Thursday, November 02, 2006

How to Avoid Suspicious Web Sites

Learn to avoid online trouble before it's too late.
By Jessica Dolcourt for Download.com



No matter how you arrive at an unsafe Web site, much can go wrong when you do. Phishers will attempt to coerce you into disclosing sensitive information--such as your address and social security number--and adware engines may sprout pop-ups over your screen like a field of clover. Thankfully, you can learn to avoid trouble before it's too late. Here are nine telltale signs you're headed for dangerous waters, with tips to keep you firmly in the safety zone.
Nobody's perfect, and while these nine tips should help you avoid many dangerous sites, other online threats are more subtle. Two tools can assist in warning you about dangerous sites. McAfee SiteAdvisor assesses the hazards of sites you visit, and is available for SiteAdvisor-for-Firefoxor Internet Explorer. Online Armor scans sites in real time based on traceable patterns of malware behavior.
Also, our Security Starter Kitpresents an excellent set of tools to provide a solid foundation of defense against potential threats.

Sign 1: Pop-up city
You click a search result and are suddenly bombarded with no fewer than 10 porn pop-ups. Back out immediately by either clicking the X in the upper-right corners of the windows or by pressing Alt+F4 to close your browser. Then run a malware scanner and remover to assess and fix the damage. Many pop-up blockers are available for Internet Explorer, and both Firefox and Opera include blocking features.

Sign 2: Where's the EULA?
You're about to sign up for or purchase a service and aren't prompted to accept an end-user license agreement (EULA), nor are you offered a privacy policy to view. Shady site proprietors often disclose their intentions in the privacy policy or EULA, so you should always read carefully! The free tool EULAlyzeris a great help because it analyzes license agreements and notes any unusual or possibly dangerous language.

Sign 3: Excessive firewall alerts
Your firewall repeatedly alerts you to file extensions you don't recognize and other suspicious anomalies. Once you've set your firewall to allow your most common programs, any alert should be taken seriously, and a number of warnings should be a red light something is amiss. If you're not running a firewall, get one right now

Sign 4: E-mail links phish for information
You follow a link embedded in an e-mail and arrive at a site that asks you to provide security information for an "important update." Contact the company for verification before taking any action, and check the Federal Trade Commission's alert board

Sign 5: The site's URL and e-mail don't match
Any case in which a site's URL doesn't match the contact's e-mail address should raise an alarm. Most legitimate companies provide their employees with a corporate e-mail account. This doesn't mean, however, that you can automatically trust sites where the two align. Illegitimate companies can purchase domain names as easily as legitimate companies.

Sign 6: Are you secured?
If a site prompts you to enter personal information, such as a username, password, or credit card number, check the browser window. Unless the site is secure--that is, unless the address starts with https: and a closed padlock appears at the bottom of the window--your information is ripe for theft.

Sign 7: Check teh speling
Developers and engineers may have a bad reputation when it comes to grammar, and that's why most companies hire wordsmiths. Be wary of a site chock-full of grammatical and spelling errors. That includes the Web address--there's a world of difference between http://www.yahoo.com and http://www.yhoo.com.

Sign 8: Nested links
Does the site forward you to a completely unrelated site when you land on it? If nested links progressively take you to other sites, the host may be trying to pull a fast one.

Sign 9: Ridiculously large gifts
If a free gift offer seems too good to be true, it probably is. You don't get a $500 gift certificate for doing nothing. Most often you'll have to provide personal information, download something compromising, engage your friends in a pyramid scheme, or all of the above. Even after you read the EULA, beware--the free iPod site that originally received positive press was recently sued in New Yorkfor violating its own stated privacy policy.

No comments:

Digg it !