Malicious code is everywhere on the Internet. Sometimes, it’s so well-concealed by social engineering and other nefarious practices that it makes it hard for the untrained eye to see through its deception. But how can you avoid downloading malicious code when cyber-threats are hidden in plain sight?
In my previous articles on the topic of malicious code, I discussed what malicious code is through the lens of seven common examples, then established what malicious code can do in the eventuality of an attack.
In today’s final installment of the malicious code trilogy, I will help you answer what is perhaps the most pressing question at hand: how can you avoid downloading malicious code? So, if you want to find out nine useful security tips that will help you keep malware out of your corporate network, then keep reading.
How Can You Avoid Downloading Malicious Code? 9 Tips
#1 Avoid Browsing Unsecured Websites
Unsecured websites can easily become the home of viruses, worms, Trojans, or other forms of malware. For this reason, not browsing them is a good Internet hygiene practice that will most likely save you a world of troubles later on. I would go as far as recommending that you include it as a stipulation in your company’s employee-facing policy.
But how can you know which websites are secure and which aren’t? You (or your employees) can recognize a secure website by its https:// application layer protocol, such as in the case of our very own https://heimdalsecurity.com/. This means that the website has an SSL (Secure Socket Layer) certificate that guarantees it is safe to browse. Websites with the once-standard http:// application layer protocol are no longer considered secure.
SSL certificates consist of a private and public encryption key pair. The two work together to establish a coded connection that cannot be intercepted by malicious third parties. The SSL certificate is installed directly on the webserver, creating a foundation of trust in any online interaction based around it.
#2 Filter Traffic at the Level of the DNS
Avoiding pages that don’t boast the https:// in their link and teaching personnel to do the same is a good place to start when trying to steer clear of malicious code. However, not all unsecured websites are born bad, just like not all secured websites are inherently safe. This is increasingly common because advanced forms of malware such as the polymorphic variety are built to evade traditional security solutions.
To make sure that no malicious domains fall through the cracks by parading as being safe, I recommend implementing advanced content filtering for HTTP and HTTPS, as well as at the level at the DNS, to both your network and your endpoints. Here is where our Heimdal™ Threat Prevention cybersecurity solution comes in.
Antivirus is no longer enough to keep an organization’s systems secure.
Thor Foresight Enterprise
Is our next gen proactive shield that stops unknown threats
before they reach your system.
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Automatic patches for your software and apps with no interruptions;
- Protection against data leakage, APTs, ransomware and exploits;
Heimdal™ Threat Prevention is available in both Network and Endpoint modules. Powered by proprietary DarkLayer Guard™ & VectorN Detection technology, it not only actively hunts threats, but also detects, prevents, and blocks them, stopping malicious code injection in its tracks.
#3 Identify Malicious Links Before Clicking
Malicious code is often contained within malicious download links. Therefore, how can you avoid downloading malicious code in this case? The answer is straightforward enough. You should always examine an URL closely before clicking on it, and teach company personnel to do the same.
Verifying whether a link is malicious or not is a simple process. All you have to do is hover with your mouse cursor over it and see whether it leads to the websites it claims to, or if it’s attempting to redirect you to a suspicious domain. If the URL seems kosher, make sure to double-check. Keep an eye out for minor spelling errors or other alterations designed to mislead you.
#4 Pass Up on Downloading Free Software
Free software sometimes goes hand in hand with malicious download links. While many great programs are available online without additional costs, if something seems too good to be true, it probably is. Did you find a website claiming to offer an amazing piece of software, that otherwise comes with a price tag, for free? Did you receive an email with a download link from a suspicious website? Don’t fall for it.
This can happen to either you or a member of staff for your organization as part of an intricate phishing campaign, or even at random while browsing online. So, how can you avoid downloading malicious code from free software? A good rule of thumb is to verify whether the application you are trying to install comes from a secure website or not. You can find more on that in the section dedicated to tip #1.
#5 Do Not Engage with Suspicious Emails
With 85% of all organizations having been targeted by a phishing attack at least once, it’s better to be safe than sorry. A common type of cyberattack, phishing usually consists of malicious spam emails, or malspam for short.
Malspam campaigns rely on social engineering practices to deceive you into engaging with them, either by clicking a link, downloading an attachment, filling in a form, or simply replying to the conversation. Don’t do any of that. Malicious code might be waiting for you around the corner.
Nonetheless, it is your responsibility to ensure that your employees are familiar with ill-intentioned online practices such as phishing. My recommendation is to integrate cybersecurity education into the workplace as soon as possible, so that staff members will, first of all, know how to recognize a suspicious email when they receive one.
#6 Use an Advanced Email Security Solution
At the end of the day, cybersecurity education can only get you so far. While nothing beats the power of information, training simply cannot account for human error caused by fatigue, multitasking, and other oversights. For this reason, I recommend using an email security solution as well. Heimdal™ Email Security is an advanced spam filter that reinforces your company’s systems with revolutionary malware protection vectors.
Email communications are the first entry point into an organization’s systems.
MailSentry
is the next-level mail protection system which secures all your
incoming and outgoing comunications
- Deep content scanning for attachments and links;
- Phishing, spear phishing and man-in-the-email attacks;
- Advanced spam filters which protect against sophisticated attacks;
- Fraud prevention system against Business Email Compromise (BEC);
Offer valid only for companies.
Amp up your email security with Heimdal™ Fraud Prevention, a groundbreaking communications protection system that alerts you to fraud attempts and business email compromise (BEC). When paired with our suite of cybersecurity solutions, it continuously monitors messages to detect malicious emails and false claims. This eliminates doubt and strengthens your company’s digital defenses.
#7 Block Pop-Up Ads (and Ads in General)
It’s no secret that pop-up ads are one of the most annoying forms of publicity. To add insult to injury, some of them also contain malicious code, which means that clicking on them might infect devices with malware. And while not all pop-ups are dangerous, blocking them on all devices in a corporate setting is a beneficial clause to introduce in the company security policy.
Some browsers, such as Google Chrome, offer the option to block pop-ups and redirects in their Settings menu. As far as third-party tools are concerned, AdBlock Plus is a great option that is also free and open source. It allows acceptable ads are by default to support websites while stopping irrelevant or disruptive messages from being displayed for a cleaner and safer browsing experience.
#8 Apply Software Patches Immediately
Unpatched software and outdated system applications are more dangerous than you think. Considering how regular updates aim to close security gaps, not installing them on time might leave your organization exposed to online dangers.
In fact, this happens a lot more often than you’d believe. According to cybersecurity expert Roger Grimes, unpatched software accounts for 20 to 40 percent of breaches, surpassed only by phishing which it sometimes works in tandem with. For this reason, applying patches and updates immediately is essential to the cyber-health of your business.
Needless to say, this can become quite disruptive to your employees and their daily activities. Fortunately, we’re here to help. Heimdal™ Patch & Asset Management deploys software updates automatically based on your pre-configured policies. An automated patch management solution, it requires no manual input whatsoever and silently installs them on your endpoints as soon as they are released.
#9 Install an Antivirus and Firewall
Antivirus software was first created in 1987, five years after the first computer virus made its way into the wild. Its main responsibility is to scan files for malicious code and protect devices from malware in the process. When coupled with the malicious traffic blocking capabilities of a firewall, it is a well-established cybersecurity solution with multiple benefits.
Nonetheless, with so many advanced options available on the market nowadays, my recommendation is to go for a next-generation antivirus (NGAV) instead of separate antivirus and firewall software. NGAV is a holistic and modern cybersecurity solution that blends the benefits of traditional antivirus with the protection offered by a firewall, as well as other additional tidbits that will amp up your protection. One example of how this works is our very own Heimdal™ Next-Gen Endpoint Antivirus.
While traditional antivirus detects already known strains of malware only, NGAV adds backdoor and sandbox analysis together with behavioral expertise to not only block familiar threats but also predict new ones. With leading endpoint detection and response (EDR) and firewall integration, Heimdal™ Next-Gen Endpoint Antivirus brings truly proactive protection to your corporate environment under one accessible dashboard.
So…How Can You Avoid Downloading Malicious Code?
How can you avoid downloading malicious code when browsing online? With the right cybersecurity knowledge and practices, as well as a dependable suite of solutions, staying safe on the Internet will come easy. As always, Heimdal Security can help you with the latter. If you want to know more about what tools from our product line are best suited for your needs, as well as those of your company, don’t hesitate to contact us at [email protected].