The Top Ten Most Dangerous Things You Can Do Online

Wednesday, 18 August 2010 07:48

Checking the "Keep me signed in" box on public PCs

How to protect yourself:

NEVER, ever, check the "keep me signed in" box if you're not using your personal laptop or home desktop
Be careful with work computers. Your office PC might feel "yours" but others can easily snoop when you're away from your desk. They could do something as simple as forward all your messages to their own private email account
If you just signed IN to Google, eBay, Amazon or other site from a public PC, make sure to sign OFF once you're done
Delete your browser history from the browser tools when completed to protect your privacy
Using your browser's privacy mode while browsing prevents information such as the websites you visited from being stored. Internet Explorer 8 calls it "InPrivate Browsing" and Google Chrome calls it a "New incognito window"
Never save passwords even when prompted to do so by your browser because someone else using your computer later would have access to your accounts

How to protect yourself:

Java / Adobe Reader / Adobe Flash are responsible for an astounding number of PC infections due to security exploits. The best way to avoid becoming a target is to update all three pieces of software as often as you can. Flash will prompt you automatically, but you can tell Java to search for updates daily, instead of bi-monthly. Sign in for automatic updates with Adobe Reader as well
Make sure to update your windows operating system. One way to do this is to set your windows updates to install automatically. This will reduce your exposure to hackers exploiting vulnerabilities in the windows operating system

How to protect yourself:

This one is a no-brainer. Always be cautious while accessing this material. Malware authors know that people naturally gravitate towards the sex/celebrity combo, so new attacks are targeted specifically towards this crowd
If you must, search for your news on Google News, Bing News or other aggregator. These services do a basic triage of sites, so chances are you'll be kept from reaching infected blogs/web pages
When searching on Google use https://www.google.com instead of the common http://www.google.com, which will send your search request through an encrypted SSL connection. CyberDefender has found that doing so reduces the risk of being infected from search results.

How to protect yourself:

Stick to official downloads/streams such as iTunes, Hulu and legitimate websites. Avoid torrent sites at all costs – even if legit (not malicious), some of the ads found in torrent sites could be compromised. Drive-by downloads are often found in compromised ads and can infect computers without any sort of user input. Visit site -> get infected automatically
Do not download pirated material
Do not download pirated material :)

How to protect yourself:

Like everything else "free" on the Internet, free adult content might turn out to be quite expensive. Free porn sites can be downright shady in the way they treat users. That's what makes them ideal targets for bad guys
Similar to our advice re: torrent sites. The same principle applies here: stick to paid sites. They're interested in keeping users happy, so security will be better. You'll be considerably less exposed to malware this way
Invest in a high-quality security suite such as CyberDefender's Early Detection Center 3.0, which includes
CyberDefender's Link Patrol toolbar. This browser-based utility automatically scans links for malware before users click on them

How to protect yourself:

Be careful when downloading free to play (F2P) clients. If the client software is malicious – or quality assurance happens to be spotty – you could be putting your PC at risk
Don't give out your login information to strangers. In fact, don't give out ANY kind of information, personal or not, to people you meet gaming. At the very least, you could have your virtual items stolen. At worst, you could lose real money
Avoid falling for the old "FarmVille Secrets" scam. You will either download a Trojan or expose your Facebook login info to criminals

How to protect yourself:

Carefully review your privacy settings on Facebook. Err on the side of caution – don't let "friends of friends" see your birthday, cell phone number, etc. All of these could be used in an attempt to impersonate you to credit cards, credit unions, etc
Only friends should have access to the more personal layer of information we all have. So choose your friends wisely – "serial friending" would expose you just as well

How to protect yourself:

In public places, like airports and hotels, be careful about logging into unknown (private) wireless networks. In a hotel for instance, be sure you choose the official one, not another in the neighborhood. Bad guys can eavesdrop as you use your computer, "imitating" a real, safe environment
Public settings for your laptop are a whole lot more secure – e.g. no file sharing, increased firewall settings, etc

How to protect yourself:

It's hard work to remember several different passwords, so no wonder some use the same password over and over again. But if that one password leaks out to cybercriminals, your entire online life is suddenly open to the world
Keep different passwords for different purposes. Keep email and social media passwords separate, for example
Certain browsers can also help with a "master password" that keeps a multitude of passwords in check. So even if you have different passwords for different services, you only have to remember the master password Using a tool (Roboform or Password Vault) for this purpose that encrypts password information and uses best practices to generate passwords is an even better idea

How to protect yourself:

Oldie but goodie: there's no such thing as a free lunch
If an online offer sounds too good to be true, it usually is
Avoid any kind of giveaway that's not supported in a big way by a known brand, even if it happens to be an online brand (like Zappos, for example)
Keep a security suite fully updated, since most of them can catch phishing attempts resulting from this kind of scam