Computer Security: Phishing, Scareware and Zombies, Oh My!

Concerned about being watched
Ed Hidden / Getty Images

What is the Safest Web Browser?

There are four major web browsers:

  • Mozilla Firefox
  • Microsoft Internet Explorer
  • Safari
  • Google Chrome

Though Internet Explorer has certainly taken a beating over the past few years, the brand has worked to redeem itself and became more secure than ever before. There is always an intense debate on which browser is faster, better and more reliable, but the truth is, across the board, all of the four major browsers are on almost equal footing in speed, security, and reliability.

Internet Explorer has a security protocol where a Windows user updates their machine with Windows Update. Firefox offers a safety feature that automatically scans all programs and files for malware and viruses. Chrome is seen as more website-friendly, as it usually does better than Firefox when it comes to the website display.

Each browser has set security features that require the attention of the user, and these may or may not be enabled by default:

  • All pop-up blockers should be enabled
  • Users should determine if a browser should remember passwords for websites, as well as enable a master password. For the record, I am not a fan or storing these passwords.
  • Users should select whether the browser downloads content automatically or manually, as well as where data storage should occur. In most cases, I advise against automatic downloads.

Generally, users can set the browser to automatically update, but I prefer to get a notification that helps me to determine what changes will occur to my browser, and or computer.

There may be changes in functionality that I want to be aware of, too, as well as if there will be compatibility issues with any of my browser plug-ins.

Is a Wireless or Wired Internet Connection Better?

A very simple way to illustrate the difference in the security between wireless and wired Internet connections is to simply compare the connection to a phone cord.

When a phone has a wired connection to the cord, it is more secure. On the other hand, a handheld, cordless or wireless telephone conversation and be intercepted by scanning tools. Of course, it is possible to tap a wired connection, but to do this, hard wired or internal access is required.

It is similar with wireless and wired Internet connections: when your computer is directly connection to a modern cable or wire, the signal cannot easily be intercepted. However, a wireless is less secure, the wireless signal is hackable, and the data and info that is being transferred are ripe for stealing.

Preventing Your Computer From Becoming a Zombie

Both small businesses and consumers have adopted relaxed security practices that give scammers a perfect base from which to launch their attacks. This allows them to create botnets without the threat of being detected. Hackers then use botnets to send phishing and spam emails and to deliver malware and viruses.

A botnet can consist of as few as ten computers, or they can number into the tens or even hundreds of thousands. Millions of personal computers have the potential to be part of botnets. Computers that do not have the proper security are at risk of turning into bots, or a zombie.

Certain behaviors from users may also invite attacks to happen. These include:

  • Visiting pornographic websites
  • Surfing gaming websites that are hosted in foreign countries
  • Downloading content from Peer-2-peer websites.

Keep in mind that there is no honor among thieves, which means you should not engage in any risky behavior online that could invite an attack, such as downloading pirated content.

Computers that have outdated, old or unsupported operating systems, such as versions of Windows older, including Windows XP, are very vulnerable. Additionally, when you use outdated browsers, such as old versions of Firefox or Internet Explorer, it makes it easier for the bad guys to hack into your computer.

To keep your PC well protected, make sure to keep all security patches up to date by automatically installing service packs through Windows Update, or upgrade to the latest Mac or Windows OS.

Make sure that you also set automatic updates on your antivirus software, too.

Are Macs safer?

For Mac users, the OS usually is quick to respond to online threats, and it automatically delivers any required security updates. Historically, Mac users haven’t been as vulnerable to the threats and viruses that PC users have been, but the Internet has recently leveled that playing field. This means that Mac users are just as susceptible to the online risks out there as PC users are. With the increasing popularity of the Apple OS, thieves and hackers are focusing efforts to create attacks that work on Macs.

The Apple Security Update page instructs users always to make sure they are running the newest version of the system software. Apple releases security updates regularly, and as a Mac user, the best thing you can do is make sure that the latest software is installed, as it will improve the security of the system.

Phishing, Typosquatting, and Scareware

To protect your machine from phishing, you must make sure you never click on links in an email that you do not recognize. If you believe that the email is legitimate, hold the cursor over the link to see the exact URL address. If the address is correct, the link is generally safe. Be careful, though, as it may be slightly different and look like it is correct, and this would be an instance of typosquatting. If you are not sure if the link is safe, reach out to the individual or company that sent the email or simply type the correct URL into the address bar of your browser.

If you get an email alert from websites with internal messaging systems, instead of clicking through from the email, make sure to log into the site, and then check for new messages. If receiving an email that notifies you that an online statement is available, again, do not click through on the email. Instead, go to the website directly by typing the address in manually or using a bookmark.

If you find an email in the spam folder, it is likely an indication, even if it appears to be legitimate, it is a phishing email. Many email programs and browsers include a detection system for phishing emails and spoof websites.

Keep in mind that legitimate companies will never send an email to customers that ask for you to change a password or ask you to send credit card information. If you get these emails, immediately delete them and notify the company.

McAfee has a free program called SiteAdvisor that helps to identify risky websites by color coding the sites in search results. To fish out the phishers, this is a must-have.

Protecting Yourself from Typosquatting

Not long ago, typosquatters created a website that imitates Twitter.com that is called Tvvitter.com. Instead of spelling it with a ‘W,’ these hackers put two ‘V’s’ together to form the shape of the ‘W.’ See how easy it is? These hackers sent a phishing email to several million people, many of whom clicked through from the email, and they ended up on a website that gathered their usernames and passwords instead of actually logging them into Twitter.

To avoid scams like these:

  • Look carefully at all links before clicking on them when searching online.
  • When typing an address into a browser, check the address bar to ensure you are spelling it correctly before hitting the Enter key.
  • Only do business with online retailers that you are familiar with. Bookmark their websites or take care to always type the address correctly, with no typos.

Try to use a ‘favorites’ menu when accessing sites that you frequently visit.

Protecting Yourself from Ransomware and Scareware

The best way to ensure that you are not getting locked out of your own files by ransomware is to ensure that your computer is always updated with both the latest antivirus definitions and the most current version of the chosen operating system. You can also prevent these attacks by remembering not to click on the links found within the body of an email and refraining from visiting any risky website that might contain a virus.

To protect a computer from scareware, make sure you are following these steps:

  • Always use an up-to-date browser. It doesn’t matter if you prefer Chrome, Firefox or Internet Explorer, make sure you use the latest version. At a minimum, make sure to download all of the available security updates.
  • Use the pop-up blocker on your browser. This is usually already on by default. If you don’t have pop-ups on, generally you can’t get scareware.
  • There are legitimate pop-ups out there, but if a pop-up window does not close, for a PC press Ctrl-Alt-Delete to close the browser. For a Mac, press Command-Option-Escape on the keyboard, choose the problem application and then press Force Quit. Alternatively, tap the Apple logo, found at the top left of the screen, and select the Force Quit option. Choose the problem application and click the button to close.
  • Do not click on any links in a pop-up. If the pop-up cannot be controlled, perform a hard shutdown of your computer.
  • Patience and persistence are key. Closing any pop-up window can be difficult at times, but any button you press within a pop-up may mean that you are downloading a virus.
  • Remember always to keep your antivirus software current, and set the software to download updates when they become available automatically.

Do not click on any link on a web page that suggests that it will download browser updates or security software. It possible, close the window immediate. If you cannot close the window, shut down the browser completely.