If you’ve ever been up late browsing the web, you’ve probably stumbled on some sketchy sites. You start with a random, 10-year-old YouTube video, you head to the video comments section, and then you end up on a user’s profile, their official conspiracy website, and ultimately get bombarded with strange ads and popups for “the wildest celebrity deformities you’ve never seen!” Needless to say, we’ve all ended up on some dark, dark corner of the internet that’s made us question our life choices.
Strange as this may be on a personal level, you’ve got to be especially careful when browsing on a company device. If you or your business handles online transactions, data collection, or any other form of sensitive information, you should be especially wary of malicious websites.
What are malicious websites?
A malicious website is one that probably looks like the site you want, but which may have concealed code that runs once you arrive. The code kicks in stealthily and attempts one of three attacks:
- Extract information using a false interface
- Reroute whatever data you may have to a pre-specified recipient
- Try to access your device directly
- Attempt to install malicious malware or Trojans code, exposing you to even more threats
These four attacks will either directly steal data from you, or hack your devices in order to control them.
How can you identify malicious websites?
As scary as they may seem, you can easily identify malicious websites if you’re willing to use some common sense and follow these recommendations.
1. Know when they’re too good to be true.
If something is too good to be true, it usually is. There are thousands of websites out there that promise you the moon for absolutely nothing – prizes, rewards, free equipment, you name it, all for just a click or a form submission. Common sense should stop you immediately. Unless you’re on a reputable, credible site with the proper security certificates (including HTTPS), you should know something strange is up.
2. Follow tech news.
Every news source reports on any major security breaches, so keep an ear to the ground, keep up with tech news sites and you’ll likely know about any site causing substantial damage. Let everyone at your company know about the site(s), either in person or via email, so everyone receives the proper notifications.
3. Heed Google’s warnings.
Google loves to take care of its users. It’s constantly improving its user experience, so anyone using their applications or sites isn’t exposed to any unnecessary threats. Often, they’ll show you a warning before you land on a page they deem malicious, infected, or even suspicious.
If you’re given options to either hightail it back out of there or proceed at your own risk, then do so wisely. This isn’t a trick question – always make a U-turn and stay away from such sites.
Also, learn what their types of warnings are so you can make the best-informed decision.
4. Stay away from torrent and streaming sites.
Torrent and streaming websites offer free movies for anyone from any part of the world to download and enjoy. Although an illegal activity in most western countries, millions of people still go online and commit digital piracy to watch the latest movie or Game of Thrones episode.
But, apart from “stealing” copyrighted material and saving it on your business’ hardware, you are also exposing your network to malware. How do you think these streaming and torrent websites make money? They use aggressive advertising tactics and sometimes inject your browser or machine with malware that will either keep making their webpage your browser’s start page or, in worst case scenarios, will allow third-party software to sneak in along with their offerings.
Either way, accessing and downloading from torrent websites is not only illegal, but also a highly risky maneuver.
What can you do about it?
The best way to protect your business from dangerous websites is to do the following:
- Install a content filter that will keep people from accessing unwanted sites.
- Use the latest antivirus and anti-malware in your network.
- Increase your network security in general.
- Teach your staff about the harm they can inflict on themselves and their peers by browsing these sites.
Take these precautions and you should find yourself on the safe side of the internet, being productive, learning and occasionally watching the latest silly video.
