There was a question posted to the Security Catalyst Community forums earlier asking about our thoughts on the MBR (Master Boot Record) malware that is circulating again. I've mentioned several times in the past that the Internet scares me since it is so easy to drop malware on your computer. The fact that now it is getting more common for Owned sites to be Pwned makes it even worse. Then to hear that security companies and malware researchers are saying that malware increased between 500% and 1000%.
What chance do we have? I hate to sound so "doom and gloom" but you almost hate to think what things will be like this time next year. I've gotten used to not writing checks and doing all of my banking online. Yet, I hate to think of what would happen if my computer was infected by a site that was serving up malware unknowingly. I may have to go back to writing checks.
I'm not normally negative about such things, but this has me worried. Also, not being one to point out a problem w/o offering up solutions I will repeat what all of you probably know. A few things that you can do to reduce the chance of getting malware on your system when surfing the Internet.
- Don't use your computer logged in with privileges any higher than "User"
- Don't click on links from emails, IM's unless you are 100% sure that they are valid and safe.
- When possible type the address in yourself.
- Verify links before clicking on them by making sure that they take you where they say they are going to take you. You can do this by putting your mouse over them and checking the browser status bar or by looking at the page source.
- Be very wary of shortened links that are created with things such as TinyURL.
- Use Firefox or another alternative browser instead of Internet Explorer.
- If offered by your browser community use things such as "no script" and "ad blocker".
- Stay off of web sites that are known for serving up malware. (Porn, gambling, hacker, etc)
There are lots of other things that you can and should be doing to keep yourself safe. These are just the basics. If you are not aware of what else you can do then I highly recommend that you search for ways to secure your PC or email me and I'll give a more detailed list.