11 hidden security threats and how to stop them

Antivirus software and a firewall alone can't guarantee your safety

Do you know how to guard against scareware? How about Trojan horse text messages? Or social network data harvesting? Malicious hackers are a resourceful bunch, and their methods continually evolve to target the ways we use our computers now. New attack techniques allow bad guys to stay one step ahead of security software and to get the better of even cautious and well-informed PC users.

Don't let that happen to you. Read on for descriptions of 11 of the most recent and most malignant security threats, as well as our complete advice on how to halt them in their tracks.

Shortened URLs

Most tweets, and lots of other electronic messages, include links that have been shortened by services such as Bit.ly, Tr.im, and Goo.gl. The URL aliases are handy, but they pose a risk, too: Since short URLs give no hint of the destination, attackers can exploit them to send you to malicious sites.

Use a Twitter client: Programs such as TweetDeck in­­clude options in their settings to display previews of shortened URLs. With such a setting enabled, clicking a shortened URL within a tweet brings up a screen that shows the destination page's title, as well as its full-length URL and a tally of how many other people have clicked that link. With this information at your disposal, you can make an in­­formed decision about whether to click through and visit the actual site.

Install a URL-preview plug-in: Several Web browser plug-ins and services perform a similar preview function. When you create a shortened address with the TinyURL service, for instance, you can choose an option to create a preview version so that recipients can see where it goes before clicking. Conversely, if you're considering visiting a TinyURL link, you can enable its preview service to see the complete URL. For the TinyURL previews to work, though, you must have cookies enabled in your browser.

ExpandMyURL and LongURLPlease both provide Web browser plug-ins or applets that will verify the safety of the full URLs behind abbreviated links from all the major URL-shortening services. Rather than changing the shortened links to their full URLs, however, ExpandMy­URL checks destination sites in the background and marks the short URLs green if they are safe.

Goo.gl, Google's URL-shortening service, provides security by automatically scanning the destination URL to detect and identify malicious Websites, and by warning users when the shortened URL might be a security concern. Unfortunately, Goo.gl has limited ap­­plication because it works only through other Google products and services.

Data Harvesting of Your Profile

Some of the personal details that you might share on social networks, such as your high school, hometown, or birthday, are often the same items used in "secret" security questions for banks and Websites. An attacker who collects enough of this information may be able to access your most sensitive accounts.

Check your Facebook privacy settings: After signing in to your Facebook account, click Settings on the menu bar and select Privacy Settings.

Facebook's privacy settings allow you to choose who may see various personal details. You can hide your details from everyone but your Facebook friends (our recommendation), allow members of your networks to view your details as well, or open the floodgates and permit everyone to see your information. In addition, you can set the privacy level for each component of your profile--for example, your birthday, your religious and political views, the photos you post, and your status updates.

Don't accept any friend requests from strangers: From time to time you may get a friend request from someone you don't know. If you're serious about protecting your personal information, you shouldn't accept such requests.

Share with caution: Consider removing valuable information such as your birth date and hometown from your profile. You should also think twice before participating in Facebook quizzes and chain lists--though it seems innocent and fun to share your favorite breakfast cereal, the first concert you attended, or where you met your spouse, an attacker armed with enough of these tidbits can assume your identity.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tony Bradley

PC World (US online)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?