How to Protect your Computer when You Are
Online -
and Offline
Technological advances,
increasingly sophisticated software, faster
networks and online communication have brought many benefits for
everyday computer users. However, with these advances have come
increased security risks. When cyber criminals harness this very
same
technology to further their evil ends, many previously unknown risks
lie in wait to trap the unprepared, often hidden among the social
networks.
The following should be a review for the more experienced computer
user, but some of these threats could be new to the lesser
experienced web surfers.
Here are some common threats and ways to
handle them:
Viruses - These malicious software codes cause undesirable effects
on our computers. A virus is designed to spread itself without the
knowledge of the computer user. A computer may become infected
through downloads from the internet using CD's, floppy disks, or
other
storage devices with infected programs, or from other computers on
the network. Another extremely common way viruses spread is
through infected email attachments. |
|
Given the many modes of transmission, computer viruses
are clearly a threat online as well as offline. The old adage
"Prevention is better than the cure" is particularly true in the
case of computer viruses. You can save yourself a lot of virus
grief and many hours of misery by avoiding infection in the first
place.
These simple and practical rules can help you avoid virus grief:
1. Install a reliable and reputable anti virus software
and run regular scans. Preferably have the scan run on boot up.
2. New computer viruses are created everyday. Make sure
your anti-virus software is kept up to date with the latest virus
definitions.
3. Do not download software from questionable or
unknown sources. Always scan software using your anti-virus software
before executing or installing on your computer.
4. Do not open email attachments from unknown senders.
It is best to use an anti-virus software that automatically scans
your email and can warn you if any threats are detected.
Spyware - are programs usually installed secretly along with
other software whose purpose is to capture information about the
computer user, the computer installation and other sensitive
information about computer usage. This information may then be
transmitted to a third party either by email or through the software
"calling home" to transmit information to a remote website.
Depending on the nature of information collected and transmitted
this could pose a serious security risk.
Adware - propagated in a manner similar to spyware, these
programs serve to pop up advertisements on the user's internet
browser or desktop. These programs too may capture information about
the user's browsing or purchasing habits so that advertisements may
be
tailored to suit.
Worms - These are a type of virus that duplicates itself and
takes control of computer resources. The main distinction between a
worm and other viruses is that a worm does not necessarily have to
live within a host program and can run itself.
Trojans - these are malicious programs that masquerade as
something useful thereby enticing the computer user to execute them
and unleash their nasty payload.
Keyloggers - These are programs that record keystrokes
entered through the keyboard and then secretly transmit this
information to a third party. Naturally this can expose passwords,
credit card details and other important information.
Control of worms, trojans, keyloggers, spyware and adware is
achieved using similar strategies to those adopted for viruses,
namely using appropriate anti-virus software including firewalls,
spyware and adware scanners, and avoiding executing programs
obtained from unknown sources.
Hackers accessing and taking control of a computer is another
serious risk especially today with the widespread use of "always on"
broadband internet. Hackers may exploit vulnerabilities in
legitimate software or use trojans or viruses they have implanted to
gain control of a single computer, or a network of compromised
computers (botnets) which they can then use for sending unsolicited
commercial emails (spam) or for other illegal activities. The idea
here is to shield the perpetrator from detection as the illegal
activity appears to originate from the computer they have taken
control of.
In order to minimize risk of hacking attacks it is important that
protective software used, including the operating system, is kept up
to date by installing all vendor supplied updates and upgrades.
An effective firewall is another vital defense against
unauthorized access by third parties. A firewall could be installed
on the modem used to connect to the internet or as a software
program that runs on the computer. The firewall serves to control
who and what programs
are allowed to access or make connections with the internet. A
firewall can also be useful in detecting and controlling programs
like keyloggers which attempt to call home.
Phishing is a security phenomenon that has seen an alarming
increase in recent years. Criminals employ increasingly convincing
and sophisticated means of sending emails which appear to originate
from legitimate websites. However, links in these emails actually
lead to
websites controlled by them where they can capture valuable personal
information such as logins and passwords. This is commonly used to
cheat unsuspecting users by tricking them into revealing online bank
login details etc.
The golden rule in dealing with phishing attempts is to treat all
emails which request personal information with at least skepticism
if not suspicion. Never click a link in an email and enter login
information or other personal information as the ultimate
destination of that link may be cleverly concealed. When logging
into online banking sites for instance always type the address in
the browsers address bar.
It is also important to pay attention to security features on
webpages where sensitive information is to be entered. A webpage
address that starts with https: and shows a padlock symbol is
secure. This means that any information transmitted from that
website is
encrypted and is therefore not at risk if intercepted.
There are offline risks to your computer as well. For
instance - it is important to select strong passwords which cannot
easily be guessed. Ideally they should be at least 8 characters long
and not consist of a regular word or name and consist of a
combination of numeric and non-numeric characters. The strongest
password would serve no purpose however, if a hacker is able to get
you to disclose it to him. It is important to always be on the look
out for social engineering attempts which aim to get you to
unknowingly or knowingly reveal sensitive information such as
passwords.
Needless to say, physical security of your computer is also
vital. The best antivirus software and firewall will not protect a
laptop left in full view in an unlocked car!
Maintenance and adequate care of hardware should not be
neglected either. Regular backups stored in a location away from
your principal computer and uninterruptable power supplies are good
ideas to protect the integrity of your hardware and data stored
thereon.
Short of never turning your computer on and locking it in a vault,
it is possible to minimize your risk to an acceptable level by
following common sense and adopting some of the simple rules we
reviewed above.
Tags:
botnet,
phishing,
social
networking -
... Richard Rossbauer
Follow
me on Twitter |