When it comes to Internet security, what you think you know can hurt you.
A lot of what passes for common sense about this subject is just plain wrong—and often risky. Here’s a list of some mistaken beliefs that can get you ripped off or hacked, or your computer infected with something nasty.
Which of these apply to you?
1. I don’t worry because I’ve got security software on my computer.
Don’t drop your guard. Security software is essential, but it won’t protect you from every threat out there. Even the best security suite may fail to stop a new piece of malicious software that has been in circulation for too short a time to be easily recognized. If you’re still running the trial version of the security software that came with your new computer a couple of years ago without having paid for updates, that software has probably gone stale. Security software needs to be updated frequently. Free antivirus programs like Avast, Avira, and AVG may perform decently. But if you’re willing to pay $40 to $80 for more versatile products that include technical support, check out the free ratings of security suites at Top Ten Reviews, which are based on performance tests conducted by an independent lab.
2. No need to worry when I use my smartphone or tablet, because security risks are only for desktop and laptop computers.
It’s partly true: Malicious software is rare on Apple mobile devices and just a small threat on Android devices if you stick with apps from the Google Play Store or Amazon App Store for Android. But phones and tablets have other risks, namely that a stolen or lost device will be hacked into by a criminal, or that someone will tap into your communications when you use the device at an unprotected Wi-Fi hot spot in, say, a coffee shop or airport. To minimize the threats from a lost phone use the device’s built-in security features. To thwart Wi-Fi eavesdroppers, use your carrier’s 3G/4G connection or install a free VPN (virtual private network) like HotSpot Shield.
3. I can safely read any e-mail as long as I don’t open any attachments.
This is mostly true, but be aware: Researchers have discovered some HTML-enabled e-mails that delivered malicious software even if you don’t open an attachment. Don’t forget that just by opening a piece of spam e-mail you confirm to the spammer that your address is legit—and encourage more spam.
4. I’m safe visiting nearly any web site, because a site can’t infect my computer unless I knowingly download something from it.
Not true. Web sites can trick you into downloading malicious software via a technique known as a drive-by download. Not all security software is equally effective at blocking these downloads. In fact, I had a computer infected and crippled this way even though my antivirus was running at the time. This risk is a good reason to make sure you back up important files on your computer on a regular basis.
5. I’m sure my computer isn’t infected by malware, because the symptoms would be obvious.