Figure 1: A brief history of computer virus prevention:

1990:
  • Write-protect your floppy disks.
  • Don’t install software you are unfamiliar with.
2000:
  • Keep your anti-virus software up to date.
  • Don’t download email attachments from people you don’t know.
2010:
  • Don’t click on anything

We are connected to the internet almost constantly these days, making the transmission of viruses, spyware, trojan horses, and worms easier than ever.  Malware, short for “malicious software”, is the general term used to describe these various types of programs intentionally conceived to steal your personal information, monitor your surfing, send spam, or just wreak havoc on your computer. And software programs and email attachments are no longer the only threats.  Any click we make in an email or on a web page can make us vulnerable.  Websites today are not simple static pages with graphics and text, but contain programming code that is used to create nifty tools like a clock, or even entire software applications like photo editing.  Opening websites that you are not familiar with can allow them to do almost anything they want to your browser, your email applications, and your computer.  Most web browsers have security features that will warn you of a potentially harmful website (and they have settings to let you control how tightly it protects your surfing), but even that is not foolproof.

Making things even more treacherous, malware creators are finding new and clever ways to trick people into clicking.  Having moved beyond the phishing scams of the 2000’s (emails designed to look like they are from a familiar sender like eBay or Paypal), they now use newsfeeds on Facebook and Twitter as well as ,  and have even found their way into advertisements on legitimate websites like the New York Times.  No matter where you go, you have to be careful where you click.  Given today’s more complex internet battlefield, here are some updated prevention tips for 2010 to help avoid these nasty landmines:

1. Only install applications from reputable sources.

This warning has been around for years and seems like common sense, but people still get caught by it.  Beware of any ad or email that offers you a “free download”.  If you feel you really must have it, do a Google search for its name and see if you can download it instead from a credible source like download.cnet.com.  And you must beware not only of software you download, but also browser add-ons, toolbars, and facebook applications.

2. Only open emails that you trust.

Believe it or not, just opening an email can be dangerous since it can contain javascript and macros just like a webpage.  Most email applications will now ask you if you “wish to display the images and other content” when you open the message, which you should allow only if you trust it.  Furthermore, the fact that you know the sender is no longer a guarantee of its safety, as some malware can automatically send emails to people in your address book, making it appear that it came from you … whom everyone trusts and adores.  Microsoft’s Hotmail in particular has had problems with this.  And, sometimes, an otherwise trustworthy friend might forward an email to you before they know it is safe (aka “I don’t know if this is real, but figured it couldn’t hurt to send!”).  If you do open an email that looks suspicious, even if it is from someone you know, for goodness sake don’t click on anything before you find out if they sent it purposefully and if it is safe.

3. Verify links before you click on them.

Ok, you’re going to have click on something eventually, but try to avoid clicking on any links you are unsure of in emails or on websites.  And even links that look perfectly valid may sometimes be fake.  You can verify where a link will actually send you by hovering over it with your mouse and looking in the status bar at the bottom of your browser.  For instance, notice that the address of the following link is different than what it says: http://www.yahoo.com.  And with the increasing use of URL shorteners like bit.ly , you can’t know for sure where a link will send you … so be sure you know from where it came.

4. Keep your computer and web browser clean.

Use an anti-virus software like AVG to scan your computer for viruses on a regular schedule and monitor your computer activity to stop threats when they occur.  Also use diagnostic software like CCleaner or Ad-Aware to periodically find and remove any adware, spyware, or malicious cookies that have been installed from your web browser.  Cookies are installed by many websites to save your preferences, but they can be used maliciously to install pop-up advertising software or steal information.  Therefore, it’s a also a good idea to clean your browser’s cache and cookies regularly (Firefox: Tools->Clear Recent History | IE: Tools->Internet Options->General Tab->Browsing History | Chrome: If you use Google Chrome, you probably know how to do this).

Browsing the web safely is much the same as being safe in real life:  Don’t go down dark alleys and don’t take candy from strangers.  If you protect yourself with the right tools and take reasonable precautions, you should have no trouble surfing safely!

Be Sociable, Share!