Saturday, August 30, 2008

Securing Your Computer System

Today, more and more people are using their computers for everything from communication to online banking and investing to shopping. As we do these things on a more regular basis, we open ourselves up to potential hackers, attackers and crackers. While some may be looking to phish your personal information and identity for resale, others simply just want to use your computer as a platform from which to attack other unknowing targets. Below are a few easy, cost-effective steps you can take to make your computer more secure.

1. Always make backups of important information and store in a safe place separate from your computer.

2. Update and patch your operating system, web browser and software frequently. If you have a Windows operating system, start by going to www.windowsupdate.microsoft.com and running the update wizard. This program will help you find the latest patches for your Windows computer. Also go to www.officeupdate.microsoft.com to locate possible patches for your Office programs.

3. Install a firewall. Without a good firewall, viruses, worms, Trojans, malware and adware can all easily access your computer from the Internet. Consideration should be given to the benefits and differences between hardware and software based firewall programs.

4. Review your browser and email settings for optimum security. Why should you do this? Active-X and JavaScript are often used by hackers to plant malicious programs into your computers. While cookies are relatively harmless in terms of security concerns, they do still track your movements on the Internet to build a profile of you. At a minimum set your security setting for the “internet zone” to High, and your “trusted sites zone” to Medium Low.

5. Install antivirus software and set for automatic updates so that you receive the most current versions.

6. Do not open unknown email attachments. It is simply not enough that you may recognize the address from which it originates because many viruses can spread from a familiar address.

7. Do not run programs from unknown origins. Also, do not send these types of programs to friends and coworkers because they contain funny or amusing stories or jokes. They may contain a Trojans horse waiting to infect a computer.

8. Disable hidden filename extensions. By default, the Windows operating system is set to “hide file extensions for known file types”. Disable this option so that file extensions display in Windows. Some file extensions will, by default, continue to remain hidden, but you are more likely to see any unusual file extensions that do not belong.

9. Turn off your computer and disconnect from the network when not using the computer. A hacker can not attack your computer when you are disconnected from the network or the computer is off.

10. Consider making a boot disk on a floppy disk in case your computer is damaged or compromised by a malicious program. Obviously, you need to take this step before you experience a hostile breach of your system.

...Read more!

Tuesday, August 26, 2008

Surfing The Web Anonymously

When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information. It gets worse. People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.

How do people get this basic information about you?

When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.

How do you stop this from happening?

First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.

How do I get an anonymous proxy server?

There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.

Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).

Does an anonymous proxy server make you 100% safe?

No. Still, you are much better off if you use such technology.

What other things should I be concerned about when trying to keep my private information private?

Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.

Anything else?

Wishing you happy and safe surfing!

...Read more!

Wednesday, August 20, 2008

Phishing For Your Identity

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.

A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

...Read more!

Sunday, August 17, 2008

Website Security Rules of the Road

In 2004, online consumer spending was at a record $65.1 billion. More and more people are attracted to the ease of online shopping and are spending higher amounts. Unfortunately, the chances of becoming a victim of Internet fraud are also increasing. The Internet National Fraud Center Watch reported that the average loss to fraud victims for just the first six months of 2005 was $2,579. This is compared to the $895 average for all of 2004. Complaints relating to general merchandise purchases (goods never received or misrepresented) accounted for 30% of Internet fraud complaints, and auction purchases (goods never received or misrepresented) topped the list at 44%.

While many e-commerce Websites are reputable and have taken the necessary safety precautions to protect you, it never hurts to always proceed cautiously. If you are making an online purchase consider these easy steps:

1. Use only one credit card, preferably with a low credit limit, when making online purchases. Avoid using an ATM or debit card.
2. Be wary of unsolicited offers by sellers. The Internet National Fraud Information Center Watch reported that email, as a method of contact by Internet scammers was up 22% in 2004.While the offer may be legitimate, spammers like to use this tactic to side-step reputable sites that provide consumer protection for online purchases.
3. Use only reputable e-commerce websites that list a street address and telephone number in case you need to contact them directly.
4. Read the website’s privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
5. Check for a lock symbol in the status bar at the bottom of your Web browser window. Also, do not provide your personal information if the website address doesn’t start with “https” (a sign that the site is using a secure server).
6. Choose only verified sellers. Check to see if the vendor is a verified member of a reputable third party such as the Better Business Bureau, VeriSign, or Guardian eCommerce. These third-party sites help to ensure online consumers will be protected when shopping or conducting e-commerce transactions.
7. Check that the delivery date posted is reasonable. If you have not dealt with the vendor on a regular basis, be wary of any Website that states the shipment will be delayed 20 or more days. Delivery dates of 7-10 days are more common.
8. Keep a paper trail of all online transactions. Print out a hard copy of the transaction and keep it in a file for future reference.
9. Be wary of website offers that just sound too good to be true. The Internet is littered with get rich quick scams and false advertising claims. Investigate all claims thoroughly before proceeding.
10. If you do not receive what you paid for, and the vendor will not return your emails or calls, contact your state’s Department of Consumer Affairs for further assistance.

...Read more!

Wednesday, August 13, 2008

How many spyware in your computer

How many spyware items are infecting your computer?

I just had, by mistake, a plug-in called Intelligent Explorer attach to my browser. What a nightmare! I have another article on this topic, but this brings home a point. Spyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them. From the Infosec Writers web site, "According to a survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."

What is Spyware?

Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:

“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”

To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.

So what do you do about it?

No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:

1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)

2) Spybot Search & Destroy from PepiMK Software

3) Xoftspy form Pareto Logic

5) Spyware Guard from Javacool Software is a free program

4) Pest Patrol (now part of Computer Associates by acquisition)

5) McAfee Anti-Spyware

One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.

And, when all else fails?

Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.

...Read more!

Saturday, August 9, 2008

Free Spyware Adware Remover

Computers need routine maintenance as well as systems checks in order to be in good condition at all times. This can be done by getting the proper software or sending the unit to the shop.

If the individual notices that the computer is not performing as well as before, proper action must be done immediately before everything shuts down. Aside from the potential threat of a virus that can destroy the operating system and the hard drive, another concern should be the spyware and the adware that comes when a website is visited.

Spyware and adware programs can be purchased in the store. With the development of e-commerce, software companies have made it possible to get these things online and have it downloaded in an instant into the computer.

Is there one software program better than the other? Some will say this brand while others will say another depending on how user-friendly and effective it has performed in the past. Here are the top 5 that are free for the person to use so the user should be the judge.

1. McAfee has been in the business of providing security solutions since 1987. The software programs it offers can take care of viruses, spyware, adware and any other threats all in just one package.

Among the different software companies in the industry, this firm does not allow free trials but those who have used it and are still doing so today are satisfied with its products and services.

2. Another leader in the industry is Symantec. This company started 5 years earlier than McAfee and offers customers various versions of its products. Those who are skeptic about the adware and spyware software it has can download the software and try it for 30 days. Those who amazed can then buy the program to continue enjoying its services.

3. Microsoft is one of the biggest software companies in the world. Aside from offering to customer’s operating systems, it also has adware spyware remover, which can be downloaded for free into the computer.

4. The fourth company on the list is not as big as the other three players but is still able to hold its head up high in the market. The program is called Spybot Search and Destroy. From the name itself, the individual can already tell what it can do as well as prevent new threats from ever popping up in the future.

5. Lastly, is Adaware, which also has various versions for personal and commercial use. Those who will just use it to keep the computer safe at home can download the adware spyware remover program for free. If this will be used by a company to protect its assets, a fee will be charged to keep the system running.

The person does not have to be a computer expert to be able to protect everything inside the computer because there are adware spyware remover programs available.

Once it is downloaded and installed, the individual does not have to worry because the software will check the computer carefully as well as receive updates so new threats can be caught before it can do any damage making one sleep peacefully at night. It is up to the customer whether to pay for the system or simply get one that is free.

...Read more!