Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Can visiting a malicious site automatically infect my computer?

May 15, 2015 9:09AM PDT
Question:

Can visiting a malicious site automatically infect my computer?


Since I use Google search for everything these days, it's almost impossible to know what websites are bad and may have malicious intent. My questions to you are, can I get a virus infection just by simply visiting a bad website? Or does it require an action by me like clicking on something within the website? Is an antivirus good enough to protect me from these heinous sites? How do you know if a website is good or bad? I think I've been lucky so far as to not visiting one of these bad sites, but I'm curious as to how these malicious sites work and how I can avoid them, as well as protecting myself if I were to accidentally visit one of them. Your thoughts and suggestions are welcomed. Thank you in advance.

--Submitted by Roger W.

Discussion is locked

- Collapse -
So, who is winning? The bad guys or the good guys?

Please forgive my lack of being savvy all the way through from computer to internet and various software packages.
That said even the dumbest of us regular Joes that walk the earth and use our home computers have learned more and more every day. If the average Joe doesn't learn something along the way, then they're just not human.

Hackers and those bad guys that plant viruses, bugs, Trojans sleeping stuff and all the other junk are , in my opinion, super geeks. Those 'bad guys' have a level of talent that is being wasted.

I don't know what type of monetary reward there is for creating and executing viruses but I often wonder if it's nothing short of bragging rights, similar to that new TV show CSI Cyber. I would expect a small element of truth of some of these shows and some sort of entertainment value, but it's also made for TV. another BS plot against humanity.

That elite few hiding behind their keyboard ready to thump on society and take down a power generation station or the next NASA launch. Sorry, did I already mention CSI CYBER?

I recall a few short years ago while being an early member of CNET that we had a threat from a bogus company called Registry Patrol. Many here were affected by Registry Patrol, whereas, we paid for and downloaded the program and it killed many hard drives.
I thought the laws were supposed to protect the good guys. A bunch of us challenged the law makers, BBB and it was futile to crack down on this company, mainly because those in charge were afraid of their own shadow and did not know how to enforce the law, if even cyber laws existing then. The only chance we had was to create a class action law suit.

I found that people love to complain but no one wants to lead the charge.
If our allege protection programs are bogus and proven to be bogus....then what?

- Collapse -
Excellent Question!
May 23, 2015 1:43PM PDT

It all depends on who you talk to. It also depends on if you are a home user or a corporate/enterprise user. A long time ago, computer infections were ways that someone can see what malware they created in the newspapers and other places. Sort of an ego trip. Even if it was just a joke. We had a Microsoft Word piece of malware that called the user an idiot or something like that. The IT manager thought it was one of the tech guys playing a trick and was really upset. Even back in the day, I remember working with the Michelangelo virus. It didn't do much except format your hard drive on Michelangelo's birthday. Some might not find that funny but there are always backups and a/v solutions of the time protected you unless you were one of those unbelievers. Today, it is all about the money. If you can get a userid and password to someone's banking/bill-pay account, you can get rich. Look at ransomware. I can't believe that people actually paid these people the money. But that is what happens when you don't manage your documents and have them backed up somewhere. And then there was ransomware in the guise of FakeAV. On Windows, if you wanted a "free" a/v product and found one of these, it would lock up your computer and not be easily removed unless you are good at working the registry in safe mode.
Today, the main phrase out there is called "zero-day". It is where the first sign that there is a vulnerability in software is when the attack is already out there. It used to be that you had time, even a few weeks, before patching your system. Now, you can't do that anymore.

For security at work, we required 100% currency in both OS patches and a/v patches. We also required (albeit somewhat draconian) a lot of policies locking down systems. Of course, releasing your customers' financial records or the age, address and phone number of runaway teen girls was not a good idea either. I think a lot of IT people are going to have to lose their identities to theives before someone really wakes up. Look at what happened to Anthem and their excuse for lack of encryption was "because it was inconvenient". Where I was, a HIPAA (medical records) breach would cost us over $1 million in fines. On other data, we had to notify the constituents of a stolen laptop. Since, in California, you can't use email for the notification, the postage alone cost over $500,000.

And here we have our wonderful federal government imposing fines with HIPAA/HITECH, PCI-DSS (Credit card stuff) and CJIS (criminal justice data) and then turning around and complaining because we encrypt our data. Companies don't know what to do anymore so they do only what is easy and convenient (even if that is NOTHING) and then they use that as an excuse when they destroy the lives of their customers.

It's all about the money these days.

- Collapse -
yep - think ransomware
May 23, 2015 7:06AM PDT

just clicking on a link can install malware - look at all those who are getting the different type of ransomware infections. all they did was click on the wrong link and wham - they are locked out and there is a popup stating to pay x amount or you will never see your data again.

There really is not much you can do to protect yourself since you clicked giving permission to open that link. The best you can do is to make sure to

1. install anti-virus software
2. install anti-malware software
3. use your browser's built in phishing and malware protection
4. install adblockers
5. keep regular backups of files you cannot afford to lose.
6. avoid risky sites and links to the great unknown.

nothing will give 100 percent protection. you can only do the best you can as you practice safe surfin.

What I do for protection - I am a linux user. I make sure I am in the linux partition when doing anything risky online. Linux is not 100 percent safe either but fortunately the risks are much, much lower than window users - at this time.

- Collapse -
In Terms of the Ransomware
May 23, 2015 1:49PM PDT

You have to be a bit careful with step number 1! Someone in my office told his kid to load a "FREE" a/v on all of his computers at home and the one they picked up was with FakeAV which, in itself, was ransomware. "..We will allow you to unlock your computer once you pay us for the pro-version of the product. In the meanwhile, we are locking your PC to prevent further infection...". Interesting story on that. The maker of the FakeAV tried to sue the McAfee and Symantec consortium for designating their software as FAKE. They said that their marketing scheme was a bit heavy-handed but they were a REAL a/v product (that found fake viruses so they can lock your system). The stuff was really difficult to remove. Took me over two hours.

- Collapse -
Malware risks
May 23, 2015 6:52PM PDT

I do not repeat the sensible comments made so far. The fact is, the answer to the general question has to be an emphatic 'YES' - but there are measures which can be taken to reduce the possibility of being another victim of malware. The first prerequisite is, of course, a good Security Suite in place not forgetting to make sure it is set to examine heuristics (sometimes essential to pick up hitherto new or unknown type of malware).
However, any software program can be defeated and one example of this is during boot up when initial software is being loaded - including your anti-malware stuff - so this makes your computer vulnerable. Remember that there is legitimate that arrives too - like Windows and other updates when you first switch on. But these will arrive almost as soon as you connect to the internet anyway. The point is the risk during this activity - the only way to stop it is to have the connexion to the internet removed until your are fully booted up. This, I believe, is the main reason why I have managed to stay free of infection since I purchased a full security suite that dealt with all the essentials. I happen to use Outpost because it received rave reviews in the official Windows magazine about 8 years' ago and I have stuck with it ever since. It now has security components in place on boot up incidentally but this has not persuaded me to lower my guard by leaving the internet connected during start-up.
My OS is currently Vista Premium which I am happy with and will only replace it when Microsoft produces a reliable replacement (Windows 10?).
Happy computing!

- Collapse -
Malware Risks at Internet Connection Startup
May 24, 2015 1:37AM PDT

Great idea...
What have you found is an easy way to disconnect from the internet during boot up and then to reconnect?

I get the internet via a Comcast coaxial cable connection which goes through a surge suppressor and modem and is hard-wired to the computer, which is a Dell Inspiron 660S running Windows 7. The Comcast modem does have wireless capability. The modem manufacturer is ARRIS, and the Model # is TG862G.

Lately, I leave my computer on even if I'm going out for a few hours. This eliminates a boot up when I get back, and the hard drive powers down automatically, which helps the life of the bearings.
Your thoughts would be appreciated.

- Collapse -
For me..
May 24, 2015 2:55PM PDT

It is simply hitting the toggle switch on the modem to kill the network connection. However some don't have that feature. I don't know what you mean by "hard wired" but most clients I've helped have Ethernet cable connected to the "back plane" of the computer, and hot swapping this plug is permissible. I've never damaged an Ethernet port by removing it while everything is turned on.

It is best to turn the modem off before turning off the computer, and turning it back on in the same order. This is also called a network reset, and actually can fix many networking problems by itself. Always go in this order both on and off:

1. Modem off ---------------------------------------------- 1.Modem on
2. Router off -------------------- and ------------------- 2.Router on
3. Computer off------------------------------------------- 3. Computer on

Use the same order going back on. Some routers seem to be okay just leaving them on 24/7. There is nothing wrong with leaving you computer on 24/7 if you don't mind paying the electric bill. Business systems are left on 24 hours a day as well; it doesn't shorten the life of the PC at all. I did this at home, and my old computer running for 10 years was finally relegated to the recycle station, even though it still worked fine. It was just too old and slow for today's computing. Just removing the RJ-11 jack from the back of the PC is enough if you would rather do it the easy way - that is if reaching that plug is easy.

- Collapse -
infection
May 24, 2015 4:25AM PDT

Yes, you can be exploited by just visiting a website. Drive by malware can be a zero day exploit, javascrpt injection and the list go on. You can only lessen your chance by using anti-virus software, frequent patching and click on link policy (don't click on that joke or video link that you friend send you). As for Mac being more secure than PC, it depends on how you look at it and what you use it for. Mac is being more "secure" because it is a more closed environment. Apple can put in security features that Microsoft can't do. For example, Apple can turn on "feature" let you install Apple software and select publisher by default. In Microsoft's world, you can't do it as their income is determine by how many people is using their operating system. They have to make sure older machines and as much machines with older software will run on the newest operating system. One reason why malware on Windows is so hard to get rid of is because of rootkit, anti-virus/malware software can't be loaded. MS does have a game plan, they are tightening security with each succession of Windows. For example, they will include something call secure boot in Windows 10:

http://www.pcworld.com/article/2901262/microsoft-tightens-windows-10s-secure-boot-screws-where-does-that-leave-linux.html

This will make a rootkit very hard to implement. But this feature cannot be implement on older computers (I know my 2011 Thinkpad can't and it is less than 4 years old).

- Collapse -
Infections in Macs too!
May 24, 2015 6:40AM PDT

I just a comment on your very sensible reply. I use a Mac for the bulk of my work. AND, I run Windows 7 using VMWare on my Mac from time to time. Now, I definitely follow most if this threads ideas for the Win 7 part even though all Internet traffic goes through the Mac side...helping to keep out the malware. Yes I constantly run a antivirus on the Mac as well. There I have accumulated over 3.5 million signatures; all PC related, none Mac-related. I have never had a malware enter either the Win 7 side or the Mac side in the past 10 years. I runs scans on both systems weekly...but most of the signatures are caught before they are loaded into a permanent memory location. Stay vigilant.......Jim B

- Collapse -
Apple will provide the antimalware..
May 24, 2015 3:30PM PDT

Last I checked there were only two available on their site. They do it kind of like Microsoft's malicious file removal tool - except it is geared for only one kind of malware per download. This does not mean they are totally invulnerable as per Dino Dai Zovi at CanSecWest security conference in Vancouver. He won the $10,000 prize for cracking Safari remotely. However, not many malware show up in the wild for these vulnerabilities which are quickly closed by Apple as soon as they appear in public. Apple has been embarrassed by revelations in MITM vulnerabilities that sat there for 10 years; but Microsoft has let things go like that, and they even knew about them, where Apple didn't.

- Collapse -
Even TOR is not completely safe now
May 24, 2015 12:59PM PDT
- Collapse -
Something Else to Consider for Home Users
May 25, 2015 7:38AM PDT
- Collapse -
Cross site injection..
Dec 23, 2015 12:08PM PST

I generally understand that term, but if you have the web side access blocked, and your router LAN side access with the User ID and password changed, I'd never heard of an exploit that could defeat that anyway. Do you know what they are talking about? My router isn't on the list, but it is older than any of the ones on the list too - and both of my routers are past support, so no new updates on firmware - I guess I may have to install DD-WRT on my router now!

- Collapse -
options while visiting a malicious site.
Dec 23, 2015 10:38PM PST

All the options everyone offered are great. I would add to that list: Sandboxie. I've used to for the past year with no problems. Use it when doing search's, if you run into a problem simply close your search and delete the sandbox. the bad guys have no where to go, they die.