{"id":285,"date":"2010-01-13T20:16:10","date_gmt":"2010-01-13T20:16:10","guid":{"rendered":"https:\/\/blogs.swarthmore.edu\/its\/?p=285"},"modified":"2010-01-13T20:16:10","modified_gmt":"2010-01-13T20:16:10","slug":"tips-for-avoiding-malware-infections","status":"publish","type":"post","link":"https:\/\/blogs.swarthmore.edu\/its\/2010\/01\/13\/tips-for-avoiding-malware-infections\/","title":{"rendered":"Tips for Avoiding Malware Infections"},"content":{"rendered":"<p>Below are some recommendations for reducing the risk of malware infections to your PC or Mac.\u00a0 Many of these were discussed in the recent Staff Development Week presentation on &#8220;<em>Immunizing Your Computer in Today&#8217;s Online World<\/em>&#8220;.<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>General<\/strong><\/span><br \/>\nKeep Patches Up to Date<\/p>\n<ul>\n<li>Operating system \u2013AND- applications<br \/>\ne.g., Adobe Reader &amp; Flash, QuickTime, Java, etc.<\/li>\n<li>Use latest browsers with patches up to date<br \/>\n&#8211; Currently (1\/12\/11):\u00a0 Internet Explorer 9, Firefox 9.0.1, Safari 5.1.2<br \/>\n&#8211; Don&#8217;t run Safari on Windows<\/li>\n<\/ul>\n<p>Use Anti-virus\u00a0 -AND-\u00a0 Anti-spyware<\/p>\n<ul>\n<li>Keep signatures up to date<\/li>\n<li>Run scans regularly<\/li>\n<li>Macs Too!!\u00a0 (Sophos.com has free A\/V for Macs under &#8220;Free Tools&#8221;)<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Browsers<\/strong><\/span><br \/>\nUse latest, patched version (see above)<br \/>\nEnable Built-In Browser Protections:<\/p>\n<ul>\n<li>IE 9: SmartScreen Filter<\/li>\n<li>FireFox: Security options warn of forged and malicious sites<\/li>\n<li>McAfee Site Advisor\u00a0 (add-in)<\/li>\n<li>Clear Temporary data on Browser Exit<br \/>\n&#8211; in IE 9, go to Tools &gt; Internet Options &gt; General tab, check &#8220;Delete browsing history on exit&#8221;<br \/>\n&#8211; in FF, go to Tools &gt; Options&#8230; &gt; Privacy, check &#8220;Always clear my private data when I close Firefox&#8221;<\/li>\n<li>Don&#8217;t save passwords in your browser<br \/>\n&#8211; in IE 9, to to Tools &gt; Internet Options &gt; Content tab &gt; click Settings button under AutoComplete<br \/>\n&#8211; in FF, go to Tools &gt; Options&#8230; &gt; Security, uncheck &#8220;Remember passwords for sites&#8221;<\/li>\n<li>Turn off &#8216;AutoComplete&#8217; for Forms, user names and passwords<br \/>\n&#8211; in IE 9, to to Tools &gt; Internet Options &gt; Content tab &gt; click Settings button under AutoComplete<br \/>\n&#8211; in FF, go to Tools &gt; Options&#8230; &gt; Privacy, uncheck &#8220;Remember what I enter in forms&#8230;&#8221;<\/li>\n<\/ul>\n<p>Avoid TinyURL, bit.ly, Trim and Similar URL \u201cShortening\u201d Links<\/p>\n<ul>\n<li>These services effectively <span style=\"text-decoration: underline;\">hide<\/span> where your browser will be sent<\/li>\n<\/ul>\n<p>Heed <a title=\"Example Attack Site Page\" href=\"http:\/\/www.mozilla.com\/firefox\/its-an-attack.html\" target=\"_blank\">Google Search Result Warnings<\/a><\/p>\n<ul>\n<li>Watch for &#8220;<span style=\"color: #3366ff;\">This site may harm your computer<\/span>&#8221; in search results<\/li>\n<\/ul>\n<p>Consider Separate Browser for \u201cRisky\u201d Surfing<\/p>\n<ul>\n<li>Say, IE for social networking and Firefox for banking, etc.<\/li>\n<li>Different tabs in <span style=\"text-decoration: underline;\">same<\/span> browser are not sufficient isolation<\/li>\n<\/ul>\n<p>Avoid Nefarious -and- \u201cQuestionable\u201d sites\u00a0 (although even &#8220;reputable&#8221; sites might infect you too..)<\/p>\n<ul>\n<li>You <em>know <\/em>what sites these are&#8230;<\/li>\n<\/ul>\n<p><span style=\"text-decoration: underline;\"><strong>Email<\/strong><\/span><br \/>\nRead Email in \u201cPlain Text\u201d<\/p>\n<ul>\n<li>Fancy, HTML-formatted email makes it simple to disguise links<\/li>\n<li>In Thunderbird, go to View &gt; Message Body As &gt; Plain Text<\/li>\n<\/ul>\n<p>Never, ever download attachments UNLESS you are expecting them. Never.<\/p>\n<ul>\n<li>Some recent malicious attachments: Hallmark cards, Facebook password applications, DHL &amp; Western Union invoices<\/li>\n<\/ul>\n<p>It&#8217;s <strong>Always<\/strong> Better to Retype a URL into a Browser than to Click the URL in Email<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Advanced<\/strong><\/span><\/p>\n<p>Install\/Use Adobe Reader X (version 10)<\/p>\n<p>Disable JavaScript in Adobe Reader<\/p>\n<ul>\n<li>May break functionality of some forms<\/li>\n<li>In Adobe Reader, Edit &gt; Preferences &gt; JavaScript, uncheck &#8216;Enable Acrobat JavaScript&#8217;<\/li>\n<li>Also see the blog entry <a title=\"Disable Javascript in Adobe Reader\" href=\"https:\/\/blogs.swarthmore.edu\/its\/2009\/02\/25\/serious-unpatched-security-vulnerability-in-adobe-reader-and-acrobat\/\" target=\"_blank\">here<\/a><\/li>\n<\/ul>\n<p>Browser Security Add-On\u2019s for Firefox<\/p>\n<ul>\n<li>NoScript, SSLPasswdWarning, Web of Trust (WoT)<\/li>\n<li>Require user to make \u201cjudgement call\u201d<\/li>\n<\/ul>\n<p>Alternative Browsers<\/p>\n<ul>\n<li>Google Chrome, Opera<\/li>\n<li>Until they become more popular<\/li>\n<\/ul>\n<p>Consider uninstalling Java if you don&#8217;t need it (if some application stops working, you can always reinstall it)<\/p>\n<p>Don\u2019t Run as \u2018Local Admin\u2019<\/p>\n<ul>\n<li>\u2018Local Admin\u2019 provides malware \u201cultimate\u201d access<\/li>\n<li>Use &#8216;Local Admin&#8217; only for installing applications, updates, etc. if needed but a &#8220;regular&#8221; user account for day-to-day activity<\/li>\n<\/ul>\n<p>~~~~~<\/p>\n<p><span style=\"text-decoration: underline;\">Some helpful sites about on-line safety:<\/span><br \/>\n<a href=\"http:\/\/www.youtube.com\/user\/GoogleCyberSecurity\" target=\"_blank\">http:\/\/www.youtube.com\/user\/GoogleCyberSecurity<\/a><br \/>\n<a href=\"http:\/\/staysafeonline.org\/\" target=\"_blank\">http:\/\/staysafeonline.org\/<\/a><br \/>\n<a title=\"Internet Crime Compliant Center\" href=\"http:\/\/www.ic3.gov\/\" target=\"_blank\">http:\/\/www.ic3.gov\/<\/a><br \/>\n<a href=\"http:\/\/www.lookstoogoodtobetrue.com\" target=\"_blank\">http:\/\/www.lookstoogoodtobetrue.com<\/a><br \/>\n<a title=\"Choosing smart passwords\" href=\"http:\/\/gmailblog.blogspot.com\/2009\/10\/choosing-smart-password.html\" target=\"_blank\">http:\/\/gmailblog.blogspot.com\/2009\/10\/choosing-smart-password.html<\/a><br \/>\n<a title=\"Protecting email accounts\" href=\"http:\/\/gmailblog.blogspot.com\/2009\/10\/gmail-account-security-tips.html\" target=\"_blank\">http:\/\/gmailblog.blogspot.com\/2009\/10\/gmail-account-security-tips.html<\/a><br \/>\n(for GMAIL users but much of it applies to any email system)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Below are some recommendations for reducing the risk of malware infections to your PC or Mac.\u00a0 Many of these were discussed in the recent Staff Development Week presentation on &#8220;Immunizing Your Computer in Today&#8217;s Online World&#8220;. General Keep Patches Up to Date Operating system \u2013AND- applications e.g., Adobe Reader &amp; Flash, QuickTime, Java, etc. Use latest browsers with patches up to date &#8211; Currently (1\/12\/11):\u00a0 Internet Explorer 9, Firefox 9.0.1, Safari 5.1.2 &#8211; Don&#8217;t run Safari on Windows Use Anti-virus\u00a0 -AND-\u00a0 Anti-spyware Keep signatures up to date Run scans regularly Macs Too!!\u00a0 (Sophos.com has free A\/V for Macs under &#8220;Free &hellip; <a href=\"https:\/\/blogs.swarthmore.edu\/its\/2010\/01\/13\/tips-for-avoiding-malware-infections\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Tips for Avoiding Malware Infections<\/span><\/a><\/p>\n","protected":false},"author":41,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[112,113,96,97,12],"tags":[],"class_list":["post-285","post","type-post","status-publish","format-standard","hentry","category-email","category-facultystaff","category-security","category-software","category-tips"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/ph2nPL-4B","_links":{"self":[{"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/posts\/285","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/comments?post=285"}],"version-history":[{"count":25,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/posts\/285\/revisions"}],"predecessor-version":[{"id":306,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/posts\/285\/revisions\/306"}],"wp:attachment":[{"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/media?parent=285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/categories?post=285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.swarthmore.edu\/its\/wp-json\/wp\/v2\/tags?post=285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}