These series of articles will outline some strategies to help you improve the security of your individual systems. In part one, we will look at keeping your system up to date and discuss some of the dangers of malicious ads.
System security has greatly improved over the last 10 years, so why do we hear about so many security incidents, and what can you do to stay safe online? While system security has improved, malicious attackers have also adopted and improved, while we, the users of these systems, are generally ill-prepared for today’s security attacks.
Keep your software up to date
Most systems will automatically install security updates for you, which is a great feature. After all, it does not matter how good the latest security patch is if you do not install it. Unfortunately, I have not seen any system that did not need human intervention from time to time to ensure that the latest patch was actually installed. Even worse – most systems that fail to install a security update will also fail to notify anyone. You should make a habit of checking your systems at least once per month to make sure that you have all the latest security updates for your OS. You should also check Chrome (or your web browser of choice) and any other programs that directly open files from the internet, such as Adobe Acrobat. Microsoft typically updates its software at least once per month, on the second Tuesday of every month. Since Adobe and other vendors tend to update on that same day, it is a good plan to verify your systems are up to date on the following Wednesday or Thursday.
Update Windows
https://support.microsoft.com/en-us/windows/get-the-latest-windows-update-7d20e88c-0568-483a-37bc-c3885390d212
Update MacOS
https://support.apple.com/en-us/HT201541
Update iOS (iPhone & iPad)
https://support.apple.com/en-us/HT204204
Update Android
https://support.google.com/android/answer/7680439?hl=en
Upgrade your web browser
I recommend Chrome as a web browser with an excellent track record for security. Safari and Firefox are also good choices.
Chrome web browser
https://www.google.com/chrome/
Block extensions and notifications in Chrome
Many attacks come in the form of malicious web advertisements and notifications. You can greatly increase your online security by removing unnecessary extensions and blocking sites from popping up notifications. Become familiar with where your web browser’s notifications settings are located. In Chrome, it is under Settings > Privacy and Security> Site Settings.
Consider Adblock Plus for security
Many malicious web attacks come from advertising networks. Some advertisers are dodgy; others might start out with legitimate ads to build a decent reputation, then later be subverted. Adblock Plus does not block all advertisements, but instead blocks ads from questionable sources, and because much malicious activity is from advertisements with questionable sources, it also acts as a good security measure. It is not good to trust most browser extensions, but this one is free and open source, which means any programmer is welcome to inspect their source code, which greatly reduces the threat of malicious actions—developed by Eyeo GmbH, a German software company with a long, good reputation. If you install, make sure they are listed as the developer since there are many similarly named extensions meant to confuse the unwary.
The extension is easy to disable for individual websites that you trust and do not want filtered, like your bank’s website.
Be prepared for malicious ads
So, now that you have updated your systems and backed up your files, what is the most likely method that a malicious hacker will use to compromise your system? In my experience, they will ask. Let’s look further at one of the most common cons—the malicious advertisement.
Like most cons, they will need to trick you into thinking they are doing something helpful for you. The most common trick I have seen is offering IT Tech support. You may have seen one of these ads yourself, you are browsing the internet, and suddenly a full screen pop-up blocks your screen, telling you something like: “Your computer has been infected with malware! Call the following number for Microsoft Security immediately!” It will often be accompanied by an annoying alarm, all meant to scare you and trick you into calling the supplied phone number as quickly as possible.
To make a good victim, you want your mark to be in panic mode, to feel pressured into making decisions quickly, without taking the time to reason clearly about the problem you have given them. That is why it is important to prepare for scams in advance. If you are tech-savvy, you might prepare by making and testing some instructions for muting the computer and exiting Full-Screen mode. If you are providing help for a relative, you might include a note with something like: “Don’t panic and don’t call any fake support lines. You can call me at 512-000-2345, and you can always just turn the computer off.”
====[Exit full screen]====
for Chrome: On Windows/PC, press F11 to enter and exit Google Chrome’s fullscreen mode.
On Mac, press Control + Command + F
Windows key + Down Arrow
Esc key
Disclaimer: This article’s technical tips are meant to provide helpful alerts and general awareness of the issues raised in this article. We cannot be held liable for any issues that may arise from following our recommendations. We recommend that each group find a skilled technical team to advise and help in a manner tailored to individual needs and circumstances.