Kevin Mitnick, in his book “The Art of Deception”, shows that the human is the weakest link in each security system. Unfortunately, when it comes to the personal computer, the biggest threat is unaware of the dangers user. Even, the best security software will not help if you constantly visit suspicious websites, or click on any link what you see in the mails. Therefore, what you should keep in mind during your daily work?
Suspicious links on social networking sites
Do not click on everything what you see on Facebook and other social sites. It is hard to believe, but people still click on links with “catchy” titles (e.g. New amazing diet, I have lost 15 kg in one week) and then they are forwarded to the site message “if you want to read this then you have to send SMS…”. This is still not so dangerous, because it would be more hazardous if the site would contain the latest exploit and your computer could become a part of botnet.
I know that it is hard to invent and remember unique and safe (i.e. complicated) password for each web service separately. Therefore, a lot of people invent a single universal password and they use it on every service. You probably know that this approach is not safe, because if a single service is compromised then all yours account will be threatened. What can you do? The best solution is to use the password manager software, e.g. KeePassX 🙂
You should to install any security update as soon as it becomes available. My favorite example which proves this rule is Blaster Worm, which was released during August 2003 and infected hundreds of thousands of Windows 2000 and XP computers. The most interesting is the fact that Blaster was spreading not via e-mail but using vulnerability present in both operating systems. However, it is not all, this vulnerability was fixed in MS03-026 and MS03-039 Microsoft Security Bulletins a month before Blaster was released!
You should not install any software which you have downloaded from untrusted sites. I always download setup files from official developer/producer website, because I want to be sure that the file is not infected and I will install the latest stable version. Also I do not install any unknown, magical tool which will make my life easier. I prefer to use a proven software, downloaded and tested by hundreds of thousands users.
Free WiFi hotspots
Just for the remainder, please read my previous post about risks caused by use of unsecured WiFi networks.