Protecting your computer on the InternetIn recent years, there has been a huge rise in the number of high-profile security attacks on home computers. These attacks can take many forms - from infecting your computer with a virus, to seizing your bank or credit card account. Here is a simple guide to keeping your home computer (and your data) safe on the Internet. ThreatsThe most common security threats on the Internet are:
General AdviceYour first defence tool against most of these is simple common sense. Do not download anything unless you are certain you know what it is. Do not open email attachments unless you are certain they are virus free. Sometimes, whilst on the Internet, you may get messages or adverts telling you that "Your Internet connection is too slow!", or "Optimise your Internet connection". They often look like error messages, but they are not - they are adverts designed to convice you to download something you don't need. Avoid websites that offer illegal software, pirated music and pornography. They often use backhand tactics to get you to download programs, viruses, trojans and rogue dialers. Avoid using MSN Messenger if possible. Many viruses are transmitted through Messenger. Certainly don't accept any files from anyone using Messenger unless you are absolutely certain they are safe. There are free alternatives to Messenger (such as Trillian) which are safer in some ways, but none are completely secure from viruses without you being careful. Also avoid "P2P" programs such as Kazaa, WinMX and eMule. Often what you download isn't what you expect, and many downloaded files are trojans and viruses in disguise. Consider replacing Internet Explorer with another, more secure, web browser. Firefox is geared towards security, and comes with a range of useful features missing from Internet Explorer that make browsing the Internet much safer. For example, Firefox will not allow websites to install software (such as spyware) behind your back. Keep your computer updated. Windows, MacOS and most versions of Linux all have online "updaters". These fix holes in your operating system, and add new features or security measures. Each threat can be tackled as explained below. Do not wait to be "attacked" - prevention is better than a cure. Viruses and WormsFirst and foremost, your computer should have a virus killer, especially if you use Windows. Apple and Linux computers are generally immune to most viruses, but some viruses for these machines do exist. Just as important as installing a virus killer, is keeping it up-to-date. New viruses are written every day, and if your virus killer is not regularly updated, you are at risk from new viruses. A virus killer need not be expensive, and several are free. Recommended programs include AVG, Avast and Sophos. AVG and Avast offer free versions for download. Each time you start up your computer, ensure that your virus killer is running, especially before checking email or accessing the Internet. Viruses come in many forms. Some are designed to delete your data. Others (usually called "worms") do little damage to you, but if you become infected they email themselves to everyone in your address book. In 2000, the "I Love You" virus crippled many businesses simply because of the volume of infected emails that were sent out. TrojansTrojans generally spread like viruses, but can be much worse in terms of what they do. Usually, once your computer is infected, the trojan "contacts home" by sending a message to a waiting computer elsewhere on the Internet. It can then act as a kind of logger and server, sending information on your computer to the computer it contacted. This could be passwords for websites, your address book, or any other information on your PC. Not only that, but the other computer could physically control your computer, deleting files or information. In the past, one person has taken control of many hundreds of computers in this way, and used them to overwhelm websites - essentially taking them down. Most virus killers can detect Trojans too, although it is a good idea to install a Firewall on your computer too. A firewall prevents other computers from connecting to yours without your permission, but it also prevents trojans and other programs from accessing the internet (and "contacting home") without you being warned first. Some recommended firewalls include Tiny Personal Firewall (note that this is not the same company as Tiny Computers) and Zone Alarm. Both offer free versions of their software. For more inforation on trojans and firewalls (including a program to test that your firewall is working), see Steve Gibson's ShieldsUp website. Hacking AttemptsSince computers can be used for everything from typing letters, to hosting and running entire websites, your operating system (Windows, MacOS, Linux, etc) usually contains extra programs to run all of these tasks. Unfortunately, these programs are often running even when you're not using them. This leaves "holes" in your computer that hackers can use to try and infect, access or compromise your machine or the data on it. The "MS Blast" virus used one of these holes to infect many millions of computers in 2003. Using a combination of a firewall (to patch the holes) and a virus killer (to catch infections) is a good idea. Phishing ScamsAny email request for personal information should be treated as suspicious. No reputable company will ever email you and ask you to update your records on their website. Be careful when following links in emails to websites - check in the Address Bar that the website you have gone to is the actual site you expected. If not, go no further. NEVER enter your credit card PIN into a form on a website. Some phishing scams (as these are called) are quite devious, and the scammers often setup websites which look exactly like eBay, HSBC, Barclays Bank, etc. to convince you that you are actually at the site they say. You are then expected to type in your personal information, which the scammers then use themselves. If in doubt, contact the company by phone (NOT by replying to the email). Spyware and MalwareIf you have ever been bombarded with pop-up adverts the moment you connect to the Internet (or perhaps even the second you start your computer up!), or your homepage has been replaced with another, usually for pornography or shopping bargains, then you have seen spyware in action. Spyware takes over functions of your computer and tracks things you do, such as which websites you go to. This information is fed back to a the makers of the spyware, who "target" you with adverts for products they think you might be interested in, going off the information they have gathered. In it's mildest form, this means you get UK-based adverts when you visit international websites, but some spyware is designed to get into your system and stay there, plastering it with adverts and offers - each of which the spyware "company" is getting paid for. Not only that, but sometimes spyware damages the functionality of your computer, preventing you from accessing certain website, for example. This is called malware. To make matters worse, some malware is linked to viruses, trojans AND phishing scams. There are a number of steps you can take to prevent "infection" by spyware, most of which has already been covered. Virus killers and firewalls will help, but since not all spyware is regarded as "viral", virus killers will often not pick it up. Luckily, there are free Spyware Killers available - try Spybot Search & Destroy and Adaware. These tools also offer "immunisation" options, which should be activated. There are other reputable spyware killers, but be careful - some adverts on websites that offer "spyware removal tools" often actually provide spyware instead. Another important protection measure against spyware and malware is switching to the Firefox web browser instead of using Internet Explorer. Firefox prevents spyware from being installed without asking you first - Internet Explorer does not. Rogue DialersThese often get onto your computer via a virus, spyware, or by downloading a program from claims to offer "free access" to a (usually pornographic) website. They replace your Internet dial-up program, connecting you to a premium rate phone number instead of that your ISP (e.g. Wanadoo, OneTel, etc.) provided you with. Sometimes, they will even dial the number when you are not using your computer, such as if you leave it on overnight. Again, virus killers, firewalls, spyware killers and a different web browser can help. Paying close attention to what your computer is doing when you dial up to connect to the Internet is important too. You may wish to consider unplugging your computer from the phone socket when you're not on the Internet too. If you have broadband, then you should be "immune" to this dialing. You may still get the rogue dialer on your system (and any linked spy/malware, viruses, etc.) but without the phone bill to match. However, some people still have their dial-up modems connected to the phone system even when on broadband, and so should disconnect the cable. |
