Inspired byIsaac Newton
If you're not paranoid about security - you don't understand the threat
If you have email, it is only a matter of time before you receive a virus. If you have broadband, and have no firewall, you have probably already been hacked, and a Trojan horse installed. You will certainly have spyware – everybody else has!
The On Line Threat
There are many threats on line, of which most surfers are only vaguely aware:
· Hackers – individuals who take control of your PC to send Spam, to hide paedophile images, to attack other computers;
· Viruses – programs that automatically send themselves to other victims, and can destroy data, render your PC unusable, install backdoors for hackers, send your information across the Internet, and steal on-line banking passwords;
· Spyware – programs that install surreptitiously, often pretending to be something else (Kazaa is a good example) which can steal on-line banking passwords, monitor the sites you visit, and many other nasty things
· Phishing emails – emails purporting to be from a bank, or ebay, asking you to enter all your account information so they can steal money. ebay has a good tutorial HERE
· Connection hijack – your dial-up to your ISP is replaced with a connection to a Mongolian ISP
· Lottery wins, etc – Nigerian scams, and lotto wins. Please see http://lottery.merseyworld.com/Info/Scam.html;
· Identity theft – someone assumes your identity, with enormous consequences
· Lastly, plain old system failure – loss of irreplaceable documents, photographs etc Invest a small amount of money in an external drive, and then backup to it regularly. If I had a pound for the number of times I've had to recover someone's photographs from a dead hard disk drive!
Use a ROUTER
· Hopefully the days of woefully insecure USB 'modems' has long gone. Use NAT. Unless you REALLY know what you're doing, DO NOT use the DMZ. If you don't know what that means, you're probably quite safe. Once your router is installed, CHANGE the passwords! Many routers are shipped with default passwords, and web admin open, allowing someone to get in, disconnect you, change your password, and lock you out.
· If you are NOT using a router, install an effective firewall that will block malicious traffic both entering your computer, and leaving it (for example, spyware attempting to contact its controller). My recommendation is Zone Alarm, which is available free. (www.zonelabs.com, search out the free version). Zone Alarm Pro costs $50 or so, will provide anti virus protection by blocking executable attachments to email (but not if you use webmail, such as Hotmail or Yahoo). A firewall is essential if you have broadband. Turn off the Microsoft firewall before installing an alternative.
· (Zonealarm Security Suite, $70, includes firewall, anti-virus, anti-spyware, and anti-phishing and has had good press reviews. Use instead of the following 2 recommendations)
· When you have a firewall installed and configured, try the 'Shields Up' test at www.GRC.com
· AV software is only as good as its last update, so update it regularly. AVG is available free, (www.grisoft.com, again search out the free version ), and is very effective. A firewall that blocks executable attachments will block even new viruses that arrive before you have updated your AV software. See above.
· BEWARE! Many of the free anti-spyware packages are themselves spyware! Reputable free anti spyware comes from Spybot, and Ad-Aware. I recommend paying $20 for Counterspy from www.Sunbelt-Software.com.
· Keep Windows up to date. Security updates are regularly published by Microsoft to patch vulnerabilities in Windows, Internet Explorer, Outlook etc. Always install critical or security updates quickly - an attack based on the vulnerability being patched is often only a few days or weeks behind the patch.
· Do not use the Outlook preview pane. This can auto run viruses, and confirms your email address to Spammers. Auto-preview is safe. This allows you to see the first line of the email.
· Disable Windows XP Messenger Service. Go to start > control panel > administrative tools > services > Messenger. Set “Startup Type” is to disabled: right click, select properties, and set startup type to disabled,
· If you use XP, ensure system restore is enabled, and is taking restore points regularly. This can restore the settings to a pre-virus state. (Start > Programs > Accessories > System Tools > System Restore)
· Avoid taking up Windows offer to save your password, especially for on-line banking sites. These user names and passwords can be harvested by viruses and spyware.
· Most PCs have CD or DVD writers. Make sure you take copies of your important documents and photographs, and store them away from the PC. In the event of system failure, fire or theft you will at least be able to recover the important stuff. Consider buying an external Hard disk drive in an enclosure. There's plenty of free backup software on the web.
· Store copies of software CDs securely, together with a note of the registration keys required so you can reinstall if necessary.
If all else fails, try common sense!
· If an email looks suspicious, it probably is. Don’t open it until you have checked with the sender. If you don’t know the sender – just delete it.
· Don’t be taken in by hoax viruses, especially those that tell you to delete files. In general ALL virus alerts, indeed ALL warnings, emanating from the Internet are hoaxes. You can check for yourself at http://www.hoax-slayer.com.
· Don't open mails that look like Spam, or take up their offer to unsubscribe – both are means of confirming active email addresses for future targeting. If a mail looks “strange”, it probably is;
For an excellent guide to ID theft protection see http://www.crimereduction.gov.uk/theft1.htm.
Junk Phone Calls
· Nothing to do with on-line security, but to prevent junk phone calls register your phone numbers with the Telephone Preference Service at www.tpsonline.org.uk
In the event of a “security incident”, Windows XP System Restore can often recover the situation. If you need to reinstall software you have the CDs and the registration keys, and you have backed up all your important data and photographs onto CD (haven’t you?).
“The Internet is safe until you forget it’s dangerous”
Use of any of this advice is at your own risk, but I follow it all myself. This page will be updated from time to time. Feel free to come back to me with queries and comments (but I guarantee nothing!).
Updated 06/12/2011 1:34 PM