Clicking on links is like hitch-hiking - you never know where you'll end upMonday, November 24th 2008 @ 6:03 AM (not yet rated)
Originally posted - May 17, 2007
Just to ad a little bit of confusion to the question of “Who are the bad guys and who are the good guys?”, there has been discussion of how some dangerous links are able to get into the Google Adwords ads on the right side (and sometimes first few search results) of a Google search results page.
Didier Stevens did an interesting experiment to demonstrate how easy it was for a malicious site to get an ad in a high position, where it might infect people with inadequate security on their systems if they click on them.
This goes to show that it doesn’t matter who you think you can trust. I have the following advice:
- Don’t click on links or attachments you don’t know anything about or aren’t expecting. Sadly, Google hasn’t kept on top of the ad links to make sure they are safe. So, even if a link looks legitimate, you should put some effort into checking out the reliability of Web links in Google ads that you may want to visit. Even links in emails can be disguised. Just because the visible part of a link says “www.paypal.com”, the link might actually take you somewhere else, and it won’t be so friendly.
- Make sure you are using an industry standard anti-virus and anti-spyware product on any PC you use. Some people think that Firefox browser is more bulletproof than MS Internet Explorer. This may be true, but no software is without bugs, and even with Apple Macs, there can be a first time for everything. Keeping subscriptions for anti-virus and anti-spyware up to date is essential, but not always sufficient. You need this kind of protection because we no longer live in a world where a virus infection immediately causes your system to go wonky. They can hide in your system indefinitely and just observe your actions, reporting back to the mothership once in a while. You may never know.
- Finally, if you really want to go into the wild and click on things that might be dangerous, make sure you have everything backed up from your system, and it’s always good to do it on a freshly installed operating system… then re-install the OS immediately afterward!
Seriously, links are not always what they seem. You have to treat them as if you are hitch-hiking. You just can’t be too careful.
If your organization is looking for innovative, cost-effective security awareness tools or training, please call or email me at the coordinates below; or CLICK HERE to learn more about Streetwise Security Awareness solutions.
The Streetwise Security Coach
Join the Streetwise Security Zone at:
Twitter ID: http://www.twitter.com/streetsec
To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.