How many of you have seen this commercial?
http://www.youtube.com/watch?v=rmx4twCK3_I
There is so much misinformation on the Internet and so much good information on the Internet too. Unlike a good library where you can do research and pretty much trust the sources, the Internet is replete with uninformed sources, rumors, lies, intentionally misleading sites, opinions, and millions of people online giving advice who simply don’t know what they’re talking about.
But the biggest and most dangerous lies on the Internet are the lies told by security companies who promise they’ll keep you safe. It’s not true. There is not a program, or a group of programs, nor any security suite that can keep you safe. Don’t believe me?
Most experts will tell you that to be safe you must install a good antivirus and keep it updated. They’ll tell you to use a good firewall. Some will tell you to install a good anti-spyware and keep it updated. They’ll tell you to keep your Windows updated and your software programs updated (especially Adobe and Sun Java). They’ll tell you a lot of things you should install or do to keep you safe, but all those things are not entirely true. Do you want proof?
Nearly 100% of all new computers sold in the USA have antivirus suites installed. And it is a fact that most of these are suites by either Norton or McAfee. And most are trial versions which expire. So all new computers — or just about all new computers — have antivirus, anti-phishing, anti-spam, and 3rd-party firewalls installed.
And most people either ante up for the security suites by Norton or McAfee or install a free antivirus like MSE, Avast, AVG etc. In so doing they remove the 3rd-party firewall and rely on the Windows Firewall — which is as good as any third-party application. And it’s estimated that about 80% of all computers now have antivirus installed – and all Windows computers with Windows XP or newer on them have the Windows firewall available. And most people, thinking they’re protected from just about all manner of evil, set off onto the Internet with a false sense of security — and because they think they’re protected, may throw caution to the wind.
Bad idea.
If, as security vendors claim, any program could really keep you safe, why are hundreds of thousands of computers compromised every day? Why are Internet users robbed of hundreds of billions of dollars each month? If all these security programs worked as advertised — computers wouldn’t be compromised and bank accounts wouldn’t be drained. No one would have their identity stolen and the Internet would be a very safe place. But it’s not. And no software in this world is going to keep you 100% safe, 100% of the time. And if you think it will then I have some beachfront property in Nebraska to sell you. Write me — we’ll set up a deal.
The only software you can depend on to keep you safe is the software between your ears — and then that only works if you know all the tricks. And one of the biggest tricks is hackers putting snippets of code on Web sites, that cause download links to lead to Trojans, Rogues or botnets that turn your computer into a zombie slave — sending out endless emails to whatever addresses the controller gives to the botnet — and all the while you have no idea what’s going on.
Why is there so much criminal activity going on on the Internet? It’s all about money — your money. Either stealing it directly, stealing your credit card information, stealing your identity, or as with the ubiquitous PUPs and toolbars we see so many of, turning your computer and your searches and your Web browsing into a money-maker for the companies — like IAC Corp. or Conduit, or Perion or any of the other seemingly reputable companies who can’t get enough money in their coffers without stooping to infecting your computer and turning it into a money mill for them by hijacking your home pages, your searches, your default search engine, indeed your entire Internet experience.
This will never end until the money ends and there seems to be no end to the number of advertisers willing to pay companies like these to show you ads – regardless of how underhanded their methods may be. And we’ve seen hundreds of Internet Explorer installations ruined by the sheer number of toolbars and hijackers foisted upon it by various software bundlers. We have seen Firefox and Chrome browsers seriously damaged. We have seen computers which barely run because they are so full of PUPs (a.k.a. Malware).
If security companies were honest they’d be telling you they can HELP keep your computer from becoming compromised — but there’s no single program or group of programs that is going to keep you safe, all the time… none. The only thing that can keep you safe is you. You are the key.
If we told you how to keep safe — really safe, at least half of you wouldn’t want to use your computers. You’d have to use a virtual machine inside of Windows — and you’d have to be willing to wipe out that virtual machine at the sign of trouble — losing everything you’ve installed — just to be safe. Using virtual machines (and we’re not talking about programs like Sandboxie or some other sandboxing program which isn’t a virtual environment — which runs in your Windows programs — whose contents can spill out and into your Windows computer. We’re not talking about Time Freeze, which is great for what it does, but still runs inside of Windows — we’re talking a true virtual machine — where the only thing that runs in Windows is the virtual machine player itself. And even this won’t keep you safe on the Web if you happen to input your password and usernames into carefully constructed phishing sites which look just like your bank’s. And it’s not going to protect you from yourself if you get a letter from your credit card company and it tells you to go to the bank’s web site by clicking this link and you do it — and you enter your current password and username on that counterfeit site.
Using the Internet involves risks – just like driving your car does. Car companies can make the cars safer, the government can force you to wear lap and shoulder belts, but you still have to drive the car safely or all those safety devices aren’t going to save your life if you drive off a 100′ bridge and fall into the rocky gorge below. Your car will be a pancake and so will you.
You have to minimize the risks you face while coming to understand that 100% safety cannot be guaranteed. Security software companies make promises they can’t keep — they exaggerate – and some outright lie. If they were vitamin companies, the FDA would make them change their advertising so as to be more truthful. While governments are busy hacking computers and robbing us of our last threads of privacy, they don’t do a thing to stop security software companies from flat out lying when it comes to how well they can actually protect your computer.
We’re not big fans of Norton, but we’re not picking on them here, we’re just using their Norton Antivirus web site to give you an example of promises made that cannot possibly be kept:
“Stop both today’s and tomorrow’s online threats.
Introducing the new Norton™ AntiVirus.Patented antivirus protection for your PC
Keeps you safe when you surf, shop and bank online
Protects you from social media scams
Stops both today’s and tomorrow’s online threats
Blocks infected and dangerous downloadsActively protects you from viruses, identity theft and social media dangers
Automatic, silent updates keep you one step ahead of new threats and those not yet invented…”
We have worked on thousands of computers since we started our Cloudeight Direct Computer Care computer repair service. And we have cleaned malware off many Norton-protected computers. Norton can’t keep you safe when you surf, shop, or bank online — though it promises it will. It cannot protect you from “today’s social media scams”, but they claim they can. How can they possibly say that they will protect you from tomorrow’s threats when they can’t know what those will be? This is like your doctor giving you an antibiotic and telling you that it will cure you and protect you from even unknown bacteria. It can’t do much of anything it promises to do, except perhaps protect you from most viruses — which most of you are never likely to encounter. And even then, it never hits 100% in virus detection –so it can’t really promise to protect you from all viruses.
But Norton isn’t the only company given to exaggeration and outright prevarication — many other antivirus and security software vendors play the same game.
It’s up to you — not some security vendor, to keep yourself safe. You do need a good anti-virus and good anti-malware installed and you do need to keep it updated. We think Emsisoft is the best because it can warn you when you about to install a bundler full of malware — and give you the option to let the installation continue or to stop it. If you let it continue despite the warning then you’ll have malware on your computer. But at least you’ll be warned. Emsisoft is at the top or near the top in every independent virus testing lab results we have seen. So it’s the best or one of the best anti-virus programs too — sorry Norton, you didn’t make the top five again.
You should keep your Windows updated and you should keep some of your software updated — like Adobe PDF Reader, Adobe Flash Player, Java and anything else that connects to the Web or connects through or works in your browser.
You should probably scan y0ur computer once a week with one of the many online scanners — but do so with the knowledge that some of these will show “tracking cookies” as malware — which they are not. I wish that was the biggest threat we ever had to deal with was so-called tracking cookies — if it were then none of you would ever be at risk.
Now, more than ever before, you really have to take your time and read installation dialogs. You have to really check out URLs before you click a link.
The other day we had received several emails about our start page not rendering right in Internet Explorer. I looked at it in Internet Explorer 9 and in Internet Explorer 11 (in Windows 8.1) but not in IE 10. So I went to download IE 10 — I typed in Google “Internet Explorer 10 download” and clicked on the first link — without checking the URL. Luckily, Emsisoft blocked the download because it knew it wasn’t from Microsoft. I was in a hurry. Not thinking and not ready. Fortunately, Emsisoft prevented me from a very embarrassing situation and saved me a lot of time – I’m sure — as I would have had to spend time removing the malware that I would have foisted upon myself simply because I clicked something without reading or thinking. (I installed IE10 – by-the-way, and I didn’t see anything wrong with our start page in IE 9, IE 10, or IE 11 –so I can only guess that those who were having issue had browsers which had been compromised with something or had custom security settings which prevented scripts from running. Our start page worked in all the versions of IE I tried it in — as well as with Firefox and Chrome.)
You need to be more careful now than ever before. The Web is full of scoundrels, some bearing the names of companies you trust. Don’t trust anyone. Do your research. Stop and think before you install software, read each installation dialog carefully, if you see that the installer wants to install something besides the software you downloaded, cancel the installation right then and there. Thinking you can simply uncheck the boxes next to the additional software to be installed and prevent it from installing is naive… sometimes unchecking boxes does nothing – the malware installs anyway..
Read the URL of the site you are visiting in the browsers address bar – make sure you’re on the site you think you’re on. Never click links in emails that look like they came from your bank, your credit card company, Paypal. or some other online financial institution. Fake bank sites and fake credit card sites and fake financial sites are forgeries done by talented programmers and web designers — they will look exactly like the actual site, and they only way you’ll know the difference is by taking ten extra seconds to look at your browser’s address bar and check the URL. And even then be careful http://microsoft-downloads.micorsoft.com is not a Microsoft site. http://bankofamerica.crogmagnon.com/ is not a Bank of America site. A key to remember — is this: rarely is a fake financial site use a secure server. Secure server URLs always begin with https:// not http:// . So if you look at nothing else look at the very first part of the URL.
It’s getting crazy out there. You need to be on your toes 100% of the time. Especially be on high alert when shopping online, doing online bill-paying, online banking, or when downloading software.
If there is one certain truth on the Internet it’s this: There will be someone waiting out there to trip you up and try to make money from you — either by tricking you into giving them money, stealing your money, or by using your computer to make them money.
It’s all about money. That’s another universal truth.
Be careful. Don’t believe everything you see on the Internet.
Bonjour!
Excellent article guys…you rock!
Excellent article. Thanks!
It is oh so true that no one is safe on the Internet any longer. I remember when using a computer was fun and relatively safe. Hummmm, maybe that’s what we old geezers and geezerettes mean when we refer to “the good ole days”? In any event, the only way to be truly safe on the Internet is don’t go on the Internet, or just simply unplug your computer. I don’t know about you, but I would go into Computer Withdrawal! Oooooooooooohhhhhhhhhhhhhhh!
Thank you! Appreciate you telling it like it is!
Thanks for a great article and how true! It is scary.
Thank you so much for this information… I thought I was being careful by watching everything that’s downloaded to ensure that no additional software is installed by unchecking the boxes! Further, I had no idea that a URL could start with http:// and will look closer from here on. You have taught me so much over the years and I’m still naive!
Have you our would you review iolo professional ?.
We’ll look into it, but most of IOLO’s stuff is “computer fixer-upper” stuff that really never works — but we’ll take a look.
Thanks TC this is such a great article I am so impressed with you and your knowledge and the help you offer to the simple folk like my self. I recently was given a lovely little MP3 from a young friend to use for myself
Without thinking attached it to my pc and was infected by all his music that somehow was loaded on the mp3. I have had a worm that has caused so much hassle so suggest scan anything that goes into the usb. Cheers and keep up your wonderful information avenue I love it…
Thank you for a great, in-depth article which is easily understood, and I will pass it on to family members and friends. I have a difficult task in trying to help them ‘stay safe’, and who is the first person they call when a problem arises. In all the years that I have been with you and Cloudie, and read every InfoAve Premium newsletter, never has there been a problem with the Info,Freebies Programs,Advice,Suggestions,NOTH,Start Page allsorts et al, and it is an honor to be a member of the few 100% honest and truthful sites on the Internet.
Use the noggin is still the best advice certainly you do not want to surf with out protection but it is never a cure all for being ignorant . Ignorant is not a demeaning word although many believe it is, all it means is you just do not know something. Inform your self about all the tricks they use and the best place I have found is this great news letter I am not rich but I do help from time to time and I would ask all to subscribe to this news letter it is well worth the cost. with out this letter many would be left to fend for them selves with out any ammo .
Pay pal has an un nerving way of sending you e-mails and wanting you to click on the link which is a no no I just go directly to their site to verify and never through the link in their mail , I have found their links are correct but it leaves a bad taste in my mouth to even think of using the link they provide. I spend the few seconds it takes to go to the site and log in proper, Just to make sure it is the right site .By the same token if I get a bank email that has links I get on the phone to the bank right away to verify and then go to the site and log in there and not through the link. It is these steps I have developed from Cloud Eight and I will live by them and I will lose no money God willing.