The Ten Most Dangerous Things Users Do Online

1. Clicking on email attachments from unknown senders
2. Installing unauthorized applications
3. Turning off or disabling automated security tools
4. Opening HTML or plain-text messages from unknown senders
5. Surfing gambling, porn, or other legally-risky Websites
6. Giving out passwords, tokens, or smart cards
7. Page 8: Random surfing of unknown, untrusted Websites
8. Attaching to an unknown, untrustworthy WiFi network
9. Filling out Web scripts, forms, or registration pages
10. Participating in chat rooms or social networking sites

1. Check the extension, or open it in notepad (hah! see my topic on that) if you're paranoid. Don't enable macros if it is meant to open in Word or related.
2. I hate to reply to that with another "unauthorized application", but Sandboxie ( http://sandboxie.com ) can protect against any viruses they may contain while still letting you use the program.
3. I don't see the point in these - I have a router which naturally acts as a firewall, and the only things my anti-virus has ever found are false positives. It likes to target programs like WinSock hooks and any program which has a few NOPs in a row, or code which modified other programs, or even perfectly safe programs packed with FSG.
4. That's not risky.

The worst you could get is scammed, and that's only if you're really gullible. Most email clients have protection against just about everything, from attachments to even images and links.
5. Risky if you open files with "dangerous" extensions, or if you install ActiveX controls or the like.
--
8. Firewalls up, and don't enter any password into any site unless it uses SSL and you have the public key cached.
If it doesn't have SSL and the public key cached, use SSH and proxy through your home PC (assuming you have *that* key cached).
9. ...the hell? If it's spam you're talking about, http://mailinator.com/
10. IRC is not dangerous, and social networking sites do their best to be secure.

Now all we need is people to be that bit more educated about what they're doing and what they're using.

Edited by Score_Under, 26 July 2009 - 09:29 AM.

great post. Never thought of tunneling through a VPN when connected to an unknown WiFi source.

I always chat on IRC. Doing that since 2004. Never caught any infection.

Dont look for these things on the internet:

Runescape cheats (Killed my old computer )
Video game Emulators
Runescape Hacks (Watch. Click the first website on google, and your infected )


And all the rest, those are things most people dont think of

Runescape Hacks (Watch. Click the first website on google, and your infected )

That's why you must have a good AV program:

Runescape Hacks (Watch. Click the first website on google, and your infected )

That's why you must have a good AV program:

I use Avast THANK GOD!

Avast isn't software. it is GODWARE

So basically you are saying we should just turn our computer off.

So basically you are saying we should just turn our computer off.

Nope. Just be a safe, protected, educated surfer.

Well, that list doesn't leave much left.

Granted I'm not your average user (I fix computers for a living)... I will go anywhere and everywhere on my pc with no protection. Granted, I'm smart about it. Hell, I was looking for something the other day and "thought" I might have found it... I knew it was probably rubbish though and checked it out on another PC and sure enough it was.

You can do most of those things, you just can't be ignorant about them.

2. Installing pirated software without scanning it first [should be another no brainer after all everyone uses pirated SW]

Malware writters are repacking their install packages so often that AV definitions can't catch them reliably.

2. Installing pirated software without scanning it first [should be another no brainer after all everyone uses pirated SW]

Malware writters are repacking their install packages so often that AV definitions can't catch them reliably.

I almost have to say "Thankfully" haha... it keeps me well employed. The only problem is making people understand that no matter what virus protection they have, they are still likely to get infected. They especially don't like to hear that after they just shelled out good money for something terrible like Norton 360.

Great list! Thanks for posting. I'll pass along to the wife so it's not just me telling her over and over what and where to be careful.

Old thread but I had to comment, use some common sense and surfing can be safe. I don't practice safe surfing but I haven't had a virus in years.
1) Ensure all your software (and OS) is patched, auto-updates haven't broken by system for a while.
2) Be aware of what's an application and what isn't, mybody.jpeg.exe is probably not good.
3) Run an anti-virus (not Norton)
4) Be aware if your computer is running slow it's probably your anti-virus (Norton)
5) Think twice before installing crap.

If you think its inportant -- back it up.

Great points... I'd also add to 2 that you should probably turn OFF "HIDE extensions for known file types" that is exactly what these types of applications are preying on. If you hide the .exe you will just see the .jpg and assume it's a picture and probably not make the correlation that you normally don't see the .jpg.

The main problem is computers are more often used for entertainment these days. No security product/combination is 100% guaranteed it is only you and your browsing habit