As has become obvious in the 11 years that I have been doing this weekly column, I get many of my ideas from Examiner readers and listeners to my radio show. This column is no exception. Just yesterday, I received a frantic request from a local attorney whose computer had been hijacked by one of the endemic rogue antivirus virus programs, Vista AntiVirus 2012. As I have written here previously, this is but one of thousands of similar programs, usually from Russia, that completely take over the computer, preventing most other software from running, killing the installed security software, and offering to clean up the hijacked computer for a fee ($29-$69). This is nothing more than international extortion, where the crook not just gets the proceeds from the credit card transaction, but then often posts the credit card information on a variety of illicit sites where credit card information is criminally bought and sold.
The rogue software itself, despite its “AntiVirus” or “Anti-Spyware” moniker, is nothing of the sort; it in itself is often a trojan that not just offers no protection, displays fictitious infection reports, may hijack the computer and steal banking information and address books, send out multitudes of spam e-mails under the user’s name, and launch cyber attacks on other computers as part of a zombie network. This rogue software is really nasty and protects itself from removal. In several previous columns I explained how to remove this rogue software using the portable version of SuperAntispyware, MalwareBytes, or a variety of bootable CD and flash drive based utilities.
As has commonly been used in a variety of contexts, prevention is superior to cures, and that applies to this rogue software, as well. Some of this rogue software is loaded by opening links or attachments in e-mails, often sent by known individuals whose own computers have been hijacked. A major vector of infection is by visiting otherwise legitimate Web sites that have had surreptitious code inserted into the valid code on the Web site, which may load the malware directly onto the victims’ computers. There are also millions of hijacked Web sites that have the illicit code embedded, with many thousands more hijacked every day. There are also millions of rogue Web sites that have been created explicitly for the purpose of infecting the computers of visitors who load those Web pages. As an adjunct, there are also millions of other Web sites that are hosts of scams, crooks, identity thieves, and other illicit activities that act as bait to ensnare a hapless victim.
Fortunately, there is a somewhat simple defense to most of these dangerous Web sites that, while not perfect, does provide substantial protection from these illicit and dangerous Web sites. The first line of defense should be the browser itself. All of the latest versions of the major browsers, including Internet Explorer (IE), Firefox, Chrome and Safari, include some degree of protection from malevolent Web sites and will warn users if they are loading a Web site that is known to be a phishing (identity theft) Web site, or otherwise known to harbor and load malware. Users of older browsers may be very vulnerable to such attacks, and this alone is often sufficient reason to always install and use the latest version of the chosen browser. Many of the comprehensive security suites (not just antivirus software) include some degree of browser protection that will warn of or totally block known dangerous Web sites.
For those with older browsers, inadequate security software or just simply want an additional layer of security while browsing, you may want to consider one of the free-standing freeware utilities that provides additional security while browsing. One of the most popular and highest rated browsing protection security utilities is WOT (Web of Trust), available for free from www.mywot.com . As I type this, WOT is approaching 30 million downloads! WOT works as a browser plug-in on most popular browsers, including Firefox, Internet Explorer, Google Chrome, Apple Safari, and Opera. According to the WOT Web site, “The WOT add-on shows you which Web sites you can trust based on millions of users’ experiences. Our safe surfing browser tool is easy-to-use, fast and completely free.” WOT will display a window over a suspicious Web site warning of the type and degree of threat, giving the user information whether to block the suspicious Web site, or to go ahead and load it. Since WOT uses community input from millions of users, there is an opportunity to challenge or request a change in a Web site’s rating. WOT also works in conjunction with Google, Bing and Yahoo! search engines to display the shown Web site ratings directly on the search results. Using an easy-to-comprehend red, yellow or green icon, WOT gives the community rating for each Web site listed. Simply moving the cursor over the colored icon on each search result will display relevant security details about the search result, including trustworthiness, vendor reliability, privacy, and child safety.
Another popular and well regarded free browser security scanner is AVG’s LinkScanner (linkscanner.avg.com), which is available for PC and Mac computers, and works with Firefox and Internet Explorer. Similarly to the other link scanners, AVG LinkScanner offers two basic types of protection from dangerous Web sites. “Surf-Shield scans pages behind their links before you click on them. It does the same thing every time you enter a Web address into your browser. If the page is infected, it simply prevents you from opening it. Search-Shield scans your Google, Yahoo! and Bing search results and places a safety rating next to each link, letting you know which sites can be trusted and which are to be avoided.” AVG LinkScanner is frequently updated, and can be configured to automatically update itself, or can be manually updated. This utility does not consume significant amounts of system resources, and has a negligible impact on computer and browser performance and speed.AVG is not the only major security software company offering free browser protection add-ons, as several other security software companies offer competing free products. Two others that are also very popular are TrendMicro’s TrendProtect (www.trendsecure.com/portal/en-US/tools/security_tools/trendprotect) and McAfee’s SiteAdvisor (www.siteadvisor.com ). TrendProtect is considered by many to be a top performing free browsing protection utility that has a database of billions of Web pages.
TrendProtect is a browser plug-in for Internet Explorer only (Firefox protection will be available in the future). It rates Web pages displayed in the Google, Yahoo!, and Bing search results based on unwanted content and hidden threats. It also provides information about any potential threats when a Web page is opened, and includes warnings of dangerous content, phishing, scams, and the reputation of the Web site.
McAfee SiteAdvisor (www.siteadvisor.com ) is one of the original browsing protection utilities, and has a loyal following. There are versions of SiteAdvisor for Windows, Mac, and Android devices. As with its competitors, SiteAdvisor displays a rating of the search results on the major search engines, as well as many of the lesser search engines. SiteAdvisor is compatible with Internet Explorer, and both the Mac and Windows versions of Firefox. McAfee claims that SiteAdvisor can rate more than 95 percent of Web sites for safety. SiteAdvisor can identify most Web threats, including dangerous downloads, a Web site’s e-mail practices and threats, hijacked Web sites that can hijack the browser, phishing, sites with a poor reputation, e-commerce vulnerabilities, annoying pop-ups and cookies, and the illicit connections and affiliations between dangerous Web sites.
Using one of these browser add-ons or plug-ins may allow the user to avoid sources of infection, such as rogue software, phishing attacks, scams, and other types of Web based threats. Since all of the above are free, and most will run on almost any computer and browser, there is no valid reason not to utilize one of these utilities.
Being protected from a threat may prevent an undesirable outcome; this is far superior to having to clean up the damage that may be caused by these otherwise preventable threats.
Listen to Ira Wilsker’s weekly radio show on Mondays from 6-7 p.m. on KLVI 560AM.