What Is More Dangerous Than Malware?

Most computer and Internet security articles focus on threats found ‘out there’ in the online sphere, or in the form of bad people with malevolent intentions. The danger is that they will get to you or your computer, and steal or damage. Most security measures focus on preventing such intrusions. But the greatest threat is not ‘out there.’ It is in you…

The Biggest Online Threat?
It IS you, in fact. You are human (no matter what your ex says), and have a human Mind (or enough of one to get by). Nothing is more capable of causing, or is more likely to cause you trouble. Yet the Mind is seldom the subject of information security articles. This is one of those rare reads.

“It ain’t what you don’t know that gets you into trouble,” wrote Mark Twain. “it’s what you know for sure that just ain’t so.” Almost every activity that a human performs, including most of what is supposed to be “knowledge work,” is done unconsciously; motions are gone through with blind faith that they will produce the same results they did last time. No attention is paid to what is right in front of you, in your hands.

That is why people click on links in emails that generally look like they’re from their bank; follow the instructions on what generally looks like their banks’ Web sites; and have their accounts emptied by bandits in Ukraine. Had you been paying attention, you would have noticed that your bank’s emails address you by name, not as “Dear Customer…” You would have remembered that your bank has told you, at the time you opened your account and many times since, that it will never ask you for your account password via email, and that you should always use a bookmark or type in the bank’s web address. But people do not pay attention.

It’s why people believe the “Nigerian prince” who promises that if you send him $5000 by wire transfer, he’ll give you half of the $15 million lying dormant in a secret bank account. It’s why lonely women send money to “international businessmen” they’ve never met, thinking they are helping to save the life of a dying son who desperately needs an operation. Kind-hearted people, especially the naive, the emotionally vulnerable, or the financially stressed ones, want to believe the best about others, even if it’s not rational.

It’s why people click into the dark corners of the Internet, or on flashing banners that say “You just won an iPad!” They believe that because they have McAfee or Norton AntiVirus, it will protect them from all possible cyber-threats. Of course, they don’t know that viruses can morph and propagate in minutes, but it takes days for antivirus companies to update their malware signature databases. They haven’t applied critical Windows security patches, or updated their Java software or Adobe Reader in years. Maybe they’re just lazy, or too busy. More likely, they’ve simply decided to trust the claims of the company that sold them the Internet security suite, and pay $49 a year for “peace of mind.”

“You Can Trust Me…”

Trust is the belief that you can predict behavior with an acceptable degree of confidence. It might be the behavior of a person, a computer program, a pet, or a website such as LinkedIn.com. Innumerable people have overestimated their prediction abilities with regard to people, programs, cars, pit bulls, “trusted service providers” and “trusted partners.”

Recently, a group of LinkedIn members filed a petition for a class action lawsuit against the company, attempting to convince a judge that savvy professionals such as themselves (just look at those glowing recommendations!) could not possibly have known that giving any website access to one’s emailcontacts is the same as handing over one’s family and friends over to multilevel marketers. Good luck with that, folks; like LinkedIn’s legal department says, “We believe the lawsuit is without merit.”

And there’s also a new obnoxious thing appearing on Facebook. When I click to accept a friend request, I am asked: “Do you know so-and-so outside of Facebook? YES or NO!” That’s not a friend asking if you know somebody with whom you just exchanged passing fist bumps. It’s a computer asking and then DEMANDING an answer. (Psst, you can click outside that pop up, and it will slink away.)

When you answer questions like that; when you willingly tell Facebook about the books and music you like, the movies you’ve watched, and your favorite TV shows; when you link your profile to all of your family, friends and business acquaintances; it’s Facebook using you for free to fill in the blanks of their highly marketable dossiers on over a billion people.

Why believe that?
Because that is how Facebook has behaved from the beginning, if you have paid attention. Mark Zuckerberg started Facebook by stealing copyrighted information and publishing people’s personal information without their permission. Of course, he and his official biographer don’t see it that way, but that is what history shows. Do not trust a person or a corporation to do other than what it has done in the past, despite what the legalese in the Privacy Policy says.

The three “A’s” of security are: Attention, Adaptation, and Action.
Pay attention to what is right in front of you. Adapt your Action to new or changed external behavior. Don’t blindly trust your antivirus software, click anywhere except where Zuckerberg tells you to, don’t click when you see “Dear Customer…”, or when you know in your gut that something smells fishy. Are you paying Attention to me?

This article was written by Bob Rankin. I would like to thank him and PC Pitstop for the great articles to help us get more in tune with they way we navigate around the Interweb….

Have a Great Week! Deuce Marjeta Operations Manager ZoHa Islands