There really are many ways, so this question is a little ill defined too general.
Just try a simple google search for the title of your topic and you will see, one to look out for are google search results, some aren’t all that they are made out to be. Bad people can salt the results to take you to a site that seeks to do what it is you are trying to avoid, sneaky little sods.
So you need the WebRep and or WOT, to give you an idea of a sites rep, The number two hit in these results has a RED WOT ranking.
Basically any infection technique, could be used to get their hooks into your system and take it over. So it is no different to protecting your system from infection keep your OS and security software fully up to date; have a healthy dose of common sense and suspicion; have a robust backup and recovery strategy.
Mostly it would be from driveby attacks from either malicious or hacked sites redirecting you to a site to run a script and that payload could be almost anything.
That is why I run my browsers under DropMyRights (on XP), which limits the potential damage, I run firefox with NoScript and RequestPolicy add-ons to block scripts on the page or cross site scripting, unless specifically allowed.
That really puts a dent in the ability to infect you, added to that you obviously have the web shield and network shield that provide good protection against malicious scripts, hacked sites, redirections, etc.
Thanks DavidR. Yes, the question is very general, but it is a starting point.
I see users posts all the time, that state their OS is under control by outside forces and am always suspect/curious as to how these trojans/worms whatever get control.
I Google everything I am investigating, just thought I would get some further insight from the long time security minded professionals like yourself and others that support this forum
In most instances, it’s the user that let’s the hacker in.
Usually by the time they realize that they have made a mistake, it’s already to late.
The door has been opened and the fox has already been let into the hen house.
The scam that I’ve run into most is the fake security scan:
Something most of us have seen more than once. But, it keeps working on the novice
computer user. They can’t get over how in a few seconds, this security scan
was able to find so many infections when their own security software never showed anything.
It must really be something great so, they install it and let the devil in.
While doing my presentations, I’m always amazed at how many people are shaking their heads
when I ask if they’ve ever run into something similar and how they handled it.
Many of them actually installed this malware and then wound up paying to get their computers cleaned.
We all know that no protection is fool proof so the possibility of getting infected even
for the most careful person is still possible. Most users who err on the side of caution,
are far less likely to become infected than those that are click happy.
Hey Bob, and so very true. I’ve run into the Security Rogue (Scam) a couple of times in my travels on the net and I’m sure many get caught.If your not click happy and don’t panic,you can easily exit these phony alerts. These kind of ‘attacks’ are, I think among the more obvious or “in your face” attacks. The attacks that concern me, and more then likely, many security contious folks, are the behind the scene attacks. I’m a novice at security “holes” but I am most concerned about the bad stuff piggy-backing on legitimate program updates/Files that have been downloaded and how best to secure/detect against these attacks.It’s a war out there :-
Thanks
Thanks for the input. ;D
When talking about ‘Script’ it is the Java Script you’re referring too??
When setting up Firefox, in Tools/Options, I only see reference to Java Script. :-
Have not used Firefox in a long long time, so trying to get re-acquainted
Thanks DavidR. It didn’t take long, I figured out the Firefox add-ons you referred too and took them on. ;D
I see how these add-ons definitely increase security/privacy.
Whilst the NoScript isn’t too bad, you have to be pretty dedicated to your security with RequestPolicy as the number of 3rd party sites that have data imported (or scripts run) on sites now can be excessive.
If you had read the posts in relation with the image, it would have given you a clue (talking about firefox add-ons); had you looked closer at the image it is in the firefox window, add-on bar (not windows, notification area), instead of jumping to conclusions. It is for NoScript, what he was talking about.