Photo - Eric Chan, Regional Technical Director for Southeast Asia & Hong Kong, Fortinet Inc.
Unified threat management (UTM) specialist Fortinet is reminding Malaysian internet users to practise 'safe surfing' to avoid socially transmitted infections (STIs).
Fortinet's regional technical director for Southeast Asia & Hong Kong Eric Chan said online STIs can cause "almost as much pain as that other kind" especially as social media has moved from sharing personal information to the potentially more risky practice of sharing links.
"Socially transmitted infections are getting more sophisticated every day," said Chan. "As a result, it is almost impossible to be 100 percent protected, unless one considers complete Internet abstinence a solution. However, by practicing safe surfing and a lot of common sense, one can greatly reduce the chances of getting infected by social media malware."
He said attacks increasingly use the installation of malware that can later be used to add one's computer to the botnet that caused the attack, causing it to grow even more powerful. "Botnets are also often used to generate online buzz for companies or individuals through social media posting, an activity known as 'like farming'."
"Today, there are a number of tricks that hackers use to get malware into one's computer including sending messages out about popular topics to get more views, making downloads appear to be from legitimate sources, such as fake updates for Flash, disabling the computer's antivirus and sending the end-user to compromised websites, as well as adding malicious extensions to one's browser that can hijack his or her social media accounts," said Chan.
Once a user has caught STI, the most commonly attacked items are the user credentials, he said. "Password theft makes the news frequently, such as the recent attack by the Pony Botnet which resulted in the theft of two million credentials for sites such as Facebook, LinkedIn, and Twitter. Having a password stolen can be risky, especially for anyone who uses the same password in multiple places, such as online shopping sites or even work computers."
How to practice 'Safe Sufing'
Chan said Fortinet's tips for practising safe surfing include:
1. Always Use (Unique) Protection
Having secure passwords goes beyond the regular precautions of mixing letters, numbers, and special characters. The most important thing is to have every password be unique to the account it is associated with. This way, having one account breached won't cause all your other accounts to be vulnerable. A good way to secure your password is to use a password manager. Password managers not only securely store your passwords but can also create new ones that are difficult to guess.
Also be sure that you have secure secret questions that you will remember but that cannot be easily guessed by casual acquaintances. For extra security, memorise incorrect answers to common security questions.
Once you have set a secure password, you should change it often and never share it. If for some reason you have to share your password, do not send this information across a network, and change it as soon as possible.
2. Virus Detection
All computers need to have anti-virus and anti-malware programs installed and kept updated. It is also recommended to scan your computer on a regular basis, especially if you often download files from the Internet.
3. Think before You Click
If you see a friend post something that seems unusual for them, don't click it! Instead, check with them to see if it's legitimate. Be especially careful about links from high profile accounts, such as celebrities, since they make great STI targets. You should also avoid clicking links in generic posts, like "hey, check this out!"
You should also keep an eye on URLs, to make sure they match where you're supposed to be. Watch out for malicious websites that will put a familiar name within their URL to fool you into thinking it's affiliated with that site. If a link uses a short URL, hover over it with your mouse to see the address in full before clicking it. Finally, if you ever see an ad for a deal that seems too good to be true, it probably is.
4. Pass Information, Not Infection
Protect yourself by protecting your friends, who are the ones most likely to put you at risk of catching an STI. Make sure they know what social malware is and what they can do to prevent them. If you ever have reason to believe that one of your contacts has had their account compromised, let them know immediately and make sure they know what to do to regain control of their account.