There are many ways a hacker can get into your system. Two ways are by either sending you a fake link to click on in an email, or there could be a fake link in a discussion forum where you are looking for answers to fix a problem yourself. Our focus will be on the second today.
Although everyone likes free information and to save money doing things themselves, you have to be safe while online. Even technicians lookup answers online, however, they know how to get the answers safely and much faster than you.
Besides knowing what websites are known safe websites, there are other ways to identify if a website is safe. Even a well known good website could have a link to a bad website on it, and you need to be careful of that. Since anyone can share their opinion online posting information and links to other websites, there is nothing much stopping them from posting a link to an evil website that allows malicious code to download into your computer which then allows the hacker access to your computer. If you think anti-virus will help you, you’re wrong. Viruses are different from exploits that hackers do. Updates to your operating system and software is what helps you in those cases, in addition to other things beyond the scope of this article without making it really long.
The below screen shot shows Netcraft toolbar for Firefox which is a great tool to help you easily identify the safety of the website you are visiting. You can see the risk rating for Google.ca which shows it’s all Green with no red, and it’s been around since June 2000. There’s rank information and a site report which you can click on for more detailed information as well.
While you are on a website, depending on what web browser you are using, you can hover over links to see where the links point to. Maybe it looks legit at first glance, but if you look closer you might notice a spelling mistake. How about microsoft.com.twinbytes.ca ? Can you tell if that is a page for TwinBytes on Microsoft.com website or a page for Microsoft on TwinBytes.ca website? This is where people get tricked thinking they will be visiting Microsoft website, but it’s actually a subdomain page on TwinBytes website. A subdomain is a website within a website to put it short. So many people get tricked by this.
If you look at the website link at the top of your web browser, you can see it bolds the part that is the actual website you are on. This why if it says Microsoft.com.twinbytes.ca you know you are actually on twinbytes website.
The above example shows it’s our blog website you are currently visiting as you read this article, but it is a subdomain website owned by twinbytes.ca. We could makeup anything we want and nothing can really stop us from creating any name we want because it’s not the actual domain website, it’s a SUBdomain website. Sorry if this is a bit over your head, but if you can understand the difference and look for the bolded name in the top of your browser and use Netcraft plugin, it will help you.
That was a bit focus on SUBdomains but links in discuss forums or emails for that matter can direct to any website at all which can start an automatic download. It may look like nothing happened and you might even click it a few times wondering why the link doesn’t work. The fact is, the link does work, it just doesn’t do what you were expecting, instead it’s downloading malicious code to exploit a vulnerability you didn’t patch because you are still running Windows XP or you haven’t done all your Windows or OSX updates.
So run all your updates, practice what I mentioned above and uninstall any software you no longer use. That would be a great start and greatly reduce your risk!
Safe surfing my friends. 🙂