They're not the usual suspects... you may be surprised
The scariest sites on the net? They're not the ones you might suspect. Here's what to watch for and how to stay safe, in our list of the 17 scariest places on the internet.
Threat 12: Fake antivirus software that extorts money - and your credit card information
The place: Your inbox, hacked legitimate sites
Fake antivirus programs look and act like the real thing, complete with alert messages. It isn't until you realise that these alerts are often riddled with typos that you know you're in trouble.
Most fake antivirus software is best described as extortionware: The trial version will nag you until you purchase the fake antivirus software-which usually does nothing to protect your PC. Once you send the criminals your credit card information, they can reuse it for other purposes, such as buying a high-priced item under your name.
You can get infected with a fake antivirus app in any number of ways. For example, in drive-by downloads (see the previous item), a malicious payload downloads and installs without the user realizing it or having any time to react.
If you have to go there: If you get an alert saying you're infected with malware, but it didn't come from the antivirus software you knowingly installed, stop what you're doing. Try booting into Safe Mode and running a scan using your legitimate antivirus software.
However, such a scan may not clean up all of the malware-either the scanner doesn't have a signature for one fragment, or that piece doesn't act like traditional malware. This may render behavioural detection (which spots malware based on how it acts on your system) useless. If all else fails, you may need to call in a professional.
Threat 13: Fraudulent ads on sites that lead you to scams or malware
The place: Just about any ad-supported website
Hey - ads aren't all bad! They help sites pay the bills. But cybercriminals have taken out ads on popular sites to lure in victims. Last year, the New York Times site ran an ad from scammers, and earlier this year some less-than-scrupulous companies were gaming Google's Sponsored Links ad program and placing ads that looked like links to major companies' websites.
"The bad guys have become very clever at exploiting online advertising networks, tricking them into distributing ads that effectively load malicious content--especially nasty, scaremongering pop-ups for rogue antispyware," says Eric Howes, director of research services for security firm GFI Software.
If you have to go there: Most large sites have ad sales departments that work frequently with a core group of large advertisers, so it's probably safe to click a Microsoft ad on the New York Times site. But as the Google Sponsored Links incident shows, nothing is entirely fail-safe.
Threat 14 : Questionable Facebook apps
The place: Facebook
Facebook apps have long been an issue for security experts. You don't always know who's developing the apps, what they're doing with the data they may be collecting, or the developers' data security practices. Even though you have to approve apps before they can appear on your profile and access your personal information, from there the security of your data is in the developer's hands.
If you have to go there: Be selective about the apps you add to your profile - don't take every quiz, for example. Check your privacy settings for Facebook apps, as well: Click the Account drop-down menu in the upper-right corner of Facebook's site, select Privacy Settings, and then click Edit your settings under 'Applications and websites'. There, you can control which apps have access to your data, and which of your friends can see what information from apps (such as quiz results); you can also turn off Facebook apps altogether.
NEXT PAGE: 'Free electronics' sites
Comments
Hey Freddy said: Appened to me too Got in trouble couldnt get home got ill fell in de love was robbed and de worst of all got a virus in de laptop sos I cant send no more beggin lettersHow can such tings happen to me just when I was trying to get some help to get 10000000000027 out of de countryUnbelievable innit
Freddy said: Pat will you be sending most of it to your nice Nigerian friend that is in trouble and cant get home is sick is in love with you has been robbed etc etc
pat said: just received on outlook mail a letter from Microsoft Ltd Microsoft Campus Thames Valley Park Reading Berkshire RG6 1WG United Kingdom telling me I won 2million five hundred thousand Great Britton Pounds because my email is a winner
Contax said: Boss Hogg said on Monday 04 October 2010Im OK I never use the internetPlease let me into the secret as I am really puzzled I can not send or receive these messages without going on the internet
Contax said: You warn us about problems with Flash Cookies that can release our secrets but not how how do I remove the FLASH COOKIESI use Cclleaner 2 0r 3 times a day to try and keep things cleanMy Tip for Security always use an on screen keyboard when entering user names amd pass codes for any sites such as online banking as I understand the key loggers cannot monitor this and steal your details hope it helps somone keep safe
Boss Hogg said: Im OK I never use the internet
dremmy said: Here we go again Fear more profit for the corporations You have to laugh if people buy into this fear mongering crap Lol
What the hell is worng with yo said: Ive just come to this page from an email you sent which uses hideous URL redirects to track email conversions This can be done much easier with some clever use of analytics Secondly Your site is disgustingly awful There is more advertising on this site than actual content I will be removing myself from your lists and never coming back17 most dangerious places on the internet is not an acceptable title Its actually 17 of the most malicous activities on the internet YOUR SITE PC ADVISOR is the 18th most dangerous place on the internet Enjoy this comment and goodbye
tim burke said: shoot dem all
tim burke said: shoot dem all
RSebire said: Adware Bots search for open ports data minners find memmory access paths and injecting unsecure code is done as a polymorphic trojanNo real way to protect against Denial Of Service attacks tooVirtulisation is recomendedOh and watch out for analogue servers as they are untaceable