You wouldn't dream of leaving a brand new car unlocked and unattended in the same street as Thieving Keith the Car Thief, yet when it comes to computers, many of us do something very similar.
Unprotected computers are easy prey for viruses, malware and other online infections, and despite the very real dangers of identity theft, we'll accidentally - or in some cases, happily - share our most valuable personal information with the entire world wide web.
When fraudsters aren't trying to steal our identities, they're after our online banking details. Some of them are alarmingly convincing. Even the savviest computer owner has looked at an official-looking email and wondered whether it really is from the bank, or from eBay or Facebook, and legitimate-looking online shops can quickly part people from their hard-earned cash in exchange for products that never turn up.
The good news is that you can fight back. In the battle against net nasties, your PC can be your most powerful ally - and the utilities that you need don't have to cost you a thing. With a few cool tools, some useful information and some simple changes to the things that you post online, you can soon be much more secure.
Viruses, spyware and rootkits
Malware - malicious software - has been around since the earliest days of the PC, and as computers have become smarter, it has too. While different kinds of malware do different things, they all have two things in common: they try to sneak on to your PC without being spotted, and they can be stopped with up-to-date security tools.
The most famous kind of malware is the virus, which works in much the same way real-life viruses do - if your PC is infected, it can infect other PCs it communicates with.
Viruses typically spread by email, but they can also turn up in infected files such as documents or downloads - and viruses called worms don't need to infect files at all, as they can spread by taking advantage of security flaws on computers.
Viruses and worms usually have a payload, and that's the scary bit. One of the nastiest kinds of payload is the rootkit, which gives someone else remote access to your computer. That access can be used to flood your computer with more malware, or it can be used to steal computing resources, for example by using your computer to relay spam emails or attack a specific website.
Another kind of payload is spyware, which sits on your PC and watches what you do, sending data to its operator. That could be something specific such as credit card information, or it could be everything you type or a list of websites you visit.
Malware can really ruin your day. It can redirect your web browser, taking you to a site of its choosing no matter what web address you type; it can plaster your screen with adverts; and it can slow your internet connection or your entire PC down to a crawl.
Spyware rarely travels alone - if a computer has one piece of spyware on it, it usually has tens or even hundreds of similar infections.
So how does it get there? It can be dropped on to your computer by a virus or a worm, or by a web page that takes advantage of unpatched web browsers - that is, browsers that haven't been updated for a long time, so don't benefit from the latest security updates.
It can be installed alongside a legitimate application - spyware is quite common in the world of free music programs, especially peer-to-peer downloading applications - or it can be tucked into a pirated version of well-known software.
The good news is that prevention couldn't be easier or cheaper.
No entry
You can fight malware in a number of ways. The first thing you need to do is ensure you have the most recent Windows Updates, and that you have the most recent version of Internet Explorer (or the most recent Firefox, or Opera, or…) as lots of malware takes advantage of security holes that were closed a long time ago.
Step two is to install good security software. That needn't cost money - when we tested Microsoft's free Security Essentials, we found it as good as pricey packages - but whatever you go for, make sure it stays up-to-date. New malware is made every day, and security software that isn't up-to-date becomes useless.
Should you splash out on a security suite? That really depends on personal preference. Many such suites offer all kinds of protection, including automated scanning, beefed-up parental controls and protection from every conceivable kind of problem, and they often offer extras such as PC tune-up utilities. In many cases, though, you can get similar protection by installing a few carefully chosen freebies.
Don't overlook the features in Windows itself: Windows Defender can help keep spyware and other nasties from infecting your system in the first place; the Malicious Software Removal Tool runs a monthly check for known worms; and Internet Explorer warns you of suspected malware and potentially dangerous websites. Download a free copy of Microsoft Security Essentials and you've got a pretty impressive collection of security software.
Don't be lulled into a false sense of security, though - you still need to practice safe surfing. Unsolicited email attachments should be approached with caution, and you should never download a file you aren't completely sure about.
Staying away from the darker corners of the internet where pirated software lives is a very good idea, too, and not just from a moral point of view - you're much more likely to encounter malware on a dodgy download site than you are on more wholesome websites
What sounds like a washing machine full of spanners? Sadly it's no joke - we're describing the sound our hard disk made when the drive head crashed into the platter, destroying the disk and taking our data with it. Hard disks can and do fail, and the one we're talking about had three years of home videos, 10 years of photos and our entire music library on it. Luckily for us, we had a backup of the lot.
Imagine telling your partner or your kids that every photograph you've ever taken of them has just disappeared. The more that we do digitally, the bigger the risk of data loss from hardware failure or human error.
If it's important, make sure you have more than one copy of it; blank DVD discs or external hard disks are ridiculously cheap and the back-up features in Windows are very easy to use. Alternatively, online back-up services such as Mozy.co.uk cost around £5 per month and store your data on faraway servers.
Don't feed the phish
One of the most devastating scams is phishing, which tricks people into handing over their online banking details. Fraudsters send an email that appears to be from eBay, PayPal, Egg Banking, HSBC or some other institution, and the message asks you to confirm your personal details or click on a link.
None of these emails is legitimate, and neither are the sites they link to. Fill out the form or click the link and within minutes, the fraudsters will be cleaning out your account.
In many cases you're liable for any losses, because banks often won't reimburse you if someone's conned you out of your cash.
Internet Explorer and other web browsers do a fairly good job of spotting phishing scams - Internet Explorer uses domain highlighting to make it clear what website you're actually visiting and warns you if you're visiting a known scam site - but they're not perfect, so assume any email about money is a fake.
Banks will never email you asking for your password, or asking you to fill out a form with all your personal information.
If you're worried that your account may have been compromised, don't click on a link in an email - pick up the phone and call your branch.
Friends like these
The rise of Facebook has led to an explosion in Facebook scams. Some of them are simple, demanding you click the Like button before you can see a photograph, video or something else interesting, but others access your profile and harvest your personal information, send messages to your friends or, in some cases, sign up your mobile phone to a premium rate service.
Such scams ask you to install an unfamiliar application, or download a program, or they appear in the form of strange messages from your online friends.
Is your password too obvious? Lots of people use '123456', or 'password', or their children's names. Such passwords are easy to guess, and they make it easy for someone to pretend to be you and gain control of your social networks, or your email, or any other online service.
Good passwords are long and impossible to guess: 'poppy1' is bad and 'PsTSFSgs1123' is better. Don't use the same password for everything, either - when blog network Gawker was hacked last year, all its users' passwords were published online.
Another sensible precaution is to limit the data you publish on social networking sites such as Facebook. In many cases, data that's really useful to fraudsters - your full date of birth, postal address, contact numbers and so on - doesn't need to be posted online; your friends already know how to contact you and when your birthday is, so why make things easier for identity thieves?
Think of the information you need to provide when you set up a bank account or a direct debit. How much of that are you posting publicly?
Beware of Facebook's privacy settings, too, because the site regularly changes them to make previously private information public. Location-aware services such as Foursquare, Gowalla or Facebook Places can tell everyone where you are, but if you're not careful, they could be telling the whole world your house is empty.
As the now-defunct Pleaserobme.com demonstrated, many people post so much information on social networks that it's really easy to see when they're away from home, work out where they live and steal all their stuff.
The trick to staying safe on social networks is very simple: don't accept friend requests from people you don't know, don't click on things or install applications that seem unusual, and be careful about what you post
No comments:
Post a Comment