Security Recommendations

Protect your computer

As well as the well-known threat from computer viruses, when you are online you are vulnerable to attack from many other directions. These may be 'simple' phishing attacks asking for sensitive information directly. They may also be indirect phishing attacks using spoofed sites or links. Your computer is also vulnerable to Trojan attacks through email attachments which can install programs to send sensitive stored information from your computer to fraudsters. (These were previously called by the full name of 'Trojan Horses' but nowadays only the 'Trojan' part seems to be used.) Other Trojans can install 'keystroke recorders' which record (and send to the fraudster) how you respond to security questions and, in fact, everything you type on the computer! These were originally designed to keep track of employees productivity or activity but have now been hijacked by fraudsters. Even seemingly innocent adverts in pop-up boxes can contain an attack.

The only solution is to protect yourself as much as possible.

Anti-Virus

You should always use a reputable Anti-Virus program which is easily updateable (and which you keep up-to-date!). There are many commercially available programs including the market-leaders McAfee, Norton and Sophos. There are also free (at the time of writing) personal versions of AVG Antivirus available from Grisoft. This has a very useful auto update facility as well as a companion anti-spyware program. Some authorities advise that you do not rely on a single anti-virus program but there have been reported incidents of conflicts between anti-virus programs reporting false findings of a virus so you should check for compatibility. The main drawback though, is the increased time to scan all of the files on your hard disk. There is also an increased requirement for download time if you need to update multiple anti-virus programs and this can conflict with other activities. Beware of the natural instinct to run the anti-virus check or the updating less frequently because of the time involved. Make sure you schedule time to run your anti-virus and update it!

Anti-Spyware/Adware

Spyware/Adware is another big source of security concerns. These are programs that sit on your computer and carry out actions without your knowledge. Spyware installs itself (often as part of something else - free screensaver or other application downloads often pay for themselves by installing adware or spyware when you download them) and watches what you are doing. In this respect it is similar to a Trojan Horse. Fraudsters use this technique to get hold of more sensitive data like account details or even passwords used for internet banking and to make them available to the scammer.

You need specific anti-spyware/adware utilities to block these in the first place but also to search for any spyware that might be hiding on your computer

Adware is mostly just annoying rather than dangerous. Adware is responsible for all of those pop-up windows that get in the way of working on your computer. Adware is normally generated by a freely available download or free-to-use program but which which has advertisements built in to the software. Some websites act in the same way to generate advertising pop-up windows when you click on an option. From that point onwards the Adware installed on your computer brings in related advertising whenever you log on to the internet. The only reported danger is that some pop-up windows have been known to contain their own viruses/worms/trojans or spyware. In general you should not click-through blindly on pop-up adverts. If the offer looks interesting just log onto the website. The recent epidemic of worms (internally self-replicating programs that grow to completely block the operation of your computer) was carried on the back of adware. Apart from the danger of infection, the main consequence of failure to block adware is a completely cluttered screen and the pain of removing multiple pop-up windows before you can do what you intended.

The other major outcome is that often Adware will download other Adware and Spyware will download other Spyware. (The boundaries between the two are very thin indeed and most applications that are adware will also do a lot of spyware stuff). Very quickly an Adware and Spyware infected PC will start to slow down. Often it is very badly written software that will have bugs that cause unexpected error messages or system crashes too. If your PC is getting slower and slower or keeps popping up alerts or crashing it is worth running one of the Spyware removers.

Free anti-spyware and anti-adware programs are available from AVG (Grisoft) along with the anti-virus program. Other available anti-spyware products include three commercial anti spyware tools: PC Tools' Spyware Doctor, Webroot Software's Spy Sweeper and Max Secure Software's Spyware Detector. There are also other free products including: Lavasoft's Ad-Aware SE Personal Edition, Microsoft's publicly available beta of Windows Defender 1.1, and Safer Networking's Spybot Search & Destroy. These will all seek-and-destroy installed spyware/adware and also block future attempts to place them on your computer.

Again, many authorities advise using more than one anti-spyware/adware program to improve detection rates since the programs have different lists and techniques but again the consequence is the inconvenience of running these on a regular basis. This time though the case for using multiple anti-spyware/adware programs is perhaps greater than the case for multiple anti-virus programs because of the vast range of potential infections.

Install a Firewall

A Firewall is software that blocks unlimited access to your computer from the Internet. It guards your computer or local network perimeter from inbound and outbound threats. A firewall prevents spyware and other malicious programs from sending your personal information across the Internet. Effectively it automatically makes your computer invisible to anyone on the Internet and protects your programs from malware (malicious software - a generic 'geekspeak' term for any software designed to do harm). A highly recommended product is ZoneAlarm which offers a free download of the basic level firewall but has even higher levels of protection available for an extra charge. Alternatively, Windows has a built-in firewall which should be activated immediately if you have not done so already.

Be Suspicious

Be careful when loading any new software. This is particularly so in the case of downloaded software. This is the main source of infection. Only download from sites that you have specifically requested. Avoid downloading by clicking on a pop-up box unless it is a trusted link e.g. Microsoft.

The usual advice of taking care when opening files attached to emails applies here. Only open these if you know the correspondent. (Even then, some correspondents are more trustworthy than others!) Take care copying files from CD-ROMs. Be aware of their origin and use anti-virus checks to prevent viruses. Even if no viruses are detected, there is still the danger of accidentally downloading a Trojan or a new worm.

Keep your computer up-to-date

Microsoft, Linux and Macintosh produce regular security updates to operating systems and general security advice. Browser suppliers similarly publish updates. Many of these are designed to combat recently discovered threats to security. You should make a habit of checking that you are up-to-date on a regular basis or you should turn on the automatic notification system. Microsoft regularly produce patches to cover security vulnerabilities and you should ALWAYS keep up to date with the latest of these. Remember, Microsoft Update is your best friend if you are using Internet Explorer and/or Outlook (or Outlook Express).

Some other recommendations:

If you are running Windows, the biggest security risks come from using Internet Explorer and Outlook Express. Think about changing browser to Firefox or Opera both of which are faster and more secure, partly because most people are using Internet Explorer so it is more profitable for malicious software writers to target that. If you are using Outlook Express you can change to Thunderbird ( the email counterpart to Firefox ) or the email client built into Opera instead.

If you are really worried about the security of your computer you might want to think about changing platform next time you upgrade, at
the time of writing the news had recently broken of a low-risk virus for Apple OSX having been developed, meanwhile one leading Windows
anti-virus manufacturer reported their product was able to catch just short of 73000 different viruses and trojans.

Read up on the dangers

There is an excellent book available from Amazon which will give you a grounding in the field. It is "Computer Security for the Home and Small Office " by Thomas C Greene. A comprehensive article about SpyWare is available via the Internet.

Don't Panic!

If the above makes you feel worried - Don't! You will only be vulnerable if you don't take reasonable steps to protect your computer and the data on it. Above all DO NOT PANIC at those (usually totally incorrect) viral warnings that come around with annoying frequency. They are the ones that are flagged with a red exclamation mark and usually start "WARNING!!! Destructive new virus found!! End of world imminent!!!!! " or similar and end with "Forward this to every person in your address book ". Some give first aid advice such as "look for the file xxxxx.xxx and delete it! "

The message is almost undoubtedly a hoax and the more exclamation marks the less likely it is to be true!!!!

In one recent hoax/prank/simple mistake a file was recommended for deletion just because the file icon was a little teddy bear. There was nothing wrong with the file. Even Microsoft programmers have a sense of humour!

These 'warnings' spread like wildfire in the internal email of large organisations like banks or call-centres and then spread out to private addresses of friends. By the time the systems administrators have found out about it and told people to stop, the damage has been done and another scare is on its way around the world. Amusingly they usually come back again a while later from people who read their email late or as a delayed part of the initial wave.

If you get one of these do not panic, but instead check on the websites of the major antivirus sites for mention of the 'virus'. In most cases you will find it a known hoax but if the threat is real you will find an analysis of the threat and remedial actions you can take FROM AN AUTHORITIVE SOURCE. There is a list of these HOAXES at the McAfee site.

The Register is an excellent source of unbiased information. Otherwise check out Microsoft or the virus tracking sites of your own antivirus software at McAfee, Norton (Symantec), AVG (Grisoft) or Sophos.

If you really want the latest information then you can register for free email notification of real virus outbreaks.