This blog is primarily concerned with NIS 2007 (and a bit on NIS 08). I have nothing to say about more recent versions.

This blog is more or less dormant (except for occasional comments on related news), and is being left on-line as a historical record and perhaps as a warning to future generations of anti-virus coders.

2008-06-22

Common sense malware avoidance

The risk that many people talk about these days is drive-by downloads.

This is where you visit a malicious website and they install malware with no action on your part by taking advantage of security flaws in your browser or in the add-ons. I've heard about these, but I've rarely seen them.

One commonsense avoidance technique is to avoid websites with cheap, disposable URLs. In other words, a website with a valuable domain name is much less likely to contain such malware than a website with a cheap, disposable domain name.

For example, www.XXX.com (where XXX can be whatever topic you want) is a valuable domain name and it's not likely to be sacrificed to infect a few victims' PCs.

On the other hand, www.XXX-936367.com (for example) is obviously an inexpensive, toss-away domain name and is therefore much more likely to be a malware site.

So before clicking on links, look at the actual URL and make this distinction. It's not fool-proof, but nothing is.

No comments: