Cyber criminals are willing to get your data with any tool they can use.  What’s a popular, easy way for a hacker to steal your information?  By getting you to click on a corrupt link or download a malicious file when you visit a website.

According to the 2015 Internet Security Threat Report released by Symantec, a global cybersecurity solutions provider, the number of websites infected with malware has drastically declined over the last few years.  In 2014 alone, the number of websites containing malware was cut nearly in half; however, the continued threats are aggressive enough to make up for the substantial drop in volume.

Malicious site exploits don’t just target an individual user; they typically target servers.  An attack on a server poses a larger threat for any business because more of your most sensitive data is in harm’s way.  To make matters worse, malicious coders today have the capabilities to find more and more zero-day vulnerabilities, or issues/holes in the site’s code that the vendor has not discovered yet—leaving the door open to exploits that target vulnerabilities within a site or software before any defense exists against that particular attack. In a zero-day attack, a website can be infected silently with virtually no interference.

Your company is not helpless against the threat of aggressively malicious sites. Here are three proactive steps you can take today to avoid infection:

Choose a secure browser.

All browsers are not created equal.  Don’t choose a browser based simply on convenience; let the security of the browser have a significant role in your selection.  Each browser can have immense differences in the number of vulnerabilities, the number of days to patch known vulnerabilities, the included privacy features, and the percentage of users with a browser that is not up-to-date (which could leave your browser flawed, bugged, and insecure).  For example, many browsers are sandboxed, meaning the browser is separated from the rest of your computer (which keeps your PC clean if you run into a virus online); Firefox is not sandboxed.  However, according to an annual poll by Naked Security, an online computer security news publication, other features make Firefox the most trusted browser for internet privacy.  Just like other customized security solutions, you need to choose a browser based on what you do and why you do it.

Know your browser.

Many people fail to configure their browser’s security settings, believing an antivirus solution is protection enough—and in most cases, this may be true.  However, you shouldn’t write off an extra layer of free security.  Different browsers offer features like adding trusted sites, enabling a pop-up blocker, or browsing in private mode.  If you need further assistance configuring security settings, here are step-by-step instructions for Chrome, Firefox, and Internet Explorer.  Get to know your chosen browser and customize your security settings to best suit your daily browsing habits.

Watch the website.

Always be mindful of what site you are on and what the website asks of you.  Anytime you are required to share information, check the standard security features like the ‘https’ and the ‘lock’ icon in the left-hand corner of the address bar.  If both of these are present, this means the webpage is secured and your connection is encrypted.  When you’re on a website, be wary of ads, links, and downloads. Check for matching fonts in your download links and descriptions that are cohesive with the rest of the site’s copy.  Even popular websites are susceptible to malware, so don’t be fooled into thinking they aren’t.  If a call to action is too good to be true, it probably is.  If a link looks even slightly suspicious, refrain from clicking.

If you have any questions regarding online security, contact Aldridge today.  We help our clients daily with their networks and the safety of their data online. If you’re concerned your company isn’t protected, let us help you navigate the online world.

View our IT support services.

Sources

http://www.bu.edu/infosec/howtos/how-to-identify-and-protect-yourself-from-an-unsafe-website/

http://www.komando.com/tips/294711/3-ways-to-spot-a-malicious-website/all

https://securelist.com/analysis/publications/36273/browsing-malicious-websites/

http://www.pcworld.com/article/206107/most_dangerous_places_on_the_web.html