Monday, January 5, 2009

Common Risks

Assuming Your Security Software Is Protecting You

Security software is fully effective only when activated, frequently updated and used appropriately.

Accessing a Financial Account through an Email Link
No matter how official an e-mail message looks, trying to access a financial account by clicking on a Web link in an email is always risky.

Using a Single Password for All Online Accounts
A recent survey showed that nine percent of home Internet users designate a single password for all their financial accounts. That practice lets someone who gets your password and steals your identity easily access all your accounts.
Please see Avoid or Mitigate Risks for my comment on this recommendation.

Downloading Free Software
You couldn't resist that neat, “free program”. Now your computer runs slower than ever.

Downloading Music From P2P networks
Peer To Peer (P2P, computer to computer) networks can be another major source of virus infections. You may think a given service is "safe" because you pay for a membership - or your teenager tells you so. There is overwhelming evidence that this is not true!
This all is independent of the fact that such downloads are illegal.

Clicking on a Pop-up Ad That Says Your PC Is Insecure
Fifteen percent of respondents to above mentioned recent survey who saw pop-up ads clicked on them. That is ALWAYS a very bad idea. Even if you know such pop-ups are phonies, they're still dangerous. It's easy to click inside the ad by mistake; instead close them by hitting Alt-F4.

Shopping Online the Same Way You Do in Stores
Online shopping requires special precautions because the risks are different than in a walk-in store: You can't always be sure who you're doing business with. You must disclose more personal information, such as your address, to the online retailer.
Research the online retailers reputation before you buy the first time from them!

Thinking Your Apple Mac Shields You from All Risks
Mac users fall prey to phishing scams at about the same rate as Windows users, yet far fewer of them protect themselves with an anti-phishing tool. To make matters worse, the browser of choice for most Mac users, Apple's Safari, has no phishing protection built-in.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.

Avoid or Mitigate Risks

I tried to write the following in sequence of decreasing importance. Naturally this is determined on the basis of personal preferences; comments are welcome.

Make sure the Windows Firewall is turned on.
Since Windows XP Service Pack 2 the built-in firewall has proven to be sufficient and reliable; there is no need anymore for third-party solutions.

Use Microsoft Update at least once every week.
My experience proves over and over again that Automatic Updates as available in Windows XP is not 100% dependable.

Make sure that Automatic Updates is turned on, despite what I just said.

Always keep your anti-virus program up-to-date.

Always keep your anti-adware program up-to-date and let it scan your computer at least once every week.

Always keep your anti-spyware program up-to-date and let it scan your computer at least once every week.

Guard your password(s) with your life!
I use only two passwords; a "super-secret" one for all financially relevant accounts; it is written down but only my wife knows where the envelope is stored.
Additionally I have a catch-all password that I use everywhere else.
For me the secret lies in not allowing anybody to watch my fingers when I type a password, always checking and being certain that the cursor really is in the password field and not “by accident” in a field where the password would be visible.
Remember: Prevention is always cheaper than repair.

Use Mozilla Firefox as your default web browser instead of Internet Explorer.
If visitors or friends use your computer make sure they follow this rule as well!

Use Mozilla Thunderbird as you email program instead of Outlook Express or Outlook.

Let visitors and guests use a limited account only. Consider eventually using one yourself.
Most of my customers run Windows XP and in their words they are computer illiterate. For this group I do NOT recommend using a limited account because of the technical know-how required to circumvent the inherent limitations.
Backup your work at least once every week.
Even with the best precautions, you’re bound to experience serious problems at some point.
Regular back-ups can be the difference between losing all your work and/or memories or having it readily accessible.
Whether you use an external hard drive, flash drive, or an online service, be sure to backup your important files, documents, and photos for safekeeping.

Uninstall unwanted applications.
All new brand name PCs come pre-loaded with all sorts of programs and trial software.
Remove the clutter by deciding what software is helpful to you, and then un-install the rest.
Some of that pre-installed gunk is outright dangerous; if you knew what all it is capable of doing you wouldn't want it on your computer in the first place!

And finally: Use common sense!
  • Do your homework before downloading that neat free program. Check the program’s name with a Google search.
    Admittedly it takes experience to interpret the results of such a search correctly but if you don’t begin now to gain that experience you’ll never get it.

  • Check links in emails before you click on them.
    Rest your mouse cursor over the link without clicking, check in the status bar of your email program (or web browser) if the link actually resolves to the website it is supposed to get you to.
    You don’t see the status bar? TURN IT ON immediately!

  • Do not trust sender addresses in emails, they can be faked easily.
    Even if the email appears to come from a friend but is not expressed/written in the way that person normally communicates with you then you better delete the email right away.
    Don’t take avoidable chances!

  • Do not allow your teenager to use your computer account! This account most likely has administrator privileges (the Windows default). Give them an account with limited privileges.

  • Secure the normally hidden Administrator account with a password that only you know. Write this password down and store this note in a sealed envelope. Many teenagers know about this by default unprotected account.

  • Do not allow hidden or Personal files! Every user can make their own files invisible to other users. Does your kid have something to hide or not? If not he/she does not need to activate this feature.

  • Have an openly discussed set of rules for computer use in your family. Make it abundantly clear that computer use is a privilege that can be withdrawn or curtailed.

  • Do not allow P2P music download services. Period.

  • Use Pidgin as the only permitted Instant Messenger program. You find it here.
If in doubt get professional advice or help before you inadvertently ruin your computer. I can give much of such advice remotely; I don’t need to come to your house to check many of these things out.

Remember: Prevention always is cheaper than repair!

Added February 8th 2009:
If you have an Internet connection faster than dial-up: Unless you already have a so called gateway, a combination of modem and router, consider using a router. Yes, even if you do not have and do not intend to get a wireless notebook computer; just make it a plain router. Brand new ones are available from $20 up. The simplest router will make your computer technically "invisible" to attempts of people trying to actively hack into your computer. Even if your software firewall is ON I still recommend the added layer of security that even a cheap router for $20 adds between your computer and the cable, DSL or satellite modem.

As usual I welcome comments and suggestions right here in the blog.

Thank you in advance.