The 17 Most Dangerous Places on the Web

The scariest sites on the Net? They're not the ones you might suspect. Here's what to watch for and how to stay safe.

Those photos of Jessica Alba may be murder on your PC. That Google search result that looks as if it answers all your questions may do nothing but create a serious tech headache. The fun you had watching that hilarious video you downloaded may not be worth the misery it can cause your system.

You've been warned that the Internet is something of a security minefield--that it's easy to get in trouble. You can do everything you can think of to protect yourself and still be taken by a malware infection, a phishing scam, or an invasion of on­­line privacy. We'd like to provide a little help. Here are some of the hazards you may encounter, how dangerous they are, and what you can do to stay out of harm's way.

Not all Web dangers are created equal. Thankfully, our friends at the Department of Homeland Security have made our work of classifying Web threats a little easier. Will you get taken just by visiting that unfamiliar site? Or will you have to look for trouble? Let our threat level indicator be your guide.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Those photos of Jessica Alba may be murder on your PC. That Google search result that looks as if it answers all your questions may do nothing but create a serious tech headache. The fun you had watching that hilarious video you downloaded may not be worth the misery it can cause your system.

You've been warned that the Internet is something of a security minefield--that it's easy to get in trouble. You can do everything you can think of to protect yourself and still be taken by a malware infection, a phishing scam, or an invasion of on­­line privacy. We'd like to provide a little help. Here are some of the hazards you may encounter, how dangerous they are, and what you can do to stay out of harm's way.

Not all Web dangers are created equal. Thankfully, our friends at the Department of Homeland Security have made our work of classifying Web threats a little easier. Will you get taken just by visiting that unfamiliar site? Or will you have to look for trouble? Let our threat level indicator be your guide.

Threat 1 >> Malicious Flash files that can infect your PC

The Place: Websites that use Flash

Adobe's Flash graphics software has become a big malware target in recent years, forcing the company to push out frequent security patches. But another danger you might not know about is associated with Flash cookies. Flash cookies are small bits of data that their creators can use to save Flash-related settings, among other things. But like regular cookies, Flash cookies can track the sites you visit, too. Worse still, when you delete your browser's cookies, Flash cookies get left behind.

If You Have to Go There: To help protect against Flash-based attacks, make sure you keep your Flash browser plug-ins up-to-date. And you can configure the Flash plug-in to ask you before it downloads any Flash cookies.

Threat 2 >> Shortened links that lead you to potentially harmful places

The Place: Twitter

Scammers love Twitter since it relies so much on URL shorteners, services that take long Internet addresses and re­­place them with something briefer.

And it's very simple to hide malware or scams behind shortened URLs. A shortened link that supposedly points to the latest Internet trend-du-jour may be a Trojan horse in disguise.

If You Have to Go There: Simply don't click links. Of course, that takes some of the fun out of Twitter. The other option is to use a Twitter client app. TweetDeck and Tweetie for Mac have preview features that let you see the full URL before you go to the site in question.

Some link-shortening services, such as Bit.ly, attempt to filter out malicious links, but it seems to be a manual process, not an automatic one. TinyURL has a preview service you can turn on.

Threat 3 >> E-mail scams or attachments that get you to install malware or give up personal info

The Place: Your e-mail inbox

Although phishing and infected e-mail attachments are nothing new, the lures that cybercrooks use are constantly evolving, and in some cases they're becoming more difficult to distinguish from legitimate messages. My junk mailbox has a phishing e-mail that looks like a legitimate order confirmation from Amazon. The only hint that something's amiss is the sender's e-mail address.