As the recent Symantec ISTR brief shows, the internet is filled with a lot of bad people. These new breed of hackers and malicious code writers aren’t looking for fame or notoriety – they’re looking for cash. Cold, hard cash. They do this by any means necessary – by infiltrating your personal networks, your social networks, the places you hang out in virtually – and take your identity and your cash. As the massive data breach in Sony’s PSN shows, even the big boys aren’t safe. There are ways to protect yourself online, and most of it doesn’t require expensive antivirus software and whatever. All it requires is for you to be alert and practice a lot of common sense.
First thing you have to do – change your passwords. Seriously, if you’re the type of guy to have a single username and password across every account you own, from Facebook to Gmail, change it, now. One of the main reasons of hackers and people who break into forums and community sites is to farm usernames and passwords. It’s human nature to be lazy and use the same username and password across all the sites you go to, and it’s exactly that nature that these people prey on.
Have at least two email accounts – one for serious things like your Facebook and financial stuff, and one to join groups, forums and other sites. The rationale behind this is that your second account is your throwaway email – if it gets compromised, it’s not a big thing, most they’ll get is your forum account registration to My Little Pony, not your Facebook password or anything embarrassing.
Speaking of Facebook, here’s something that you need to put in your head, right quick. There is no application to see who viewed your profile. There is no [INSERT FAMOUS STAR HERE] sex video that’s only viewable through Facebook. Those are all scams, spams and malicious links that compromise your account when you click on them. If you feel the urge, stop. Don’t. It’s the easiest way to gain control of an account, and it doesn’t take a lot of effort, since it prey’s on people’s natural sense of curiosity. Facebook is a particularly easy place to spread these links, because of its very nature – people can start farming information about you and the social groups that you hang out in and tailor specific attacks and viruses to your social group and interests because a lot of the information you put in Facebook is public. You want better security? Lock your account down to just your acquaintances and people you know personally. Another thing: don’t blindly go to short URL links that people link you through chat. If someone you’ve not spoken to in awhile pops up in your chatbox and asks you to visit a link, stop. Ask him/her what the link is for. Chances are his/her account has already been compromised and is sending out automated scripts to further spread malware.
For the love of god, STOP forwarding chain letters in email. Sure, it’s funny and hey, we can all use a good laugh now and again, but it’s extremely easy for people to include malicious links in the email chain, and even in the pictures themselves. It’s one of the reasons why Gmail and other email providers asks you for permission to show the pictures in emails. You need to stop the chain before it goes any further.
Another thing you need to remember when you’re browsing your email is that financial institutions, game servers and whatever don’t ask for your username and password through email. Those kinds of emails are usually phishing scams – they usually say that there’s a problem in your account, and link you to the site in question to “verify” your username and password. Remember, if there’s a problem in your account, you’ll want to log in through your browser by typing the site in question – never follow the links in your email.
Last but not the least, always keep your antivirus program up to date, and keep your OS updated to guard you against vulnerabilities.