The Rockefeller University » Information Technology

Internet:
What are the hidden dangers?

Most users know that clicking e-mail or Web links can be dangerous. But, did you know that you can get infected just by visiting a Web page? Today's web-based attacks often blend several types of threats, some with multiple payloads, including keyloggers that record keystrokes (credit card information, passwords, etc.), as well as programs that upload your data to a remote site. In "Web drive-by" attacks, for example, hackers booby-trap Web pages with self-installing malware that infects your computer while you browse. Free toolbars are a common ruse for spyware, adware or other malware. Some fake toolbars imitate legitimate ones to fool users. But even legitimate toolbars can have security holes and be vulnerable to hijacking or other attacks.

Most users infect themselves by clicking unexpected or suspicious links in e-mail, IM messages or on questionable Web sites. Think before you click!
Anti-virus software is not enough to protect you from today's Internet threats. To help you avoid dangerous sites and content, download and install the free McAfee SiteAdvisor plug-in (www.SiteAdvisor.com) for Internet Explorer and Fire Fox browsers.
Cable/DSL routers such as those made by Linksys or dLink help to "hide" computers that are connected to the Internet. Use one if you have a computer on campus that cannot be patched (e.g. instrument machines) or a home PC that's connected to the Internet.

Anti-virus software is not enough. Learn what else you can do to protect yourself online.

Articles/Links

Videos

Help

Mac & PC security notes

Security Checklists & Resources

Security Checklist - Internet

How safe are you when you're online? Complete this checklist to learn what to watch out for.

I am currently using the most recent and most secure version of my web browser (Internet Explorer, Mozilla Firefox, or Safari).
(How do I check or update my version of Internet Explorer | Firefox | or Safari Web browser?

To help protect myself from scams, spam, hackers and other threats, I have downloaded and installed the free Site Advisor plugin for Firefox and Internet Explorer.
(What is Site Advisor?)

I've configured my Web browser securely.
(How do I configure my Web browser securely?)

I've tested my Web browser's security.
(How do I test my Web browser's security?)

I understand that advertisements on Web sites warning me that my computer can be hacked or fixed should be ignored; if I am concerned, I will contact the Help Desk at x8940.
(What are fake Web ads?)

When I buy online, I make sure sensitive information is entered only on secure pages.
(How can I tell if a Web page is secure?)

I use a router or wireless router to protect my Internet-connected home computer as well as campus computers on the RU network that cannot be updated or patched.
(What is a router?)

I changed the default password on my router/firewall to
(What are some guidelines for creating strong passwords?)

My password is:

__________________________________

If I use a wireless router, I've configured it to use Wi-Fi Protected Access 2 (WPA2) with a strong encryption password.

	I'm using WPA2 encryption (What is WPA2?) My key is: __________________________________
	I'm using WEP or WPA but understand that it is now obsolete and that I should switch to WPA2. (What is WEP?)

I've changed my wireless router/firewall's broadcast name (SSID or ESSID).
(How do I change my wireless router's SSID or ESSID?)

Security Awareness Checklists

Passwords - Macintosh OS - Windows OS - Anti-Spyware for Windows
Anti-Virus Software - Sensitive Data - Backups - Email - Internet - Identity Theft
Mobile Devices - Internet Cafes & Public Computers - Physical Security