Browsers Security

Understanding How to Stay Safe Online in 2016

Gavin Phillips 29-06-2016

I don’t know about you, but I’m no longer surprised when I hear of a massive data breach What You Need To Know About the Massive LinkedIn Accounts Leak A hacker is selling 117 million hacked LinkedIn credentials on the Dark web for around $2,200 in Bitcoin. Kevin Shabazi, CEO and founder of LogMeOnce, helps us to understand just what is at risk. Read More . Hundreds of millions of personal account credentials have been stolen in 2016 alone, and we’ve seen a 29% increase in data breaches since 2013. The number of new malware variants detected consistently rises, and we see increasingly sophisticated permutations of dangerous code affecting home users, businesses, and industry alike.


Yet we still find some users blindly wandering the Internet with the bare minimum of protection installed, almost willing malevolence into their computer. Why is this? Are there conflicting opinions confusing us as to the best security practices for our home computers? I’m going to examine a couple of commonly misconstrued security statements I’ve heard, and help you make the right security decisions.

I Only Use “Nice” Websites

Here, I am talking about the way you use the Internet. How you negotiate websites, your awareness of basic and common scams, and where you’ve an increased exposure to malicious behaviour that you can easily negate.

There are obviously numerous sites associated with malicious activities, drastically increasing the potential of your system picking up something unwanted. Logic tells you this list includes pornography and other NSFW content 5 Ways Visiting Adult Websites Is Bad for Your Security & Privacy While pornography is often discussed in the context of morality, there's a huge security-and-privacy angle that is often overlooked. If you know what to look out for, the safer you'll be. Read More , warez, keygen, and cracking sites, piracy sites offering free downloads of popular subscription content, and so on.

While this type of thinking is certainly correct in some ways, intelligent purveyors of malware realized long ago that this just wouldn’t serve enough malware to enough individual systems to make their efforts worthwhile. Instead of porn, malware moved to international shipping logistics. Instead of free film downloads, malware moved toward niche food and drink blogs.

Cisco Malware Theats by Sector


You’ll see from the above Vertical Risk of Web Malware Encounters figure that in 2014 websites relating to the pharmaceutical and chemicals industries were far more likely to provide a malware encounter than when visiting a website relating to utilities.

To clarify: an encounter is when malware is detected and blocked, rather than a straight up compromise, where a score of 1 represents an average risk to users. The below image illustrates malware encounters by region.

Cisco Malware Threats by Sector and Region


Recent years have seen malefactors take advantage of the dynamic content delivery systems supplying much of the advertising to the myriad websites we visit. Instead of hosting the malware on the website itself, the malware is “hidden” in the advertising. Malvertising campaigns are a persistently growing threat.


What Is Malvertising Malwarebytes

Vadim Kotov, Senior Security Researcher at Bromium, estimates that “last year alone, there were malvertising attacks on more than a quarter of the Alexa 1,000,” many of which were silently infecting hundreds of thousands of computers around the world. A separate report released by Cyphort (report requires email sign-up) claims that malvertising infection rates rose by 325% from 2014 to 2015, as more and more malware developers seek to cash in on the expansive new market.

Malvertisements present a new issue What Is Malvertising and How Can You Prevent It? Malvertising is on the rise! Learn more about what is it, why it's dangerous, and how can you stay safe from this online threat. Read More that many popular premium and free antivirus solutions are only just beginning to wake up too, so it lies upon other security practices to stop these issues before infection.

Antivirus Doesn’t Do Anything Anyway

This has to be one of my favorite statements. Or this parallel: “Antivirus software doesn’t catch actual viruses. What it does is increase your level of paranoia, slow your computer down, and stop you using it effectively.” It is a commonly cited opinion, but fundamentally misguided when weighed against factual evidence, the testimony of thousands of experts, and the actual reports of billions of users.


The problem can lie with incorrectly configured antivirus software, or perhaps antivirus that has not been kept up to date. Similarly, another old (but really horrifically wrong) antivirus adage is that of using multiple software suites to build a super-antivirus wall, when literally the opposite is true.

Antivirus cannot catch everything 3 Things Your Antivirus Doesn't Take Care Of Antivirus softwre should be installed on every computer, but what doesn't it take care of? Which aspects of your antivirus could leave you or your business exposed, even when you've installed and updated? Read More , and there is no software suite in existence with a 100% detection and removal rating. Why? Because viruses are constantly evolving! Just like their biological counterparts, their creators tweak and modify code to maintain their chance of sneaking in, under the radar.

So What Do I Do?

In 2016, it isn’t about having a single solution. It is all about optimizing your security applications to provide maximum coverage, and there is no single security application that will keep you 100% safe.

We are lucky in that while there are a seemingly gargantuan number of threats attempting to get in, we’ve enough options to build an excellent defensive wall around our computers. But while your antivirus is good at catching certain attacks, you need another line of defense before that. You’ll need:



You need a good antivirus. Numerous free options are available The 5 Best Free Internet Security Software for Windows Need antivirus, anti-malware, and real-time security? Here are the best free internet security software for Windows. Read More , or you can spring for a premium option if you so desire.

Sophos Home is looking like a good choice at the moment, regularly receiving high scores for malicious URL blocking and antiphishing, as well as good scores for general malware and virus detection and removal.

Avast Free Antivirus 2016 also scores highly at a range of independent labs, with almost universally high scores in malware blocking, malicious URL blocking, and antiphishing. Avast also comes with a range of bonus features, such as a password manager, but not all of these features are fully effective.

Your Windows installation does come with Windows Defender, and the latest iteration for Windows 10 The Best Antivirus Software for Windows 10 Want to tighten security on your PC? Here are the best antivirus software options for Windows 10. Read More has scored higher than in previous years. However, many security experts consider Windows Defender to be a baseline of security other antivirus suites should aim to beat — and if they cannot beat it, you shouldn’t be using it.

Script Managers

This forms another protective barrier between you and those attempting to gain access to your computer. There are a massive range of script management addons and extensions available for all of the major browsers, and Microsoft Edge is slowly catching up with the rest. These addons manage the content accessed within your browser, and can block some of the malicious scrips set primed to inject when you access a website, accidently click upon an errant advert, or indeed, malicious links disguised as functional buttons. Consider installing some of the following:


Tracks and alerts you to a range of threats including malicious cookies, bugs with known vulnerabilities, as well as tracking beacons and pixels. Ghostery will display a list of trackers you can manually (or automatically) choose to block, limiting the number of potentially malicious content providers you might be connected with.


Offers you greater control over how and where your personal information is shared with the numerous dynamic content delivery systems. Disconnect saves time and bandwidth, and generally provides an ever-so-slightly faster browsing experience. The browser add-on comes with an easy to understand interface, and you can turn certain requests off or on as you see fit.

Disconnect is also available as a desktop installation, coming with more features, as well as offering a Pro and Premium version.


UMatrix offers a new, visual approach to blocking certain types of content you access through your browser. Instead of the normal drop-down menus and searches for hidden settings, uMatrix provides an easily navigable grid containing information on each website you visit, the content it is serving you, what scripts are in action, and much, much more.

One of the most useful features of uMatrix are hostname block lists. These extensive, individually curated lists block a huge number of known and active malware servers, older malware servers, and known malicious URLs. There are additional block lists available for download, but the integrated ones offer an excellent additional layer of protection for your system.

Web of Trust

Browser extension Web of Trust will not directly block any malicious scripts or content arriving on your system, but it does provide a useful insight into the perceived status of a website as decided by other Internet users. You can also contribute to the welfare of your fellow Internet users by flagging similarly unreliable websites.

Once installed, a small circle will appear alongside URLs returned in search, and links within pages. You’ll see a nice green circle for highly rated sites, and a horrific red circle for those with less-than-perfect reputations.

However, this is community curated, and while the developers and other users are relatively quick to reassign any false ratings, it can still be gamed to lead you to a malicious site. Be aware!

Honourable Mentions

ScriptBlock was birthed from the ashes of fallen script blocking favorite NotScripts, which ceased development in 2014. ScriptBlock offers you the chance to control how JavaScript, iFrames, and other content scripts interact with your browser, potentially negating some of the malicious content awaiting your arrival.

In a similar vein, ScriptSafe offers a simple but effective method of controlling the scripts active in your browser, with a relatively easy to navigate interface.

When Will I Be Safe?

If you install and update your antivirus, install a script management add-on in your browser and select some of the integrated block lists, and generally consider where you’re clicking, on which website you’re visiting, where you’re getting your downloads from, and generally consider the reputation of the websites you’re visiting — then you’ll be in with a fighting chance of keeping your system safe.

You might hear people say “I browse the Internet with no protection,” and some of them might be okay. But with the advent of serious ransomware infections Beyond Your Computer: 5 Ways Ransomware Will Take You Captive in the Future Ransomware is probably the nastiest malware out there, and the criminals using it are becoming more advanced, Here are five worrying things that could be taken hostage soon, including smart homes and smart cars. Read More demanding payment and encrypting files, would you really take that chance?

I know I wouldn’t.

What is your current security combination? Do you have any apps our readers might benefit from? Let us know below!

Related topics: Anti-Malware, Antivirus, Browser Extensions, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Prakash
    July 3, 2016 at 7:02 am

    Hitman Pro Alert and Super Antispyware with SOPHOS Home.

  2. yassnie
    July 1, 2016 at 6:09 pm

    Just use Linux

  3. Mark Thompson
    June 30, 2016 at 6:04 pm

    Check out 2factor authentication with Protect your end users.

  4. Anonymous
    June 30, 2016 at 5:06 pm

    Use Linux also, but this page is still useful.

  5. Anonymous
    June 29, 2016 at 9:13 pm

    I use Linux. No problems in over 10 years.