Last week, we discussed the three most popular security traps that the casual internet consumer might find. This week, we will look at the next three most popular traps. These situations can arise, but are not as commonly found, in day-to-day internet use.
Remember, protecting data and private files on a PC can be the most frustrating thing a normal user comes across. Every day there are more security vulnerabilities and security threats created and discovered. There are entire companies whose sole purpose is to track and report on security threats online.
The first step to protecting your PC files is understanding the threats arrayed against you and taking precautions to limit access and damage. The following sections are two of the most prevalent threats to everyday PC use.
Drive-by downloads are a common enough occurrence these days that the average internet consumer should be aware of their origin and easy ways to combat infection.
A drive-by download is an exploit of a security flaw or vulnerability in an otherwise trusted piece of software that allows the installation of malicious code. The infection can happen on any site that allows unregulated or questionable advertising and most often targets third-party programs with recently patched security holes. Hackers and criminals take advantage of PC users who are slow to install new security patches.An example of this is an exploit of a previously known Flash vulnerability, which allowed the installation of code on a simple mouse-over. PC users who had yet to update their Flash programming merely had to move their mouse pointer across an infected Flash-based ad to have the malicious code installed and activated.
The only way to stay ahead of drive-by downloading threats is to keep all of your security and antivirus programs on and up-to-date along with all other important security vulnerability patching.
Zero-day attacks exploit new security vulnerabilities that are relatively unknown or have not yet been patched. There is very little you can do against a zero-day attack beyond using the previously mentioned steps.
If you feel like more should be done to protect from zero-day attacks, then consider using a program called Malwarebytes Anti-Malware Free. This program is supposedly designed specifically for zero-day malware attacks but is not built or maintained to protect from common vulnerabilities.
Direct attacks are not that common, but in today’s world of free Wi-Fi and NSA privacy concerns it is better to be safe than sorry.
A direct attack is commonly executed by a hacker. The hacker uses a port-sniffer to find the address of an active computer and then attempt to access that computer without authorization.
The easiest way to foil attacks like this is to have an active firewall on your computer. The Windows operating system has a firewall tool that is easy to set up and configure. You can access the Windows Firewall tool by opening "Control Panel" from most Windows OS start menus, selecting "System and Security," and then clicking on "Windows Firewall." Be aware, though, that the Windows Firewall tool is programmed to only detect outside threats to your computer.