How to Defend Against Malicious Websites

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
47 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:03
>> Moving on we want to talk a little
00:03
bit about malicious website,
00:03
and we have to really truly
00:03
understand the threat that the Internet presents to us.
00:03
We have to really understand that attackers
00:03
make hundreds of millions of dollars out of trickery,
00:03
out of persuading a user
00:03
>> to enter financial information,
00:03
>> to compromise their personally
00:03
>> identifiable information,
00:03
>> to disclose credit card numbers,
00:03
tricking them into installing malicious software
00:03
that might include a key logger
00:03
that records all your keystrokes.
00:03
The Internet is a bad neighborhood
00:03
and we have to be very careful
00:03
about the places that we go and the amount
00:03
of information that we put out there.
00:03
Many websites are out there that look
00:03
like a legitimate site and they
00:03
solicit information from you.
00:03
They may be setup to infect your system with malware.
00:03
My favorite used to be the pop-up ads.
00:03
You get a pop-up ad that says,
00:03
are you tired of pop-ups?
00:03
Click here to buy our software.
00:03
they're going to infect your system
00:03
and then sell you a solution to it.
00:03
There's a lot of money in that.
00:03
Browser hijacking.
00:03
You open up your browser and you're taken to a site,
00:03
no matter where you go,
00:03
you may be locked into that site or you may
00:03
be redirected page after page selling you something.
00:03
They're just a con of malware sites that are out there,
00:03
and we have to be very cautious.
00:03
I've talked about clicking on links
00:03
in email messages in the last section,
00:03
often those links will send you to a site that has
00:03
malicious content or is designed to install
00:03
>> something or modify something on your website.
00:03
>> Make sure that you have active antivirus software.
00:03
Stay away from those suspicious sites.
00:03
Stay away from these sites that aren't well known.
00:03
If you're being redirected,
00:03
which you get to another site if it's very
00:03
populated with free offers,
00:03
>> click here, download this
00:03
>> or another thing I find is that if I go to
00:03
>> a site and I can't
00:03
immediately find what I'm trying to do,
00:03
and it seems like every button I
00:03
click takes me to a commercial or some,
00:03
is probably site you need to get off pretty quickly.
00:03
Stay away from those sites.
00:03
Don't download files from
00:03
peer to peer networks or peer to
00:03
peer distribution sites like BitTorrent.
00:03
If you go back to [inaudible] at Napster,
00:03
>> where you connect and download music
00:03
>> from somebody else's computer.
00:03
>> You're basically taking a file from someone
00:03
unknown and you're running
00:03
it on your system. Not a good idea.
00:03
Connect to websites using HTTPS whenever possible.
00:03
That S stands for secure,
00:03
obviously it's a better choice than just HTTP.
00:03
Don't ignore security warnings.
00:03
Many times, I've seen users when they go to
00:03
a site using HTTPS as their protocol,
00:03
they'll get a little pop-up warning
00:03
and it'll say something like
00:03
the certificate authority is untrusted whatever.
00:03
People, lot of times will get
00:03
this message and their thought is,
00:03
what is the first button I can click on to
00:03
make this pesky security warning go away?
00:03
So I can hurry up and send
00:03
financial information over the Internet.
00:03
That's not really the best thought process
00:03
there. Take a look.
00:03
When you get a security warning
00:03
and you're on the Internet,
00:03
trying to do a secure transaction,
00:03
that warning tells you the transaction is not secure.
00:03
Back out, go to another site
00:03
>> that can provide you the security you need.
00:03
>> In the last item,
00:03
don't change your browser security settings
00:03
unless you're instructed to by
00:03
a member of the security team.
00:03
Browsers many time block
00:03
certain types of malicious code like JavaScript,
00:03
[inaudible], and some of those things,
00:03
that's designed to protect your system.
00:03
If you have a need to
00:03
change those settings or you think you do,
00:03
call your security team,
00:03
see if there might be a more secure option.
00:03
Always anything that you can do to
00:03
customize, run it by them first.
Up Next