How to Protect Yourself and Your Devices Online
Did you know that nearly all malicious attacks require the user’s authorization for them to be successful?
‘Really?’ you ask, ‘But then, how do so many people get affected?’ Well, because they don’t think before they click. To be more specific, they don’t read, spare a thought for the plausibility of the situation or exercise any common-sense before they click.
People are generally ‘clicker-happy junkies’. There’s no blame in this, though, because it’s common human behaviour and the ruthless, vile scum who perpetrate malicious attacks prey on common human tendencies. For example, most would click the ‘click to see Miley Cyrus naked’ button without hesitation, though we think such links have lost some of their potency in the post-twerking age. But that has not changed the common human curiosity to see other people, especially famous people, in saucy states of undress.
So how do you protect yourself? We can’t go into great detail because we don’t want this post to read like a dossier, but we will give you a general idea that you can expand on with some research, putting your clicker-happiness to some positive use. Attacks fall into two broad categories:
- Malware (includes Viruses)
- Phishing & Spam
Malware, short for malicious software, includes a broad range of evil, viruses amongst them. They commonly arrive via email attachments/downloads from the web and must be executed by the user for a successful attack.
Protect yourself by reading emails carefully before opening attachments. Verify that the email is from a trusted source. Be very cautious of generic subject lines like, ‘CHECK THIS OUT!!!’, ‘YOU WON’T BELIEVE THIS’ and the like. Ask yourself whether, in your experience, the sender would use such language. Always remember, WHEN IN DOUBT DO NOT CLICK. Be especially weary of executable files and office files. Always check that the email address of the sender is correct.
Phishing is a malicious attempt, by a third-party, to obtain sensitive information from you by masquerading as a legitimate organization. A typical scenario might go something like this; you receive an email from what appears to be Facebook Support asking you to verify your password and phone number. You are to click a link and follow the instructions and graphically, everything will appear to be legitimate.
Here’s what to look for, though. First always ask yourself, how likely is it for Facebook, or whatever the organization may be, to ask me for this? Next, check the email address and the URLs. If it is a button, hovering over it will show you the URL. This applies to pop-ups too.
Do the URL and email address make sense? In the Facebook example above:
A legitimate request might have a link like this: http://www.facebook.com/verify
But never: http://www.facebookverify.com
Or there could be subdomain used, like this: http://www.verify.facebook.com
But never: http://www.facebook.verify.com
Always make sure the domain that the URL is pointing you to is the same as the domain used by the legitimate service. This is important when verifying email addresses too. Here’s an example:
Legitimate Email Address: “firstname.lastname@example.org”
Malicious Email Address: “email@example.com”
Spam is more irritating than harmful, but it can lead to malware infections and you exchanging hard earned money for copious quantities of snake oil. No, those penile enlargement pills don’t work, you won’t find the solution to your financial problems in your inbox and no, you cannot win the lottery or anything for that matter without having actually bought the lottery or entered the draw.
We are not in any way suggesting that Antivirus software isn’t essential, but being aware of what you’re doing, reading, paying attention and thinking before you click, “SITUATIONAL AWARENESS” is the best first line of defense.
Common-sense is a method of prevention and antivirus a method of cure and as the cliché goes, prevention is better than cure.