1. I am safe because I never visited porn website
Wrong. Nowadays, many more malware infection are linked to visit to legitimate and popular websites than porn or counterfeit sites.
According to Cisco 2013 Annual Security Report, Business/Industry site category stands at 3rd position behind advertising and dynamic content categories in the top 20 dangerous website categories. Included are Shopping (8th), Travel (9th), News (13th). Porn or counterfeit products (e.g. cheap Viagra) didn’t make it to top 20.
2. I am safe because I use Chrome or Firefox
If you ever think only noob use IE, then you’re not safer using Chrome or Firefox than if you use IE.
Because if the more highly skills people uses Firefox or Chrome, the higher probability that someone will discover or learn of security vulnerability in those browsers and exploit it for evil purpose. In addition, as marketshare of Chrome and Firefox increases, they become more lucrative targets for hackers.
Furthermore, Microsoft has made significant improvement in protecting its products and their users. An recent test founds that using IE 10 is safer than using Chrome or Firefox.
3. I am safe because I am accessing behind a corporate proxy and firewall
Corporate invests a lot in security protection by equipping their networks with firewall, DMZ and proxy – so it must be safe to access from behind such tools, right?
Wrong. For 3 reasons:
– First, 83% of web malware are in the form of script or iframe (Cisco report) which can easily passthrough all above mentioned security products.
– Second, more and more corporate allows their user to access multimedia and web 2.0 sites. Such highly dynamic and interaction sites often requires running of executable code. This increases the risk of exploiting known or unknown browser’s vulnerabilities.
– Third, firewall, DMZ and proxy are are part of a protection called perimeter security and therefore are ineffective in protecting user from malicious insider.