All malware takes advantage of one or more known vulnerabilities on your computer. If you are connected to the Internet or even to a local computer network, or if you use CDs or other removable media that were not created on your computer, then you are vulnerable. There is no way around it. There are five primary sources for such weaknesses:
Afterthought security. Thinking about security after the fact is better than not thinking about it at all, but it’s not nearly as good as building good security into a product from the beginning. Add-ons are usually easier to bypass and break.
I said there were five primary sources of vulnerability, but I’ve only told you about four of them. That’s because I was saving the best for last: YOU!
Your behavior is the single most important factor in malware infections. If you want to avoid sports injuries, you keep yourself in good shape, stretch before and after a workout, and avoid some types of movements and activities. If you aren’t overly concerned about your safety, then by all means, point your mountain bike down the nearest rocky slope and go! Don’t forget to forget your helmet.
The same principle works for computer safety. You need to know what antivirus software you have installed on your computer. You need to keep your computer updated with the latest updates and security fixes. You need to pay attention to what kind of websites you are visiting and what kinds of advertisements you are clicking on. Sites containing pornography, games, hacking, and file sharing are far more likely to spread malware than reference and news sites. Music and social networking sites fall somewhere in between. Don’t click on advertisements. If you want to know more about a product, copy down the name and find the company’s website using your favorite search engine.
The key is to pay attention. Be aware of what you are doing on your computer, and be especially wary of anything unusual.
Spammers, phishers, and other malware creators have become very adept at tricking people into visiting malicious websites and installing malware on their own computers. Never click on a link in an email from someone you don’t know unless you are absolutely certain it is safe and the link goes exactly where it says it goes.. Never open an attachment in an email from someone you don’t know and if you weren’t expecting it. Even if your best friend sends you a link to a website, be cautious. If the message doesn’t sound quite like your friend, it might not be! If you’ve never been drunk and naked in public, then don’t click on a link to a video that claims to show you drunk and naked in public.
Pay attention to the website addresses in links, too. If a link says it goes to Microsoft, then make sure it actually goes to Microsoft’s website. Here’s how you can tell. A website address, called a URL or Uniform Resource Locator, has five basic parts.
http :// www . microsoft . com / Security_Essentials
Protocol. This tells your computer what kind of data to expect and how to interpret it. Most Internet URLs will use http or https (HyperText Transfer Protocol and HyperText Transfer Protocol Secure, respectively). You might also see ftp (File Transfer Protocol), though more rarely. The protocol indicator is followed by a colon and two forward slashes.
Server. This part specifies which computer at Microsoft contains the web page you want to view. It could have multiple parts separated by dots or it might not be there it all. It could be called just about anything, but it will never contain a slash.
Domain. This is like a company name. It will always contain a name with no dots (in the middle) or slashes. It will always end in a dot.
Top level domain. This is sort of like a country on the Internet. In fact, every country has its own top level domain. The United Kingdom has .uk, and Russia has .ru. There are also many top level domains that are international in scope, and are supposed to be used for specific purposes: .info, .com, .org, .net, et cetera. The top level domain will always be at the very end of a website address unless it is followed by a slash.
Directory and files. This tells the computer that hosts the website where to find the specific files you want to see. This part could contain just about anything and can be very long. It can also include special codes that include search terms, account information, and other data a website might need for you to see it properly.
The most common way the bad guys will try to trick you into going to their website is by putting something official-sounding in the server or directory and file fields. Just remember this pattern: http://servername.domain.dom/otherstuff. Pay very close attention to what’s between the slashes, especially the domain name and the top level domain name. If the top level domain isn’t the very last thing in the address, then it will always be followed by a slash.
Although these URLs look like they belong to Microsoft, none of them actually do:
Look at the parts between the protocol and the slash that’s after the top-level domain name. I color-coded the five parts of a website address and underlined the domain name to help you see how they are trying to trick you. Don’t actually go to any of those websites! I just made them up and didn’t check to see if they actually exist, but I wouldn’t be surprised if the domain names are real.
The moral of this last story is this: pay attention to what you are doing, what’s on your computer, and what you click on. It sounds like more trouble than it’s worth, but it’s not really that hard once you develop good habits. Your bank balance will thank you someday.