Phishing counter measures

Do not forget to turn on the phishing facility that comes with the IE 7.0 browser. Most of the users turn off this facility thinking this is reducing the performance. But this is actually protecting you from getting hooked on to malicious websites. Security comes with a small cost to pay but it is worth paying that .

Protecting yourself from Malicious Website-Based malware

Users when surfing the Internet bring malware into the home based networks. Email links are sent to the user to perform a client-side exploit and when clicked loads various types of malware on their systems. Install the latest security updates on a daily basis for all applications you use and keep your system free of any exploits.

Use antimalware tools from security vendors to defend yourself from these malwares. However, thse tools are only as good as the system they are protecting. A vulnerable or infected system will bring down the antimalware tool and prevent it from protecting the operating system from further infection. Upgrade your browser if you have not yet done so because today's browsers (Google chrome, Firefox,...)do warn you if the site you are visiting is a suspected malicious site.

Filter your HTTP traffic

Today 1 in 20 websites are malicious. You visit them and you are bound to download trojan or malicious software than can give control of your system and resources to bad guys. When choosing an antivirus verify if it supports filtering HTTP traffic to malicious sites. Also your keep your browsers which ever you use upto date with patches as the exploits in these browsers are most commonly used as an attack platform to gain control on the systems.

Spear phishing

The most deadly form of email exploits today are known as spear phishing or rock phishing. This is where the malware distributor or writer sends out a skillfully crafted email from either a forged address, which the user in the organization trusts, and/or from an organization known to the user.

Combat Email threats to protect your information

When checking mails in your inbox understanding them is the most important step towards protecting you from malware infections. You should enable view file extensions to check if these belong to any of the well known malware categories and are able to take control of your system. Ofcourse google is always there for searching if you suspect the files attached in your mails are malware.

Never open an executable file type from anyone unless you have requested that file, espeically since malware will typically come from someone you know. Anytime you would like to receive an exe or zip file, then request your friends or colleagues to rename the extension of the file and send it to you. Delete key is your best friend for suspicious attachments and mails. Don't think when you need to use it.

Always patch your systems and check for updates. Preferable would be to use systems that provide push updates rather than clients looking for updates. Windows update does look for updates when a machine is restarted or may be even logged in. Updates must be checked at least once in a day. I hardly know any softwares that provide push updates. Hope the major antimalware companies would shift to push updates rather than pull options.

Emails or Attachments

Don’t open emails or attachments from even trusted sources without truly vetting them by the trusted sender. Today you are the last line of defense.