Which do you think is more likely to contain Malware: an adult website or a religious website? If you guessed an adult website, unfortunately you guessed incorrectly. As shocking as it sounds a recent study by Symantec has shown attackers have recently evolved their styles of attacks to include mainstream sites now that the adult sector has been heavily scrutinized by security researchers for years. Today, the reality of being on the web is that you are never safe. Even if you use a Mac, work in a small business, and/or are an ordinary employee at a company, you can be subject to an attack. Over 100 million pieces of Malware are being created each day, making it impossible for users to rely on anti-virus software to protect them from digital threats. Rather in order to remain safe, it is important to employ common sense to avoid threats which go undetected by conventional means.
Social engineering is the art of manipulating people into performing actions or divulging confidential information. The rise of social media has greatly changed the sphere of computer security because rather than getting messages from strangers, attackers can now send messages which appear to be from: family, friends, coworkers, or acquaintances of victims. If you’ve ever gotten a message on Facebook or Twitter saying something along the lines of “OMG did you see these shocking photos of you online?!?!” followed by a link, if clicked, that link will most likely take you to a malicious website. In this situation it is important to ask yourself, “How likely is it that someone is posting pictures of me on Twitter?” Unless you are a celebrity, chances are the link points to a malicious website.
How about apps promising to let you see who has visited your profile, or so called “dislike buttons” being readily available by installing an app. Just like the above, such apps are probably malicious. If it’s too good to be true, it probably is. In this case, core features which claim to fulfill missing features of websites must be taken with a grain of salt.
When checking your email, never click a link in any email notice pertaining to any of your online accounts. Today phishing, defined as the act of attempting to gather user information by pretending to be a trustworthy entity, attacks most commonly come in the form of emails which appear to be from: banks, social networks, online merchants, shipping companies, and virtually any business which requires customer information for transactions. Rather than clicking the links in the email, it is simply best to go directly to the company website in your own browser, and if a call is required, pull the number from their website. DO NOT trust the phone number provided in the email.
Although the facts of this article sounds alarming there are a few simple tips that, if followed, will ensure that you minimize your risk of falling victim to a digital attack. First, before clicking any links, you should make sure that they are legitimate. How is this done? Just ask yourself if you were expecting the link or if the link is along the lines of something you would receive from the sender? Second, take shortened URL’s with a grain of salt (i.e. bit.ly and Tiny URL as they can conceal malicious destinations). Third, use up to date anti-virus software from a reputable firm.
Finally, don’t give up using the internet. Although Malware and phishing attacks are common, having a hybrid of common sense and digital assistance is and always will be the best way to ensure you are protected.