Ismira Lutfia

About 70% of malware comes from legitimate websites, says one IT expert. (Photo: AFP)

Is Your Favorite Web Site Safe From Threat Of Malware?

The idea that malicious software could only be picked up by visiting some of the seedier corners of the Web is no longer true, says an information technology expert, who warns that some of your favorite Web sites are now being used to spread viruses and Trojan horses.

British-based IT expert James Lyne told the Jakarta Globe in an interview on Tuesday that about 70 percent of the malware received every day came from legitimate Web pages on the Internet, including news sites.

Malware is a general term for malicious software, including viruses, worms, Trojan horses and spyware.

“The grand majority of this stuff is not from porn sites or bad Web pages, it’s from good stuff, because that’s a far more effective way for social engineering users to hack it,” Lyne said.

He explained that social engineering is the term used to describe the tricks attackers use to fool victims into opening a malicious Web page or running an unwanted file attachment.

Lyne, who is the chief technologist at IT security and control firm Sophos, said hackers had even compromised antivirus sites because they were an effective place to distribute malware.

The growing popularity of social networking sites like Facebook and Twitter has made them a new target for hackers in their attempt to exploit systems to find new ways of infecting computers and stealing identities.

Hackers’ efforts are often aimed at tricking users into disclosing usernames and passwords, which then enables the hackers to send messages as internal users to further their acquisition attempts.

“Social media has special sets of risks in terms of social engineering and identity theft, but in terms of malware, we need to start treating it like any other Web page,” Lyne said, adding that Internet users, particularly those who have accounts on social sites, must be very careful when disclosing their personal details.

He said social networking sites posed a particular danger because the more that users were in contact with others via social networks, the more exposed they were to the threat of malware.

“It’s bad enough that you have to protect yourself, let alone the friends that you are connected with,” Lyne said, adding that 50,000 malware variants were reported every day, with the number rising dramatically each year.

“There’ll be more because we can’t see everything. That’s just the average of recorded ones. The reality today is that there is so much malware that you can’t provide protection for anything, it’s just not possible.”

Lyne offered some tips for protecting against malware attacks:

1. Block unusual file types such as those with more than one file-type extension.

2. Don’t forward chain letters, even if it offers rewards for doing so or claims to distribute useful information.

3. Never provide your e-mail address on the Internet, as spammers use programs that surf the Internet to find addresses in such places.

4. Use the bcc field if sending bulk e-mails, as all addresses are invisible to the receivers. This prevents spammers from harvesting e-mail addresses.

5. Use a different password for every site, so if you get compromised, only one account will be affected.

6. Don’t use personal information as passwords.

Your View

See Result