By now spam and viruses ought to be a thing of the past, but instead malicious software is becoming increasingly dangerous and prevelant. The creation of malware outnumbered the release of legitimate apps for the first time during the second half of 2007.

Phishing attacks are on the increase and many popular sites are being compromised and forcing malware onto unsuspecting users. Social networking sites such as MySpace and Facebook are spreading malware almost daily while dangerous rootkits can go undetected.

Spammers are able to circumvent the account signup ‘CAPTCHA’ tests and inject spam directly into Hotmail and Gmail.

If you aren’t careful, even experienced users can fall foul of malware at any time, it can be as easy as innocently clicking on an image search.

It can be scary, but following these tips should keep you out of trouble.(This section assuming you are a Windows user).

  1. Make sure you have decent anti-virus installed. I recommend Kaspersky AV. Yes, you do have to pay for it and yes, it’s worth it.
  2. Make sure it is kept up to date.
  3. Turn on Automatic Windows Updates
  4. Install Firefox. Not only is it more secure than Internet Explorer, but it’s faster too.
  5. Install the NoScript Firefox Add-On. This prevents JavaScript from running when you visit a site, unless you explicitly allow it. This protects you from most of the current slew of IFRAME attacks.
  6. Install Adblock Plus too - this is not strictly required but it removes the annoying ads without fuss :)

Finally, here’s a little tip to ensure you don’t fall foul of DNS hijacking via rogue DNS servers (this works for Mac and linux users too). DNS hijacking is not new, it has been used by malware authors since 2003 but in the age of phishing and pharming it takes on increased risk.

This assumes you have a DSL or cable router and can change the settings - and you know your way around network settings.

  1. Find out what your ISPs DNS servers are. They probably sent you this information in your welcome email, if not it’s probably in the Support section of their website.
  2. On your router, change the DNS server section to point to your ISP’s DNS servers. Change this from ‘automatically acquire settings’ or ‘DHCP’ if it was set to use that.
  3. Change your PC’s network settings to use your router for DNS lookups. Use the router’s IP address (typically in the range 192.168.x.x or 10.0.x.x)
  4. Add a rule in your router to block all outbound DNS traffic from your local network. This means that if your machine is compromised and something manages to change your DNS server settings, all your DNS requests will fail and result in ‘page cannot be found’ errors. It might pay to remember this, so you don’t end up calling your ISP’s tech support ;)

Note that this approach doesn’t prevent modifications to your HOSTS file, but Kaspersky and other AV products should warn you if something tries to change it.