Simple and easy ways to keep your computer safe and secure on the Internet

  • August 17, 2004
  • Read 540,879 times
 

Introduction

Let's face it, the Internet is not a very safe place. There are hackers trying to access your computer, worms trying to infect you, malicious Trojans disguised as helpful programs, and spyware that reports your activities back to their makers. In many cases those who become infected unknowingly become a breeding ground for unwanted programs and criminal activity. It does not have to be this way. With proper education and smart computing the Internet can be a safe, useful, and fun place to visit without having to worry about what is lurking around the corner.

This tutorial was created to provide tips and techniques for smart and safe computing. When using these techniques you will not only protect yourself and your data from hackers and viruses, but also keep your computer running more smoothly and reliably. The advice in this tutorial applies to all computer users and all operating systems, but we have tried to point out specific steps for various operating systems as it becomes necessary.

What you need to know to keep your computer safe on the Internet

Tip 1: Always install Operating System updates

The most important steps for any computer user is to always install updates, especially security updates, when they become available for your operating system. When operating systems are developed, bugs, or programming errors, are unfortunately created that could cause security vulnerabilities or make your computer act unexpectedly. Though the developers spend many hours trying to prevent these bugs, they are ultimately human, and bugs occur. It does not matter what operating system we are talking about, bugs are always introduced. Due to this, companies will routinely release updates and patches to fix any security vulnerabilities or errors as they are discovered.

In order for your computer to operate smoothly and safely it is imperative that all users install updates, especially security updates, as they are released. By not installing these updates you leave your computer at risk from remote users hacking into them or viruses exploiting these bugs to gain access to your computer. Thankfully, all modern operating system provide easy methods for installing new updates. In fact, most of these methods do all the work for you and just require you to click a prompt to allow the updates to install. Therefore, there really is no reason not to install them.

Below are two tutorials that can be used to learn how to update your operating system in Windows and MacOS:

For Macs: How to install Software Updates on your Mac
For Windows: How to update Windows

Tip 2: Keep your installed applications up-to-date

A common method that computer infections use to infect your computer are security vulnerabilities in your installed programs. Common programs that are targeted due to their large install base are web browsers, Microsoft Office, Adobe Reader, Adobe Flash, Adobe Shockwave, and Oracle Java. In order to make your computer as secure as possible, you need to make sure these programs are updated when new security fixes are released. The problem is that many people just ignore alerts about new updates, even though these updates fix security problems that could allow hackers into your computer.

If you are prompted by a known application that you commonly use stating that there is a new update, just click the button to allow it to be updated. This is especially true for web browsers, which are commonly targeted by malicious code on web sites. If there is a new version of your web browser available, you should upgrade it so that any security vulnerabilities are fixed.

If you use Windows, there is a great program called Secunia PSI that automatically scans your computer for applications and automatically updates them for you. Information about this program can be found at this tutorial:

How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector (PSI)

Tip 3: Do not use the same password at every site

It has now become common to hear about a company who was hacked and the hacker was able to access the company members email addresses and passwords. If you use the same password at every site, and one of those sites was hacked, the hacker now has your account information everywhere that you have an account. They can now login to your email, see what other accounts you have, banks that you use, etc and gather even more private information about you.

It is very important to use a different password at every site where you have an account. Unfortunately, we all know it's not realistic and even possible to remember a different password for every account you may own. To help with that you can use a password management program like Keepass to help you store your account information for each site you login to. Keepass also contains plugins that allow you to automatically login to sites you visit using the information stored in its database.

If you would rather not store your passwords in another program, then creating a standard password format is better than using the same password at each site. For example, for each site you visit you can create a password in the format [year born][sitename]!55. So if you were registering an account at Bleepingcomputer and you were born in 1975, you could use the password 1975bleepingcomputer!55. Then at CNN you could have an account 1975cnn!55. As you can see you are now using a different and strong password at each site, but you have an easy to remember format that you can use to determine the password.

Tip 4: Install and be sure to update your anti-virus software

It is very important that your computer has antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and infect yourself.

Is it also important to note that there is no point in running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. If a new infection appears in your computer, the outdated antivirus program will not know that it is bad, and not alert you when you run it and your computer becomes infected. It is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats.

It is also suggested that you install a free anti-malware scanner in addition to your normal anti-virus program. These free anti-malware scanners do not offer real-time protection unless you upgrade to the commercial version, but offer excellent detections when scanning with them periodically. Two recommended Windows anti-malware programs are MalwareBytes Anti-Malware and Emsisoft Anti-Malware. Tutorials on how to use these programs are listed below:

How to use Emsisoft Anti-Malware to scan and clean malware from your computer

How to use Malwarebytes Anti-Malware to scan and remove malware from your computer

The following link has a list of some online and stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources

Tip 5: Use a firewall

The importance of using a Firewall on your computer or on your network cannot be stressed enough. Just because you have all the latest security updates, you are still susceptible to unreported, unpatched, or unknown vulnerabilities that a hacker may know about. Sometimes hackers discover new security holes in a software or operating system long before the software company does and many people get hacked before a security patch is released. By using a firewall the majority of these security holes will not be accessible as the firewall will block the attempt.

For a tutorial on Firewall's and a listing of some available ones, please visit the following link: Understanding and Using Firewalls

Tip 6: Backup your data!

Backing up your data is not necessarily a way of keeping your computer safe, but it is a way of keeping your data safe. As you use your computer there may come a time that you cannot find a document or your hard drive fails. Having a regular backup of your data available saves you from the anguish of losing those hours of work or precious baby photos.

Both Windows and MacOS have free built in backup software so please be sure to use them to protect your data. In Windows, you can use Windows Backup program and Macs have the Time Machine program. If you wish to use a third-party program, we have listed two tutorials below that utilize free backup programs.

How to backup and restore your data using Cobian Backup
How to Backup and Restore your hard drive with DriveImage XML

Tip 7: Enable the display of file extensions

It is important to enable file extensions so you can see the complete file name. A file extension, or file name extension, is the letters immediately shown after the last period in a file name. Many viruses that are sent via email as attachments contain two periods. For example, picture.jpg.exe. Since Windows is by default configured to not display extensions, Windows will strip off the .exe and instead the file will appear as picture.jpg. To you this looks like harmless image file. Once you click on it, though, instead of an image opening, it actually runs the virus and you become infected. Though a Mac hides file extensions by default as well, this is less of a problem on that operating system.

For more information about file extensions and how to show them click here:

How to show File Extensions in Windows
How to show filename extensions on a Mac
What is a File Extension?

Tip 8: Do not open attachments from people you do not know

Don't open an attachment from someone you do not know. Simple as that. If someone you do not know sends you something, just delete it. If you receive an attachment from someone you know well, then you should still never open attachments that end with the following extensions: .exe, .pif, .com, or .bat. For more information about file extensions, please see step 3.

Attachments are a common way that computer infections spread from computer to computer. As described in the previous tip, malware writers exploit default settings on operating systems to make attachments harmless looking so that you will then open them.

If you really want to see the file, first scan it by saving it to a folder on your drive and then scanning it using a site like Virustotal. You can also email the person directly and ask if they actually sent you that file.

Tip 9: Ignore emails that state you won a contest or a stranger asking for assistance with their inheritance

A common online scam are emails from strangers that state that you won a contest or that they need help transferring money or receiving an inheritance. These are all scams where they are trying to get your personal information in order to perform identify theft or want to use you as part of a money laundering scheme. When you receive these emails just delete them.

Tip 10: Watch out for online and phone support scams

Phone support scams are becoming more common and involve receiving a phone call from someone pretending to be from Google, Microsoft, or another large company. They state that they have detected you are having computer problems and are offering free remote diagnostics to see what is wrong. After they take control of your computer and pretend to look at various things, they state that your computer has a lot of problems and then try to sell you a support contact or software. Microsoft, Google, and other large companies will NEVER call you out of the blue and do this. If you do receive a call like this say "No thanks" and hang up.

Just like phone support scams, online support scams are common as well. These scams come in the form of online advertisements that display misleading messages stating that your computer is having an issue. Just like the phone support scams, these are just advertisements from people who are trying to sell you software or services. Just ignore any advertisements and messages you see like this.

Tip 11: Ignore web pop ups that state your computer is infected or has a problem

When browsing the web, it is not uncommon to be shown an advertisement that pretends to be an online anti-virus program. These advertisements will pretend to scan your computer and then state you are infected. It will then prompt you to install a piece of software.

An example of this type of advertisement can be seen below:


Fake Online Scanners (Click on each image to enlarge)

If you see these types of advertisements, just close your browser to close the message. If you are having issues closing your browser, then you can use the Alt+F4 keys in Windows or the Apple Key+Q in MacOS to force the program to close. If the browser refuses to close, then you can use these guides to help you close the programs:

How to force quit a program on a Mac
How to close a program in Windows

Tip 12: Ignore and close web pop ups that pretend to be a Windows alert

Another tactic some software vendors use is to display web pop ups that pretend to be an alert from your operating system. These alerts look just like a Windows or Mac window, but are instead a web popup trying to get you to click on the ad.

If you see these types of advertisements, just close your browser to close the message. If you are having issues closing your browser, then you can use the Alt+F4 keys in Windows or the Apple Key+Q in MacOS to force the program to close. If the browser refuses to close, then you can use these guides to help you close the programs:

How to force quit a program on a Mac
How to close a program in Windows

Tip 13: Some types of web sites are more dangerous than others

Some types of sites are more prone to distribute malware or use deceptive techniques to have you click on ads. With this said, do not visit porn sites! I know some of you may not be happy about this, but the reality is that many sites in this category happily try to infect machines who visit them.

Other sites that you can commonly become infected from are Warez and Crackz sites. Not only is pirated software illegal, but the sites that distribute them are a breeding ground for malware.

Tip 14: Be vigilant when using Peer-To-Peer Software

Using a program like Bittorrent for legitimate applications is perfectly fine. On the other hand, if you use P2P applications for copyrighted movies or software there is a good chance that they may contain Trojans as well. It is very common for malware developers to distribute malware on P2P networks that pretends to be a program required to view a movie or play a game. Therefore, it is strongly suggested that you do not use Peer-to-Peer software for illegal activities as you will probably get what you pay for.

Tip 15: When installing a piece of software, watch out for "bundled" tool bars and programs that you may not want

A common practice used by free programs is to bundle others programs with them. This allows the developer to offer a program for free, but still earn revenue by bundling tool bars and other software in them. When installing a program, please read through all the prompts and instructions carefully. If you come to a screen where the program is asking if you wish to install another companies tool bar or program, then please do some research as to whether or not you think these programs will be useful to you. If you do not wish to install these bundled programs, then uncheck the option to install them.

On a general note, having too many browser tool bars can negatively affect the functionality of your web browser. As most browsers have built-in search fields that you can customize, there is typically no need to install separate search tool bars unless they contain specific functionality that you would find useful.

Tip 16: When installing a piece of software, read the End User License Agreement (EULA) so you know what you're getting into

When you install a piece of software be sure to read the end user license agreement, or EULA, before allowing it to install. By law, an EULA must contain information on how this program will interact with your computer and use your private information. If you find that a particular program is using your personal data or tracking your computer use, then you can use that information to determine if you really want to continue installing the software.

Users who read this also read:

  • How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector (PSI) Image
    How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector (PSI)

    One of the most important things a user can do to keep their computer secure is make sure they are using the latest security updates for Windows and their installed programs. Unfortunately, staying on top of these updates can be a time consuming and frustrating task when you have hundreds of programs installed on your computer. Thankfully, we have a utility called Secunia PSI, which is vital ...

  • How to remove a Trojan, Virus, Worm, or other Malware Image
    How to remove a Trojan, Virus, Worm, or other Malware

    If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware. These are those malicious programs that once they infect your machine will start causing havoc on your computer. What many people do not know is that there are many different types of infections that are categorized in the general category of Malware.

  • Understanding and Using Firewalls Image
    Understanding and Using Firewalls

    The Internet is a scary place. Criminals on the Internet have the ability to hide behind their computers, or even other peoples computers, while they attempt to break into your computer to steal personal information or to use it for their own purposes. To make matters worse, there always seems to be a security hole in your software or operating system that is not fixed fast enough that could ...

  • Demystifying the Windows Registry Image
    Demystifying the Windows Registry

    Ever since Windows 95, the Windows operating system has been using a centralized hierarchical database to store system settings, hardware configurations, and user preferences. This database is called the Windows Registry or more commonly known as the Registry. When new hardware is installed in the computer, a user changes a settings such as their desktop background, or a new software is installed, ...

  • 4 Simple Steps for removing Spyware, Hijackers, Viruses, and other Malware Image
    4 Simple Steps for removing Spyware, Hijackers, Viruses, and other Malware

    If you are experiencing problems such as viruses that wont go away, your browser gets redirected to pages that you did not ask for, popups, slowness on your computer, or just a general sense that things may not be right, it is possible you are infected with some sort of malware. To remove this infection please follow these 4 simple steps outlined below. Not all of these steps may be necessary, but ...

 

Comments:

blog comments powered by Disqus
search tutorials
Mandiant mWise Conference 2024

Login