Internet Security
Perhaps one of the best things about having a PC is the ability to access and share information. Much of this is made possible through the internet, and quite likely at some stage you will probably want to download something from the internet. This and other online activities place you and your computer at risk, what we will attempt to do here, is show you how to minimise that risk as much as possible. It must also be noted that there is no such thing as a 100% guarantee with internet security, in fact even 98% might perhaps be a generous figure. You must routinely use your security software to update and scan regularly, and excersize caution when openning emails or visiting suspect sites.
For Free Antispyware Software Click Here: Spybot Search and Destroy
The Three Rules of Internet Security !
There are three very important things you need and must use in order to help secure your computer. These are basic and essential items that require regular attention. Simply having anitivirus installed is not enough, for optimum protection, there is a little more!
1) A working Firewall that is updated regularly
2) Antivirus and Antispyware Software
3) Vigilence from the User....You!
Firewall
This is achieved via the use of a "Firewall," a firewall can be software or hardware or sometimes it is a combination of both. The firewall sits between your computer and the internet.
And now let’s also assume that we need to open the same or another port to receive a file from someone or something that is also outside the ship, (as in downloading from the internet).
This is basically how your firewall works, it opens ports to allow information or data to enter your computer from the internet, every port serves a specific purpose, and for you to receive certain files you must open a certain port. Once the transaction of sending and receiving files via one of these ports is complete, the window or porthole is then closed so no other information can enter through that port. These ports are not physical entities but rather virtual highways that exist between your computer and the internet, therefore ports are software based.
The firewall is basically the traffic controller that handles who and what enters your computer, it opens and closes ports as required to service the needs of programs or applications running on the computer. A good example is email; Outlook Express sends email from port 25 and receives it from port 110. So if this was your ship these windows would be open at the time you send or receive email.
Hackers make use of these ports when they try and invade your computer to steal or exploit your personal information. Hackers also find new ways of opening ports without your firewall knowing about it, they use different tools and techniques to break in through these ports.
Imagine that you have locks on all of the portholes in the ship and only your firewall has the key for each lock, after a while hackers can replicate a key that will open each port, so to combat this you must keep changing the locks.
This is achieved by updating your firewall, as with the above example, when you update your firewall, you basically put new locks on your ports, especially on specific ports that are more vulnerable.
Windows Updates
You will need to read and follow the install instructions carefully, we also recommend that you create a restore point before attempting to install any updates that may reconfigure some Windows components. This provides you with an opportunity to restore your computer back to its previous settings if you do not like the changes made after updates have been installed.To create a Restore Point click this link: Creating a Restore Point
Lastly it must be said that all of the above is only effective if you have an active firewall that is turned on. If you use the Windows firewall you can check this by doing the following:
1) Click Start.
2) Click Control Panel.
3) Click the Windows Firewall icon.
4) Make sure the radio button next to "On (recommended)" is ticked.
5) Click OK !
Antivirus and Antispyware Software
Computer Viruses occupy four different and very basic categories, these range from Viruses to Worms, Trojan Horses and Logic Bombs. Each has their own specific purpose as do their symptoms and also their ability to inflict damage upon your data. Their evolution is fast paced and one latest report indicated that possibly more than 100 to 2500 new viruses are made each day. This number will perhaps increase and as such, so should our vigilence and diligence both with online activity and email.
These kind of infections carry what is known as a payload, and just like the old airplanes of war armed with bombs, they deploy their “payload” at a certain time to cause damage. In this respect they are also a dormant virus, they might remain hidden in a file that windows thinks is friendly and then at a predetermined time and date (Friday the 13th) for example, they unleash their deadly payload. Bomb's away!!
So the trojan horse also known as “Trojans” are nasty little suckers in that they can sneak up on you and then when you least expect it, they wave that big fat ugly banner that says, "hello I am here". Usually this is also a time when it may be too late to do anything about it. So in the obvious pretext, prevention is better than cure with trojans.
They are so dangerous in fact, that certain elements of them can send information about you and your financial details back to a hacker. They can install small programs on your computer in the form of tracking cookies etc, and then send that information back to a computer loaded with software ready to exploit your bank account or personal details.
This is also why trojan horses are often found in email attachments and file downloads. In most cases your best defense is to use Antivirus and Antispyware Software, be sure to establish regular habits in updating and scanning as often as possible. Also never open an email or attachment from and unknown sender, or even a known sender with nothing in the subject field. This could be a trojan embedded in an email when the sender has no idea and their computer is basically working as a "zombie" (more on this later) and sends the emial on autopilot.
Well put simply almost all forms of computer malware, spyware, viruses, trojans and the like are basically small programs running on the computer with the intention of completing the task they were designed to do, (usually something destructive, or annoying at the very least.)
So they are actually software, albeit nasty software, but still software. And how do you defeat software, well, yep you no doubt already guessed..!!, you use software.
You could say that it is like fighting “fire with fire”, as the old saying would have it. To this end we have on one hand the antivirus companies writing new software everyday to counteract the virus software that is written daily on the other hand by the pesky virus writers.
The software the antivirus companies write is updated daily for the best protection, they write what is known as “signatures” and these are small pieces of software or program code that allow your AV software to recognize what new viruses and so forth are lurking on the horizon.
The idea behind this is that your AV software then uses these signatures during a computer scan to cross-reference files etc, in the hope it will find and delete any nasty and compromising code or virus.
Much like the aforementioned “cat and mouse scenario”, it is an on going battle between these giants of internet security (Norton, McAfee, AVG, etc) and security compromise (virus writters). In the end, no one person, group or company can really ever 100% predict what new viruses are being written and how best to combat them. Antivirus is a past-tenths game, we are literally dealing with history most of the time, since we are reacting to threats, rather than predicting them.
This is also another reason why we are never ever really 100% safe with internet security.
Viruses use the verbs in computer code, these are the “doing instructions” that offer an action or potential to a program or device. This is what is known as executable code and this code is embedded in files that have file extensions. So what are file extensions?
Well they are the suffixes you see after file names, for example, the startup file that tells a program how to start when you double click an icon, this tells your computer to look for the startup.exe file associated with that particular program, which then gives instructions on launching the program. It is like starting your car, “key in, push clutch in, turn key, release key after ingnigtion etc.” Then car starts and away you go.
A good anallergy I often use goes something like this, imagine you have a security guard at your front door, and this guard has a photo album of everyone passing through the front door.
Let's assume for a momment that the people coming in are the equivalent of the data entering your computer.
In his album he has photos or "mug shots" (signatures) of all of the good and bad people. Now let's say that he receives new photos everyday (antivirus updates), and these also contain the photos of the bad people or viruses. So when he recognises a bad person, he throws them out, (deletes them) or does not let them enter, "preventing a virus attack".
Virus writers are well aware of this fact and exploit it by taking advantage of any flaws they may find in programming. Some viruses called "macro viruses" hide in document files, these nasty little critters are often found in email attachments, they use that part of the file a word program uses to open and execute the file. So when you open an infected file the macro virus escapes its literary tomb to inflick damage upon your data.
The only drawback here resides in the fact that you will loose all of your restore points. Ironic as it is, one of the first things you can do when you have a virus, is restore your computer to a time before the virus was present. Sometimes but not always, this has been a short cut for eliminating viruses.
If your antivirus finds a virus, you will be prompted to either delete or quarantine the virus depending on what AV you use. Sometimes the antivirus will fix the problem automatically, many of them ask you for instructions first when they detect a virus.
Antivirus software is only as good as its last update, so be vigilant in updating and remember to scan regularly, at least once a week is sufficient for most home users, the more the better!! This software is of no use if you do not use it. I have seen people who believe you just install it and then it does the rest, this is not the case, you must play your part in securing your computer and network. Our customers use AVG free and you can get it on the following link:
AVG free Antivirus
Antispyware
When it is installed separately from your antivirus software it forms an integral part of your security package, we know that antivirus deals with viruses, antispyware deals with hackers and those that want to exploit our security vulnerabilities. Together with AV software and an active firewall these systems form the big guns in security.
Spyware once installed adopts the role of big brother and records your online activity and surfing habits, it takes note of all the websites you visit and then sends this information back to a server which then uses it to send you adds based on your browsing habits.
Because there is a backup of the registry, antispyware programs use this to compare changes that may have been made and then attempt to remove any corrupt entries that will exploit your security.
Just like viruses new spyware is made every day and so are new signatures that enable your program to detect them, this is also why it is important to update and scan regularly. Many people sometimes use two antispyware programs, this is not a bad idea because what one program may miss the other might catch. There are many free ones available, some of these also have "payware" versions of the same thing that have added functions etc. The two free programs we use and recommend are Ad-Aware Plus and Spybot Search and Destroy.
You can download them on following links:
Ad-Aware Plus
Spybot Search and Destroy
Security Threats
Spoofing
One good way to tell if a site is “spoofed” is to come up with some bogus things of your own, let’s say it asks for your email address, well give it a bogus one and then if it does its thing believing your address is real, you have just scammed the scammers.. !!
If you had entered your real email address, you may have opened yet another channel for spam or junk mail. Pishers and the like use these sites and others to trawl the internet searching for email address stored on servers etc.
They sometimes sell these email addresses to spammers and the end result is massive amounts of spam. This clogs up the internet and network servers choking them with gigabytes of unwanted junk mail.
Spam
Spammers attempt to file your inbox with as much junk mail as possible hoping you will be enticed buy the items or products they promote. Many of these emails will have attachments which can harbor Trojans, worms, spyware and viruses. It is not uncommon to see spammers pushing things like pharmaceutical products or body enhancing surgery and even scams promising you millions etc etc.
Most email software programs have spam filtering that help eliminate junk mail, you can adjust this and other security settings to help combat spam. Perhaps the best way of avoiding spam is to again exercise vigilance with emails, if it looks suspicious, delete it immediately, and never give out your email address to anyone or anything unless you know them. Posting your email address all over the internet is like giving every post office in the world your real street address, and then you will have a mail box inundated with junk mail. To learn more about spam and ways to prevent it, see: Dealing with Spam
Scams, Frauds and Hoaxes
The Nigerian 419 preyed on people’s gullibility fooling them into believing they would make a fortune if they offered some financial help to a third party. The returns for your small investment were far to enticing for some people that fell victim to this scam.
Frauds work very much like scams but only these fraudster’s setup bogus websites “spoofed websites” and then have you make a purchase on that site. Many auction sites are targeted by fraudulent net scammers.
Hoaxes are again something intended for the gullible nature of people, we usually receive hoaxes in email and others on webpages planted via spyware. Besides the "get rich quick scams", they mostly make reference to your computer being infected with a virus or some kind of spyware and you will have to click a link or do something that to fix the problem. When your computer actually has no virus or spyware, it is a "hoax". Remember your antivirus software takes care of viruses, not stuff that pop’s up on your screen or arrives in email.
Banking Online
Meanwhile I will offer some valuable pointers that will hopefully keep you as safe as possible and with a special focus on internet transactions where funds are basically transferred from one account to another.
Your username and password should be as obscure as possible leaving no wild guess’s for the cretin’s that would quite easily exploit your personal and sensitive information without a second thought.
Always use as many words, characters and or numbers as possible with passwords, if you can routinely change them as often as possible, and always make them as long as possible. Most institutions will have a minimum of eight characters, others more, the rule of thumb here is the more the better, this way the would be hackers etc will generally find it harder to “crack” your password. You should aim to make your passwords as strong as possible.
Try and keep them as short as possible, this way you reduce the possible time your computer or transaction could be possibly intercepted and recorded. When you see your browser (where you type www."whatever" wbesite.com) prefixed with “https” and you see the little “lock” icon at the bottom right of screen, that usually indicates that you are secure. These things may or may not appear depending on what browser you use, however the key here is to keep your online financial transactions as short as possible, reducing the time someone has to exploit your vulnerability.
Many hackers, spyware writers, virus writers etc, all know we are only human and they will specifically target their programs to work on our emotional gullibility. They know we will not always sniff out a scam and that many people may be looking for the “quick fix” whether it be a lottery scam or cheap pharmaceutical medications etc.
There are and probably never will be any gauranteed absolute safe guards that will offer you 100% protection, perhaps your best bet for now, is to maximize your level of protection by observing the information above and further research.
The great wall between internet security and hacker vulnerability is and will always be brittle, to date no one person or thing can guarantee total security.
* * * *
Security Tips
· Never open an email if you do not know the sender
· Never open email attachments from unknown senders
· Never give your real email address to suspect sites
· Never give out your personal details to unsecure sites
· Never download programs linked to pop-up adds
· Always update and scan with AV and Antispyware
· Always use the strongest possible passwords
· For added security routinely change these passwords
· Keep software updated and patched, Internet Explorer
· Keep online banking sessions as short as possible
· Routinely change your banking password
· Make sure your firewall is active and updated
· Form a habit of deleting cookies and offline content
· Set your security settings as high as possible