IT Security Tips

Rogue security software (fake or rogue Anti-Virus)

Rogue security software poses a growing threat to computer security. Basically, it is a form of Internet fraud that uses malicious code in an attempt to deceive users into paying for a fake removal of malware. In that sense, rogue security software can be considered a form of ransomware or scareware (malicious code that affects a computer system and demands payment in order for the restriction to be removed – in this case a simulated security issue).

Rogue security developers exploit both the trust and distrust of computer users regarding security vulnerabilities and the way of handling them. On one hand, it appeals to the authoritative term of “security software” while disguising the opposite intention – that of, in fact, breaching the fore mentioned security. On the other hand, it uses fear and the human reaction to a threat, that of immediately removing it. In this case the threat is fake (“your computer security is compromised”), but the consequences are real (your computer security will be actually compromised after following the “instructions” of the rogue security software). For a non-technical computer user, there is bound to be some amount of confusion here. Learning how to recognize fake security warnings is an important step in preventing infections.

Prevention

To increase the chances of staying rogue software-free, the first step should be familiarizing oneself to the best-known legitimate security software, in order to be able to identify rogue security software. AV-Comparatives list of security vendors is a good place to start.

Also, for the same purpose, there are blacklists containing the names of notorious fake security software, such as this one

Installing legitimate Anti-Virus software and using a firewall (auto-updates on) is always the primary step to take towards better computer security. Safe online-behaviour guidelines regarding e-mailing, file download, streaming and navigation also apply in the prevention of infections caused by rogue security software.

https://en.wikipedia.org/wiki/Rogue_security_software

How does rogue security software propagate

  • Web navigation. Through a website displaying a fake alert (on page or as a pop-up) stating that the computer is infected and manipulating the user into downloading or purchasing a fake Anti-Virus tool – that is in fact the scareware/rogue Anti-Virus program. Some fake warnings will prompt the user to install the „Anti-Virus software”, „updates”, or remove the „found malware”. As soon as the user clicks the message, the rogue security software downloads into the system.
  • SEO poisoning. Rogue security developers (and malware writers in general) are also known for using a technique called SEO poisoning in order to push the rogue software download links into the upper positions on search engines. Through SEO poisoning, rogue security software may appear in the list of search results when searching for computer security related keywords, along with legitimate security vendors. This way, an unaware user can get infected by landing on a malicious website posing as a “free online scanning service”. Other times, infected URLs exploit other keywords, such as for a particular piece of news or a notorious recent event.
  • E-mail. Phishing scams are very common these days, so it’s important to know the basics about how phishing works in order to identify it. In the case of rogue security software, a phishing e-mail will try to get the user to download and execute the scareware. A phishing e-mail will include an apparently harmless URL pointing in fact to the malicious website propagating the infection. Other times the malicious code is masked as an attachment that the user is tricked into opening: an image, screensaver, or archive file. When opening the infected attachment, the user actually executes the malicious code.
  • Drive-by downloads. Rogue security software can also act as a drive-by download. A drive-by download exploits vulnerabilities in third party software, so it’s very important to keep third party software (browsers, pdf viewers, e-mail clients) always up to date. A drive-by download uses un-patched vulnerabilities in older versions of third party software as a means to propagate itself without user intervention.
  • Online video viewing. Some rogue software propagate through downloading an infected codec while trying to watch a video online. For learning how to reduce the risk of infection with online streaming, see Safe Streaming/progressive download.
  • Infected files and malicious online applications. Computers can also get infected with malware/spyware (rogue Anti-Virus included) through an infected PDF file or a malicious java program (an online game for example). To avoid infection through executing files and online applications, keep a legitimate Anti-Virus software always up to date, with the online/web and real time protection features active.
  • P2P. The rogue software can also be disguised as a piece of software downloaded through a peer-to-peer network (for example, a file downloaded via a torrent client).
  • User installation. The infection may propagate through installing questionable freeware, cracked programs or illegal copies. When you’re not sure about the program source but still want to run it, check every step of the installation, in order to avoid deploying malicious programs (in the form of a toolbar, add-on or other “free goodies”). See also Safe File Download and How to Prevent and Repair Browser Hijacking.

Rogue (fake) Anti-Virus program

How to identify an infected computer

While there is no standard picture of a rogue security program infection, there are several common symptoms indicating such an infection. Rogue security software will try to get the infected user to purchase a service or software, claiming that the computer is heavily infected. A pop-up or a “security” program the user does not remember installing (see How Does Rogue Security Software Propagate) will suddenly display an alert or warning – regarding spyware, malware or other security issues. These warnings may look like system notifications or genuine alerts. The malicious code will try to cripple the genuine protection of the system, by attempting to disable system components and Anti-Virus software, to avoid detection and prevent the user from uninstalling the unwanted software.

Some rogue programs will attempt to scare the victim by displaying an animation that simulates a system crash and reboot or other “catastrophic” system events. Access to legitimate Anti-Virus websites and online scanning services may be disabled, as well as system updates. Computer may run slower than usual and display unusual behaviour:

  • fake balloon-type system alerts (generated by the malicious program)
  • constant nagging pop-ups requesting to purchase/update the fake security program
  • program interface looking like an Anti-Virus program, displaying an unusual number of infections, and claiming that registration is required in order to remove the infections.
  • new/unknown icons on the desktop
  • browser displays fake security warnings or redirects to questionable websites and/or security certificates do not appear to be valid, usually as a result of browser hijacking. See also Web Navigation.

Fake balloon system alert

What it does

Rogue security software downloads come with other malware components, such as trojans, rootkits and keyloggers. The trojan components alter the system, rendering it vulnerable to the attack, the rootkit redirects search engine results and keylogger attempts to record what the keyboard input (passwords, credit card data, etc.).

Removal

Once you have identified a potential rogue security software attack, use a clean computer to refer to a trusted online database containing rogue security software lists by name and removal tools. If unsure, contact a technical support or an IT security service in your area.

How to prevent and repair browser hijacking?

Browser hijacking means that a malicious code has taken over and modified the settings of your browser, without your permission. There are several ways a hijacking software can reach a computer. It may come as part of a freeware installation that is supported by adware or spyware, so always read carefully the disclaimers appearing during the install process, and watch for additional programs that are being installed along with the main software (toolbars, add-ons and so on) – make sure you uncheck them, and if this is not possible give up on installing the program alltogether. It can also come through an infected or misleading e-mail, file share or a drive-by download. Rogue security software developers are also known for browser hijacking, usually pretending that your system is infected and redirecting to their download page.

How can you tell your browser has been hijacked? There are several symptoms: the browser’s home page has been changed, most commonly directing to a website you never intended to visit; new unwanted bookmarks have been added to your favourite pages, usually directing to pornography websites or ad-filled websites; a lot of pop-up windows flood your browser, turning your surfing experience into a nightmare; your computer runs slower than usual; unsolicited new tools (such as search bars) are added to your browser; you cannot access certain web pages, such as anti-spyware, anti-virus and other security related sites; your browser has become unstable and exhibits frequent errors; the default settings have been changed in the browser and/or your default search engine has been replaced by an unsolicited one. Here is a list of the most common browser hijackers to help you identify them.

Some browser hijacks (such as some of the ones coming in a bundle with freeware) can be uninstalled together with the freeware they came with, while others are far more difficult to remove. For that reason, preventing is always better than repairing.

How to prevent browser hijacking? Use anti-virus and anti-spyware software and keep the real time protection feature activated; keep your browser and other third party software up to date at all times; learn how to configure your browser for higher security, and keep it on a high security level; learn the basics about e-mail security; use caution when downloading and installing freeware, and read carefully the disclaimers and installation steps in order to detect additional software being installed ; avoid illegitimate or untrustworthy websites; keep the automatic updates of your operating system on.

Browser hijacker removal. Some browser hijacking software is easily removed by uninstalling the freeware they came with, or by looking them up in the list of installed programs in your Control Panel, and using the Remove command in order to uninstall them. Manually restoring your browsers settings to the ones previous to the attack may also do the trick (see your browser’s Help section if you’re not sure how to do this). In addition, set your browser security level to “high”. However, other hijacking codes are not so easy to get rid of, as they go deeper into your operating system, altering settings such as start-up entries and the registry and causing the unwanted program to keep reloading every time you start up the computer. There is no „one-cures-all” solution, but the following common methods should work in most cases.

First, restart your computer in safe mode and perform a full anti-spyware, anti-adware and anti-virus scan on the system. If you are an advanced user, download and run a start-up control software to remove the unwanted entries of the hijacker from a Windows system start-up, and use a registry cleaning software to remove suspicious registry entries (be sure to backup the system before doing that). Also, if you are running Windows XP or later and are not able to remove the hijacking software, you may consider using the System Restore tool to restore the computer to an earlier date (your files will not be lost but a system backup is strongly recommended before running System Restore, and also before performing any changes to your operating system).

How to check if my security product is working properly?

You should only have one antivirus product with real-time protection (RTP) enabled. Real-time protection is the permanent guard function that watches files being downloaded or copied onto your computer, and takes action if a malicious program is detected. If you have two programs both trying to do this at the same time, conflict can result. In the best case, you will find that your computer runs more slowly. In the worst case, the two programs may interfere with each other so much that no effective action is taken against the malicious file.

Even the “best” versions of security products will not be able to protect against the latest threats if the virus signature database is obsolete. So as a general and very important rule always keep their auto-update feature on. To check if your security product is working properly, there are

EICAR test file. The European Expert Group for IT-Security (EICAR) provides a simple test to check if your anti-virus or security product is working properly.

Hosts file checking. Some methods of attack use tampered hosts file to redirect your browser to malicious URLs. To learn more about the hosts file and how it should look refer to https://en.wikipedia.org/wiki/Hosts_(file). If you suspect the hosts file has been tampered with, you can edit it using a plain text editor such as Notepad (same you use for opening and viewing it). A specifically built hosts file can also be used to block connections to unwanted or potentially dangerous locations, such as the one provided by http://winhelp2002.mvps.org/hosts.htm.

AV-Comparatives and other independently ran tests and reviews. AV-Comparatives regularly performs comprehensive and innovative independent testings of anti-virus software and releases reviews helping users assess the capabilities of the different anti-virus software versions on the market and choose the best solution for their needs. Independent testing means that no anti-virus vendor is involved whatsoever in the testing procedures, which are developed by a neutral, independent team of IT-security specialists from the AV-Comparatives organization. A list of various independent testing labs can be found here: https://www.av-comparatives.org/list-of-av-testing-labs/

How to configure my browser for higher security?

A browser is the main porthole for viewing the web and, more than that, a live tool that allows you to interact with it. While surfing the web, many times searching for content has priority compared to safety (which is a bad idea). However, in order to compensate this flaw, there are some things you can do to configure browser higher security and make your browser take care of this aspect for you:

Keep your browser up to date. The browser running on your operating system is a third party application that needs to always stay up to date. Developers regularly release security updates and patches to keep up with the current threats and facilitate a safe navigation.

Keep all the other third party applications up to date, for the same reasons mentioned above.

Use anti-virus and anti-spyware software and set it to automatically update.

Use a firewall and keep it permanently turned on.

Use auto-fill with caution. This accessibility option that browsers offer is not very secure. If you do not use a more traditional offline system of securely storing your passwords, install and use a trusted password manager such as LastPass or Keepass.

Use encrypted search as default browser page.

Use a safe browsing tool/add-on or a selective script blocker such as NoScript (for Mozilla Firefox). Read the reviews and overview add-on scores on the download page and choose accordingly.

Tweak you browser’s security and privacy settings to meet your needs. These settings are important for your computer security, which is ultimately important for your safety and privacy, so choose bearing that in mind. Most browsers provide explanatory information (advantages and disadvantages) about the various security levels available. If in doubt, set security levels to “high”. Instructions and information on how to change security settings are also generally available on the browsers’ official websites.

Testing browser security. If you’re still not sure about the level of security of your browser, or want to check how it performs, there are at least several browser security tests available online: http://browserspy.dk/, https://browsercheck.qualys.com/ and others.

Follow these recommendations to configure your browser for higher security.

My website has been hacked – what should I do?

There are several ways a hacker can attack a website, exploiting poorly executed security policies or taking advantage of unattended vulnerabilities. (See also Online safety for website owners). The attack can be internal or external, often using spam or malware to achieve the purpose.

Currently, browsers such as Google Chrome issue a malware warning for websites that may have been compromised by an attack. This is a visitor repellent warning that no website owner wants to see when accessing his or her web page. Still, if such thing happens, first thing to do is stay calm, take the infected site offline and then assess the situation before proceeding to action.

How can I tell my website has been infected?

Some attacks do not display a victory flag saying “I hacked your site”, that is to say not all intrusions are clearly visible. In such cases, you should suspect that your website has been attacked if you see on or more of the following symptoms:

  • user complaints about the site being blocked by their security software or browser, or about getting malware from visiting your website
  • users report redirection to other websites
  • significant changes in traffic – usually a dramatic and sudden traffic decrease
  • a sudden drop in search engine raking
  • browser warning indicating that the website has been compromised
  • the website is blacklisted by search engines or other databases of malicious URLs
  • the website works improperly, displaying errors and warnings
  • your site contains files and/or code you don’t recognize
  • your pages suddenly don’t validate for the W3C standard
  • after visiting the website, computers exhibit strange behavior.
  • last login IP in the Admin Panel is not from your IP

After taking the site offline, scan all files for malware using the anti-virus of your choice (refer to AV-Comparatives tests and reviews to compare the options). Also, fully scan all computers that have stored your FTP username/address and/or have been used to publish the files of your website. If taking down the website is not an option, use an online scanner and change all FTP passwords or other passwords used for administrative sections of the website, together with e-mail passwords. Do not use software to save the passwords, instead memorize them or write them down on a piece of paper.

Refer to your web developer and ask them to verify the current version of the site to the latest one they have stored for publishing, in search of any suspicious differences.

Check with your hosting provider. Your website might not have been the only victim of the attack, especially if you are using shared hosting. The hosting provider can confirm the attack or indicate a loss of service as the cause of the symptoms, and take steps in fixing the problem.

Backup. Make a backup of what remains left of the website and make a habit (if you do not already have) of backing up the website files at every change. It is a good idea to use a version control service to easily identify the latest version of your website and rollback to a previous version that you know to be safe.

How to safeguard/protect my mobile phone?

Unprecedented connectivity of modern mobile phones brings along the same risks as with laptops or home computers as well as any device that benefits from an Internet connection. Smartphones today collect an impressive amount of personal data, from the privacy sensitive (photos, SMSs, personal documents) to the security sensitive (online banking data, financial or personal information). The first thing about safeguarding secrets is not to have any, but this is a hard thing to do when in the world of possibilities revealed by modern technology. Not doing any online banking in order to keep your bank account safe may sound like not ever seeing the sea in order not to drown, or even worse. Fortunately, a safe approach to mobile and smartphone usage can ensure the benefits while avoiding the risks.

Password and PIN.  First things first: protecting your phone with a strong password and/or personal PIN closes the first gate of access into your privacy. Enable auto-lock if available.

Think before you install apps. Even if it seems a fun idea at the time, with the tons of mobile apps out there you should be careful which one you install – and for what reasons. Make sure the application you install is from a trusted source, read user reviews and check app’s and developer’s rating before you install. In the mobile market, search for anti-spyware software and install it to prevent being watched without your knowledge or other unwanted stealthy (and ill intended) interventions.

Use security software. Using latest version of security software and keeping it on automatic update is a must. Mobile markets show a booming trend in terms of usage and connectivity, with smartphones and particularly Android platforms being the most active. Third party applications can pose a risk, as more and more malicious APKs appear on the market, masked as harmless software. As mobile stores cannot guarantee all the applications they display are safe, the growing emergence of malware and greyware (applications that can pose a security risk if used inadvertently, or is otherwise undesirable, such as spyware and adware) on these markets calls for trustworthy, dedicated security products.

Keep software up to date. Beginning with the OS and security software you should use, always keep the software up to date. Patches and security updates released regularly by the developers and malware signature databases updated by security products vendors should dramatically decrease the risks.

Keep an eye on the links. Same with any other device that uses the Internet, double-check the links you are about to click. See also Learn how to identify phishing e-mails.

Prevent theft, enable recovery. The more personal data stored on you mobile phone, the more careful you should be about not losing it in the first place. If such thing occurs, modern phones provide features such as tracing and tracking software and remote wipe – so make sure you enable them when you start using your phone. Make a habit out of backing up the data on your mobile phone on a regular basis.

Use an encryption solution along with security software. Search for and install an encryption solution for your smartphone to keep the exchange of data secured.

Take precautions when connecting to public WiFi spots.

Use it for what it does. If you’re using your phone to connect to the Internet for reading e-mails, surfing the web, gaming, social networking and other activities involving an Internet connection, in terms of security you should treat it as you do your laptop or your computer at home.

What should I do to prevent being sniffed while using a public WLAN?

Wireless hotspots have significantly changed the way people work. Due to public hotspots we can work while traveling, or while enjoying a coffee at the favorite terrace restaurant. Any device equipped with a wireless card (laptop, notebook, tablet, smartphone and so on) can access public hotspots and benefit from high speed Internet connections. From free municipal WiFis to wireless networks you can access with a username and password while being the client of a coffee shop, library, restaurant, airport or hotel – connectivity is some clicks away in most populated places on Earth.

However, the accessibility of public WLANs works both ways. If you can connect to them without too much questions asked (or none), anyone else can do so. Moreover, not everyone is well intended. On the other hand, if supplementary security measures are needed while connected to your home WLAN, then it comes without saying that extra precautions should be taken with public WLANs.

Apart from the basic rules applying with every Internet connection, here are some guidelines about minimizing risks when using a public WLAN:

Remember you are in public. Your online behaviour should be in accordance with this reality. When using a public wireless network, always keep in mind that you are not in the privacy of your home connection. This means you should confine your online behaviour to those actions you are comfortable with while knowing others can see over your shoulder. Not only in the literal meaning but also – and most importantly – metaphorically speaking: public WLANs are exposed to the prying eyes and of hackers. Whenever possible, avoid actions using sensitive information such as online purchases or banking, and choose the network that ensures the most secure connection.

Use SSL and HTTPS encryption. Public hotspots do not encrypt data. Data exchanged between regular HTTP websites while you browse the web over the wireless network can be sniffed by anyone with the right skills and motivation. This is why enabling SSL (when using an application that connect to the Internet, such as Outlook or Thunderbird) and HTTPS (when visiting websites) is important for your privacy and online security. Look for the lock icon in the address bar next to the “https://” – that means the connection is encrypted. Some web e-mail clients and other offer the option of always using a HTTPS connection, or you can use an encryption extension for your browser (such as HTTPS Everywhere for Firefox and Chrome). Further on, you can manually encrypt the files or folders on your computer that you know you will be using while connected to a public hotspot, or make those folders private.

Verify and confirm network name.  When connected to a public WLAN (in a restaurant, while traveling, for example) you should know that hackers can set up a fake WiFi network as a bait for unwitting users. Before connecting, confirm the network’s name with the personnel of the place you connect from to be sure you’re connecting to their public network and not a fake one with a similar but not identical name.

Use VPN. A Virtual Private Network (VPN) extends the security and privacy of a private network over a public network by routing all activity through a distinct secure network. Background running applications are available that set up the VPN automatically.

Turn off sharing. File and printer sharing enable other computers in the network to access resources in your computer. It comes without saying that this option is not desirable when you do not have control over who is connected to the same network – your data is exposed to hackers. To patch that breach, always ensure that sharing is disabled on your computer when connected to a public network. You can also use the automated settings of your operating system to differentiate from your home or office networks and public networks – it will automatically select the privacy and security settings according to the level you associate the network with (home, public, private).

Avoid automated connections. Even if your device (such as a smartphone) is built to connect to any hotspot available, it is recommendable to disable this option, and connect on demand, at your choosing and after verifying the connection for authenticity (with the people who provide you access for example).

Consider two-factor authentication. You already know the first rule about passwords: use strong passwords (longer, hard to guess) and change them regularly. Nowadays, most popular websites such as Facebook and Gmail provide the option to use two pieces of information to ensure your account stays yours. One is the password that you use to login, and the other is sent to you via your mobile phone in the form of an SMS with a code. When using the Internet in a public network it is a good idea to enforce the security of your account with this kind of double authentication, even if it seems a bit of an effort.

Turn WiFi off when not using it. When you are using your computer in a public hotspot, but have no need to access the Internet, make sure you turn off the wireless connection (by removing the external WiFi card or by disabling the WiFi connection).

How to safely configure my WLAN at home?

Wireless LANs can be both targets and weapons as far as hackers are concerned. A poorly secured WLAN can be exploited into gaining access to a computer, as well as a rogue access point can pose as a legitimate/trusted one and trick users into associating with it, providing hackers with a means to manipulating data. More so, hackers will be able to use your Internet connection for illegal purposes – and leave the responsibility for their acts to you, as the owner of the connection.

To establish a wireless Internet connection at home, you need an operating system that supports wireless networking, a broadband Internet connection, a wireless router, a DSL modem, or a cable modem with built-in wireless networking support, a computer with built-in wireless networking support or a wireless network adapter and the router’s set-up instructions.

Carefully read the user manual and instructions hen setting up the wireless connection. WLANs are more vulnerable if not properly set up.

Use your browser to connect your router to the Gateway IP address. See https://wiki.amahi.org/index.php/Find_Your_Gateway_IP  to learn how to find the Gateway IP address on your computer and then manually input the IP address into the search bar of your browser to connect.

Enable encryption and do not mix encryption standards. Make sure you use the latest/highest encryption standard available for your computer. Keep in mind that the WEP and WPA encryption standards are older and far less secure than WPA2/WPA3. Avoid using shared key authentication. Keep in mind that no security method or encryption is 100% fool proof so always use additional security measures when accessing the Internet. You can also use a network monitoring software in order to survey the network activity of your computer and identify out of place actions or behaviours.

Use a strong router password. This is the password giving access to the router’s configuration, prohibiting anyone but you to make changes to the router’s settings (including security settings), so make it impossible to be guessed (not “1234”, “ABC000”). Instead, use a long string of both lower and upper case letters, numbers, and special characters (if the router supports them). The stronger the password, the higher the security. A weak password is easy to crack even on higher encryption standards as WPA2 or WPA3 using dictionary attacks or precomputed tables.

Use a properly configured firewall. Software based firewalls are widely recommended for single computers, while hardware firewalls are typically provided with routers for networks. Some operating systems provide native software firewalls (such as Windows OS). For Microsoft Windows home users we recommend to use the firewall in its default settings.

Use a custom SSID (Service Set Identifier, or network name) when configuring wireless settings. To do so, manually change the default name of the SSID into something unique. A default SSID indicates to hackers that the WLAN was set up by a novice and is therefore easy prey. Additionally, change the router’s factory preset details into your own, for the same reason above. Leaving router’s default names and settings on practically screams “come in” to potential hackers.

Beware the shortcomings of SSID cloaking. While some may think hiding the SSID is a good idea, it actually can backfire as a helping hand for hackers. The SSID Broadcast feature on your router can be enabled or disabled. When disabled, it makes your network invisible to users near you, but a skilled hacker can still sniff your SSID. The downside of disabling SSID Broadcast is that anyone can impersonate your router.

Enable MAC Address filtering. Every wireless networking card comes with a unique code, the MAC Address (short for Media Access Control Address). Mac address filtering only allows devices with a known MAC Address to connect to your network. However, MAC Address filtering is not a replacement for other security measures (such as WPA2/WPA3 and others) because hackers can clone MAC Addresses. Instead, it should be viewed as an additional means of protection/safety.

Disable remote login. Remote login is an easy way in for worms and other malware. Most routers have it disabled by default, but make sure it is disabled when setting up the WLAN and also periodically check from then on.

Online safety for website owners

There are several common website security threats:

Malicious software can be used to steal passwords, hack into ill-secured websites or computers and so on. If your site allows uploads, keep in mind that uploaded files may not always be what they seem. An anti-virus software is needed to check the files.

Lack of data validation. All data used by the website should be validated in terms of form and length. For example, Name fields should validate characters and number fields should validate numbers, e-mail address field should check for a valid e-mail address form ([email protected]) and so on. Input and output data validation can help against data poisoning.

Inside theft. If you are a company, keep in mind that a disgruntled employee can use the data for attacking the website. Change your passwords after firing someone, or immediately cancel all addresses that no longer apply.

Careful what you store. SQL injections and other exploits can be used by fraudsters to extract sensitive data form your website’s databases. To avoid this, do not store sensitive data such as credit or debit card details.

Automated hacking. A large number of bots (software that run automated tasks on the Internet) is crawling the web looking for vulnerable websites. While the main bot attack techniques are easy to avoid, the web developer has an important role to play in making your website immune to all automated hacking attempts.

Data management. If you are a business with multiple computers and employees, special emphasis should be put on this. Access management and network computer security (ensured by anti-virus and security software) should always be seen as key factors.

SSL and encryption should be used especially if the website collects information from individuals that interact with your website. The first acts as a secure connection layer, and the second is important for the security of personal data.

Cross-site scripting attacks are a very common hacking method that uses any field on the website when user can input text. Most web developers should know about the vulnerability and build a secure website accordingly.

Authentication management and session management should be taken very seriously, because if not done properly they could result in vulnerabilities allowing a user (hacker) to alter information or access information they would not be allowed to.

If possible, use FTPS instead of FTP.  FTPS (File Transfer Protocol Secure, or FTP Secure) adds support for TSL (Transport Secure Layer) and SSL (Secure Sockets Layer) encryption protocols thus strengthening security and control over FTP access.

Use a version control service to help with identifying the versions of you website and rollback to a version you consider safe, in case you suspect an attack on the current version.

See also “My website has been hacked – what should I do?

Safe social networking

Too much information. Online as well as offline there is such a thing as “too much information”. While social media is a powerful trend that plays various roles – from meeting the need to socialize to acting as a broad communication and organizing tool – users should be aware of the quality and quantity of information they share. Generally, for example, never post your vacation times on Facebook – it is a giveaway informing potential thieves that your house is vacant. Never give out sensitive information and limit yourself to the details you are comfortable to share with people you do not know well or not at all (location, work history). Ill intended people could use that information to impersonate you (for a loan application for example) or even steal your account (by guessing your security question based on information you give for anyone to see – like for example “what is your maiden name” or “what is your pet’s name”). Fraudsters can also use social engineering to work their way into your company’s network. Remember that online social networking is much more disseminated and uncontrollable than offline social interaction. To understand this think about how many friends a person has in real life compared to Facebook. Then think about how many of your real life acquaintances you really trust.

Verify identity. Many scammers use fake/stolen online identities in order to achieve their goals. If someone you know suddenly acts out of place – that’s to say their online avatar does – use the phone to verify their account wasn’t hacked. Online, anyone can simulate to be whoever he or she wants to be – even a celebrity, but that does not necessarily mean they actually are that person. Make a habit of looking out for anything out of the ordinary: Would this person say/post that (including typos and grammar)? Would he/she act this way? Think twice and verify links you are invited to click – many scammers use a fake identity to play the same trick they do with e-mails – and ultimately direct unsuspecting people to malicious websites.  Be wary with invitations from people you do not know, also if they appear to be friends of your friends.

Learn to customize your privacy/security options. Apart from changing your password regularly and never using the same password for multiple accounts, learn not to take the default privacy options for granted. Social networks offer users multiple options of customizing privacy – go to your account settings and tweak these options to achieve a stronger level of control over who and what they see on your public account. Think about the balance between the need to be popular and your privacy and data security – and decide which is stronger.

Use tags with caution. Tagging is an easy way to identify people in a picture or a post, but the downside is that the tagged person can interpret this as a privacy violation or it can backfire as a privacy violation. Usually you can manually un-tag yourself or approve the tag before it is published – if you set up your privacy options accordingly. Remember not only your friend have access to your tagged information, but also the friends of their friends. While you cannot control your friends’ settings, you can decide who sees your activity (from privacy settings of your account). You can also ask your friend to take down a tagged photo.

Click responsibly. Same as with e-mail links, use caution when deciding to click on a link served to you via a social network. Online identity theft and fake identities make it difficult to be sure who is behind an online action. Even if a friend sent you the suspicious link in good faith, be aware that he or she can be misinformed. Use the link double-checking tips discussed in E-mail Security. In addition, the same as with online banking, when logging in manually type the social network address in the browser’s address bar instead of clicking a link to do it – to make sure that your account will stay yours. Moreover, always log off and clear browser cache after using your social network account on a public computer.

Do you personally know all your social network friends? Always keep in mind that you most probably do not personally know every person in your friends list. The larger the number of friends, the less control you have over who’s who. Act accordingly. If possible, use selectivity when accepting/rejecting friends’ requests. If someone is molesting you via a social networking service, the service usually provides a blocking feature along with the possibility of reporting that person for inappropriate behaviour.

Third party applications. Social networks such as Facebook abound in third party applications (games, causes and many more). Nevertheless, cyber-criminals can sometimes use applications like these in order to steal your personal information. Use the same guidelines as you would do with any other file download.