the free Adblock Plus program, available for Internet Explorer and Mozilla Firefox (download it fromwww.adblockplus.org).
5. I use a Mac. That’s why I’m totally safe
And finally, we come to the most exalted excuse touted by Apple fanatics across the world as the primary reason to get yourself a Mac. “You don’t need that anti-virus nonsense on a Mac,” some will say. “Macs are inherently secure by nature,” others will claim. Well, sorry to burst your bubble, Mac fans, but you’re not much better off than your Windows counterparts. While it’s true that Mac users are less targeted than Windows users, they are not immune to malware, despite what those commercials may say.
Says Ghosh: “Mac users were relatively safe till now as the Mac had negligible market share. But as Macs are becoming more and more popular, new chinks are being discovered in their armour everyday.” Since hackers generally focus their energies on the most popular platform, they have mostly targeted Windows users till now (about 92 per cent of all computers in the world use Windows).
“Operating systems like Windows and Snow Leopard (what the Mac uses) are complex things and no one can guarantee that that they are loophole-free,” says Popli. The only way to really be sure that you’re protected against these malicious programs is to run anti-malware software on your Mac, but most Mac users won’t do so, preferring to take their chances since their risk is lower. As with Microsoft, Apple too patches its systems on a regular basis, so Mac users need to make sure they are up-to-date.
Here’s a list of things all computer users MUST DO, no matter what:
Use a genuine operating system: Yes, we know that buying an original copy of Windows (or any other OS) is not exactly cheap, but chances are high that the 50-rupee-DVD-in-a-plastic-sachet you picked up from a roadside vendor is choc-a-bloc with worms, viruses and all kinds of nasties.
Secure your Wi-Fi network: Finally ditching the wires at home? Congratulations! Just make sure you take some time out to dig into the settings and secure your network with a password. (Preferably one that is not your name, your pet’s name, your child’s name or worse, your cell phone number!)
Go easy on the free stuff: Imagine you’re a kid in a candy store who has just been offered a lifetime’s supply of free candy. That’s exactly what happens when you figure out how to download free music, movies and games from popular Bittorrent websites. Not all candy is good for you though – after the sugar rush comes the viruses.
Did you know?
The first computer virus was created in 1982 by Rich Skrenta, a 15-year-old boy in Pennsylvania, US, who named it the “Elk Cloner”. Skrenta put the virus on his school’s Apple II computer from where it spread to his friends’ floppy disks and displayed his poetry every time they loaded their floppies!