The Top Browser Threats
When end users venture out onto the Internet, it’s easy to get tangled up in the vast web of threats lurking on many website pages. Some of them are readily apparent, but others are well hidden.
Malvertising—a form of malicious code that distributes malware through online advertising—can be hidden within an ad, embedded on a website page, or bundled with software downloads. This type of threat can be displayed on any website, even those considered the most trustworthy.
End users also need to beware of social media scams. Hackers have created a playground of virtual obstacles across all the major social media sites. According to an article in The Huffington Post, some of the most common Facebook hacks and attacks include click-jacking, phishing schemes, fake pages, rogue applications and the infamous and persistent Koobface worm, which gives attackers control of the victim’s machine while replicating the attack to everyone on their Facebook contact list.
Twitter isn’t immune to security issues either. Since the microblogging site is both a social network and a search engine, it poses extra problems. According to CNET News, just 43% of Twitter users could be classified as “true” users compared to the other 57%, which fell into a bucket of “questionable” users. Among the things to watch for on Twitter are direct messages that lead to phishing scams and shortened URLs that hide malicious intentions.
As for Web-based exploits, Internet websites are now the most commonly-used angles of attack, most often targeting software vulnerabilities or using exploits on the receiving client. This makes keeping up-to-date browsers paramount for all employees.
Website Browsing Best Practices for Employees
- Be conservative with online downloads.
- Beware antivirus scams.
- Interact only with well-known, reputable websites.
- Confirm each site is the genuine site and not a fraudulent site.
- Determine if the site utilizes SSL (Secure Sockets Layer), a security technology for
establishing encrypted links between Web servers and browsers.
- Don’t click links in emails—go to sites directly.
- Use social media best practices.