Old joke: I practice safe computing. When I play Second Life, I always wear a condom.
Some in Second Life refuse to click on any links in IM chat. They have good reason. Who wants to get their computer infected? While it’s important to install and maintain a good antivirus program, a prudent approach to unknown URLs is to just not click. It’s not worth the risk.
But is there anything we ourselves can do?
Reputation is a good start. Well-known legitimate websites can give us a warm fuzzy that we’re not going to unleash the hounds of hell. Legitimate also includes pornography. Porn sites have long been known as a harbour for the malicious, baddies taking advantage of our insatiable curiosity and all-round horniness when we throw caution to the wind and blindly click on the promisingly scandalous. Bingo! You now have to pay a ransom to get your files back!
However, the top porn sites, such as xHamster and Pornhub are running for-profit businesses based on advertising. They would be shooting themselves in the foot big time if they allowed malware into their presentations. These days, it would seem you have to dig way down into out of the way niche porn sites to find malware embedded in the site itself.
Malvertising
I use the McAfee antivirus system but have in the past used Sophos and Norton. These systems can filter web pages, examining individual elements, namely advertising embedded on the page.
Legitimate sites like CNN, The Washington Post, etc., can get advertising from 3rd party providers. If you see a box in a corner of the page, or a pop-up, it may contain an advertisement. That ad didn’t come from the site, it came from a service which provides ads to the site. The advertiser may embed malicious code in the ad, give it the 3rd party provider, and Bingo! You have a legitimate site serving up malware to your computer.
Lesson to be learned: In this day and age, getting malware is no longer just connected to surfing dubious sites like porn. It could be any site, even sites you trust.
Can we trust anybody?
Let’s not forget that “virus” as in computer virus is named after the human virus. It has the same characteristics. I drop in for a family dinner, holiday or birthday, and somebody coughs or sneezes. A few days later, I know I’ve got something. Cough, wheeze.
It’s important, first and foremost, to have an antivirus system. I have McAfee because it was bundled with a new Dell laptop, I purchased last year. Reviewing PC Mag’s top-ten systems, I know that McAfee is good. It certainly isn’t a mistake, and we can argue over the details.
One of its features is to compare any link to its own list of questionable URLs. If I click or if a web page automatically sends me somewhere, McAfee will stop the process and give me a warning, asking me if I want to proceed. I avoid any chance of malware by just not continuing.
What can I do?
Before visiting any website, it is possible to pass the URL through an online checking system to find out if there’s any risk.
Google Transparency Report
https://transparencyreport.google.com/safe-browsing/search
Google’s Safe Browsing technology examines billions of URLs per day looking for unsafe websites. Every day, we discover thousands of new unsafe sites, many of which are legitimate websites that have been compromised. When we detect unsafe sites, we show warnings on Google Search and in web browsers. You can search to see whether a website is currently dangerous to visit.
Type in a URL and see what’s reported. The site info gives you the latest status about “unsafe content” and tells you when Google last checked the site.
Virus Total
https://www.virustotal.com/gui/home/url
Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community
Once again, type in a URL and check the report.
FYI: I’m sure you recognise Google but not VirusTotal. According to Wikipedia, the company was purchased by Google in 2012.
How to get URLs before clicking
All browsers have this functionality: Right click on a link, and you get a pop-up menu. In Firefox, choose “Copy Link Location”, in Chrome, choose “Copy link address”, and in Edge, choose “Copy link”. Instead of clicking on the URL, you have copied the URL to the clipboard. You can paste it into the above two URL check systems.
IM Chat
From time to time, I include links to various things: articles, pictures, and video. Some people who don’t know me refuse to click. I usually preface the sending of any link with this:
FYI: I check all links for malware. I don’t want to infect my own computer.
But I understand their hesitancy. The world can be a dangerous place, and we must be cautious.
However, I also know that I have more familiarity with links and can better judge their legitimacy. I recognise Flickr and YouTube, two sites that crop up frequently in SL profiles, and open them without fear of infection. But if I ran into something I don’t recognise, I can use the above two check systems to get an idea of how safe a URL is.
Good luck. Safe computing. Now, if you’ll excuse me, I have to go out to my local pharmacy. I thought to log into Second Life this evening, and I’ve just discovered I’ve run out of condoms.
|
This won't work but it is funny. |
References
Wikipedia:
Malvertising
Malvertising (a portmanteau of "malicious advertising") is the use of online advertising to spread malware. It typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. Online advertisements provide a solid platform for spreading malware because significant effort is put into them in order to attract users and sell or advertise the product. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to push their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. Malvertising is "attractive to attackers because they 'can be easily spread across a large number of legitimate websites without directly compromising those websites'."
Malvertising is a fairly new concept for spreading malware and is even harder to combat because it can work its way into a webpage and spread through a system unknowingly: "The interesting thing about infections delivered through malvertising is that it does not require any user action (like clicking) to compromise the system and it does not exploit any vulnerabilities on the website or the server it is hosted from... infections delivered through malvertising silently travel through Web page advertisements." It is able to expose millions of users to malware, even the most cautious, and is growing rapidly: "In 2012, it was estimated nearly 10 billion ad impressions were compromised by malvertising." Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks. Companies and websites have had difficulty diminishing the number of malvertising attacks, which "suggests that this attack vector isn’t likely to disappear soon."
Wikipedia:
VirusTotal
VirusTotal is a website created by the Spanish security company Hispasec Sistemas. Launched in June 2004, it was acquired by Google Inc. in September 2012. The company’s ownership switched in January 2018 to Chronicle, a subsidiary of Alphabet Inc.
VirusTotal aggregates many antivirus products and online scan engines to check for viruses that the user’s own antivirus may have missed, or to verify against any false positives. Files up to 550 MB can be uploaded to the website, or sent via email (max. 32MB). Anti-virus software vendors can receive copies of files that were flagged by other scans but passed by their own engine, to help improve their software and, by extension, VirusTotal’s own capability. Users can also scan suspect URLs and search through the VirusTotal dataset. VirusTotal for dynamic analysis of malware uses Cuckoo sandbox. VirusTotal was selected by PC World as one of the best 100 products of 2007.
PC Mag - Oct 22/2019
The Best Antivirus Protection for 2019
Which antivirus should you choose? You have a wealth of options. Kaspersky Anti-Virus and Bitdefender Antivirus Plus routinely take perfect or near-perfect scores from the independent antivirus testing labs. A single subscription for McAfee AntiVirus Plus lets you install protection on all of your Windows, Android, Mac OS, and iOS devices. And its unusual behavior-based detection technology means Webroot SecureAnywhere Antivirus is the tiniest antivirus around. We've named these four Editors' Choice for commercial antivirus, but they're not the only products worth consideration. Read the reviews of our top-rated products, and then make your own decision.
2019-10-24