In April Symantec published number 18 of its “Internet Security Threat Report” series, in which they published an infographic about 7 myths about cybersecurity on the Internet. I think they were very well chosen, but I’d like to provide some extra content, so I have chopped the infographic into pieces so I can make some comments about each myth.
1. You should be careful when you download a mobile application, and all the more so if you have Android, the most widespread mobile OS due to its easy integration with practically any hardware, except for Apple terminals. Many mobile developers complain that the App Store has exhaustive, restrictive controls, but this makes iOS the safest mobile OS (at least theoretically), even if you can always get a “bad apple” (like this one). If you go into Google Play and search “angry birds”, you’ll get more than 100 results, no more than 5 of which will be official apps of the game. And the rest? Probably more than 50% will be malicious apps that will try to access your personal data. “Sure, but I’ve got nothing to hide, I don’t care if they steal my address book or personal data”. It’s the old story: what if I tell you that malicious developers could steal your data, pretend to be you, and harass children? Still not worried? You’ve got a problem.
2. When we install a Facebook app, we normally don’t pay attention to the permissions requested before accepting the installation. Most times they ask for access to our Facebook address book and our email address, as well as to be able to publish on our wall. Imagine if that app executes a malicious code in the browser that infects your system: right there and then, you have become a “mule” that can distribute malware anywhere, as some of your friends will also install the app (thanks to the spam that it will send) and become in turn new “mules” that will distribute malware to their friends.
3. To the increase in sales of Macs should be added the increase in viruses and malware specifically created for this platform. The number of users with OSX at home/work is starting to boom, and cybercriminals are interested in doing as much damage as possible. So they use their advanced programming skills to infect as many Macs as possible and cause a global collapse. Effective Mac antiviruses are starting to be developed, such as Virusbarrier by Intego and the ESET antivirus, so I encourage you to give them a try and let me know what you think.
4. A free antivirus can offer you the security you need if you are someone who has common sense when sitting in front of your PC. However, some of us tend to be chaotic by nature and download everything we see due to our nature as software hoarders, so a slightly more professional application is preferable. As regards Ransomware viruses, such as the famous police virus, they are relatively easy to remove if you have some idea of how Windows works.
5. DNS Spoofing is a technique by which an attacker replaces the original website by another one, extremely similar, so that we enter our data believing that it’s the original website. Once we do this, the attacker has access to our account in the original website. It’s a bit more complicated, but this is the simplest explanation I can give: DNS servers help us to translate page names into their original IP addresses – otherwise we would have to enter webpage IPs directly http://22.214.171.124 instead of their names https://www.brainsins.com. That’s where this technique comes into play, as attackers deceive our computer by telling it that they are DNS servers, so that they can give us any IP they like.
I recommend not clicking on the links in suspect emails, and when you want to visit critical websites such as your email account, bank website, etc. enter the URL directly into the browser bar or use Google.
6. To decrease the risk of being infected by malware via your browser, I recommend using extensions that prevent the execution of webpage scripts, or at least ask for permission before executing them. For Chrome, you can use Scriptsafe, and NoScript for Firefox.
7. If you really want to know if your computer is infected by rootkits or undetectable viruses, which turn us into a part of massive botnets, you should carefully examine your computer’s communications. Modern antiviruses are really very good, but there are always things they can miss. [High level ON] If you want to inspect what’s going on between your PC and the web, you should use a tool called Wireshark [High level OFF].
Hope you liked it. Talk again soon!