This article contains 6 security tips related to our day by day computer/mobile activities. It is with strong aim to security.
I am writing about short URL services, email messages and attachments, internet in the public network, home computer security, Bluetooth on mobile device and software installation.
As we all use our mobile devices to surf the web from almost anywhere, and we use our computer from home and/or work to read emails, watch movies and using social networks like Facebook and LinkedIn.
I wanted to give some good to know security tips that can help you improve your day by day online activities.
6 security tips you must know:
Short URLs: As many of you know, in the past several years short URL service become very popular and a lot of people over the word publish their content using a short URL.
One of the many reason they use a short URL can be to hide something in that url, it can be something legit or not.
Most of the legit URL contains a kind of id for an affiliate site or other advertising media.
In a non-legit URL it can be a direct link to a phishing site, a malware site or some other way to get something from you or to infect your device with unwanted software.
So my advices about short URLs are, if you do not know who publish the URL, do not click on it!
You can always use services that can Unshorten that URL to see what is the URL link text which might give you more idea to know if this is a legit site or not.
Email messages: I know that this is something that had been talk a lot, but still today peoples automatic open email attachment and click on inner email link or automatic running attachments.
Did you know: emails is still the 1st spread technique use by ransomware!
There is a big risk of email attachments, that can make a whole mess in your computer and even tag you as spam, by mark your IP address.
Be smart, do not automatic open an email attachment, if you want to use the attached file first download the attached file to your computer and give your antivirus a chance to scan it.
If you do not use an antivirus, download one of the free and install it.
Did you know: you can use a free online antivirus scanning service to scan file on your local device.
Do not forget that a click is all what a malware is needed to be a live – run.
If you have inner links in the email verify that the link is legit, look in the above tip for info about it.
This is a bit advanced but you can also look on the source code of the email and search for hidden HTML code or short URL in it.
Public networks: You pull out your mobile device or your laptop. Sitting in your favorite coffee shop. Connect to its free Wi-Fi network. Set it as a public network when the ‘Choose Network Type’ popup appear.
All is set and you start working on your day by day activities. Like login to your email account, Facebook and other social accounts.
I do hope that you do NOT use it also for your bank or credit card account. Hay you are in a public network you need to remember it.
Anyone can install a free and easy to use sniffer. Using it to sniff the network traffic and reveal your account names and passwords. Using it to find other needed information to log into your account. To use your identity.
Anyone with a bit of knowledge can run a tool that help him scan what other computer/devices are connected to the same network.
With the help of more easy to use, easy to find tool he can also hack into your computer and drop something on it for future use.
It can be something like a backdoor, remember public network are public to all, and you can’t tell what or who is the one that sit near to you.
Home base computer security:
Antivirus, Anti malware, firewall, OS Update and some other anti-scanner tools. I hope that most of you out there use an up to date Antivirus, free is also good.
At least another free Anti malware tool, if not, download and install one.
Tools like anti-malware protection, antivirus protection and firewall protection are your first aid. When it coming helping yourself stopping malware from infecting your system.
I can guarantee you that even with all the software installed you are still NOT 100% secure.
That due to the nature of security holes and the time it take to fix them, an example will make it clearer.
Let say that I found that there is a bug in one of the software that you use day by day – we call it vulnerability.
I can use this bug to create a code that can use this bug to gain control on your computer – we call it exploit
I can use that exploit to transfer files into your computer, or to open a way that I can use your computer – we call in shell code.
Now let put it all together. Add it some known method to do something on your computer. We got a new malware/virus that will be able to do all kind of thing on your system.
It is all depend on the developer imagination. Currently it is not know by the security tools companies. Which use a zero day hole. That hole does not have a patch/fix yet, and can be use for malicious activities.
Do you know what Bluetooth is, this is a way that you can communicate between phones in a short range.
Like every other network base connector it do have some vulnerability that allow other breaking into your mobile device.
Once they are in they may do the following:
- Steal information from it
- Record your call
- Record you keystroke.
- Transfer malware to another devices.
And yes, it is possible to transfer the malware to your home or work pc and to other device.
The thing you need to do is to turn off your Bluetooth, while it is not in use. Same for infra red if you have it.
Open your mobile settings you can find it there. Turn it off. If you want to use it, just open it. Once done close it again.
Everyone installing software on his computer, and that ok.
I am sure that lot of us, when need to do a task, search for a tool. Tool for that task, then install it on the computer. If we found a free tool it is better.
Next time when you install a tool, not from a well know publisher. Read what the tool is installing. Check if it wants to install a new toolbar. Always ask yourself do you really need that tool bar.
If I search the web about this tool. Can I find any information that might point me to reviews about the tools. Are the review positive or not. And so on.
Maybe there are articles that might give more information from users that already installed the tool, just to be safe.
Remember you can only check this before installing the new tool. After the installer had been running it might be to late to find what this tool contain. Like if it infected with some kind of malware/spyware and so on.
Did you know:
If on your search you find that uninstalling this tool can cause problem, think before installing it!
Till here it was my 6 security tips for this article. There are more security tips that will be share in the near future. As this is just the beginning.
Hello, did you meet Rootkit/Bootkit?
Now I would like to scare you a bit, do you know what rootkit are?
If not, it is basically a code that can be used to manipulate the Operation System behavior. Using some techniques like hooking. Changing the behavior of system call in the operation system.
That way it can use its own replica of a system call. Make it do whatever he want it to do.
It can work on kernel mode or user mode. Using it, it can hide object on the system like users, file, network connection, process, services and more.
One of the stronger method in rootkit is the option to hide on hardware memory. It include the BIOS, your Network Adapter, Graphic card and so on.
Why this is dangerous, well think about it. You just format your hard drive to re install the operation system, that will not help.
As soon as the installation probe your device for information, the rootkit will install itself to your computer.
BOOM your infected again. Even if you put a new hard drive it will not help.
Just something to think about…
More about rootkit and bootkit in another article that will publish soon!
Well, Hope the above security tips give you some more view on your day by day computer related activities.