|
Computer Security Tips
Provided By Crytzer Computer Services
Passwords and User IDs
For each computer or online service you use, you should have a user ID (commonly called user name) and password.
- If the online service allows it, try to create the most bizarre and original password using a combination of letters and numbers.
- If your computer and network will allow use a combination of letters and numbers.
- Commit your password to memory and don't share it with anyone.
The following easily identifiable items should be avoided when creating passwords:
- Your birth date or a family member's birth date
- Names of family members or pets
- Social Security number
- Phone numbers
- Dates of important events, such as anniversaries
Tips for creating strong passwords:
- Always use a combination of numbers and letters. Some online services will not allow you to use a combination of numbers and letters. In those situations use a unique password, avoiding the "easily identifiable items" listed above.
- Longer passwords are better.
- Make sure it's something you can remember without writing it down.
[ Return to Top ]
Install and Use Anti-Virus Programs
Viruses can infect a home computer in many ways: through floppy disks, CDs, e-mail, Web sites and downloaded files. Anti-virus programs help protect your computer against most viruses, worms, Trojans and other unwanted invaders that can make your computer "sick." Viruses, worms, etc. often perform malicious acts, such as deleting files, accessing personal data or using your computer to attack other computers. Installing an anti-virus program and keeping it up-to-date is the best defense for your home computer.
These companies offer a free on-line virus scan of your computers: | Trend Micro | Panda Software | Norton |
[ Return to Top ]
Firewalls: What Are They and How Do I Use Them?
A firewall can be generally described as a security guard for your home computer. The guard is a piece of software or hardware that helps protect your PC against hackers and many computer viruses and worms. With a firewall, you define which connections are allowed between your computer and other computers on the Internet or on a network and which are denied. Windows XP Home and Windows XP Professional operating systems include a firewall but it is cumbersome to use in their original release and in Service Pack 1. However, these two operating systems with Servce Pack 2 have a much improved and easier to use firewall program. It actually asks you if you want a connection to be allowed "this time only" or permanently.
[ Return to Top ]
Phishing
All Internet users should be aware of the online scam known as "phishing" (pronounced fishing). Phishing involves the use of e-mail messages that appear to come from your bank or another trusted business, but are actually from imposters.
Phishing e-mails typically ask you to click a link to visit a Web site, where you're asked to enter or confirm personal financial information such as your account numbers, passwords, Social Security number or other data. Although these Web sites may appear legitimate, they are not. Thieves can collect whatever data you enter and use it to access your personal accounts.
[ Return to Top ]
How can I spot a phishing scam? Look for these warning signs:
- Language and tone. The message you receive may urge you to act quickly by suggesting that your account is threatened. It may say that if you fail to update, verify or confirm your personal or account information, access to your accounts will be suspended. The wording may also be sloppy and contain misspellings.
- Phishing e-mails typically ask for personal or account information such as:
- Account numbers
- Credit and check card numbers
- Social Security numbers
- Online banking user IDs and passwords
- Mother's maiden name
- Date of birth
- Other confidential information
- Clever thieves can build a fake Web site that looks nearly identical to an authentic one. They can even alter the URL (the Web address) that appears in your browser window. Watch out for non-secure Web pages that ask for sensitive information. Secure sites will display a closed lock in the status bar at the bottom of your browser window. Refer to Figure 1. If a lock is not present or the lock is not closed it is not a secure site.
[ Return to Top ]
Safety tips to help decrease the risk of being a phishing victim:
- Be suspicious of demanding or threatening messages. Messages threatening to terminate or suspend your account without your quick response should be treated as suspicious. A legitimate bank or business should not request personal information from you over an unsecured Web site. When in doubt, call the business' customer service number (available on your account statement) to confirm the status of your account. Do not use telephone numbers found on the suspected Web site.
- Always type in the URL of the Web page you need. Phishing scams rely on embedded links that take you to fake Web sites. It's safer to type your bank's Web address directly into your browser so you know you're visiting the legitimate site.
- Protect your password. Don't write down sensitive personal information such as your password or Social Security number. Change your password frequently.
- Keep your computer up-to-date. Crytzer Computer Services recommends that you install anti-virus and firewall programs to help keep your computer safe.
[ Return to Top ]
Recent phishing scams.
- Some banking customers have recently received e-mail messages stating that "there have been a large number of identity theft attempts targeting customers." The e-mail requests that customers confirm their identity for personal online banking by clicking a link and logging onto their accounts.
- Another recent fraudulent e-mail pretends to be a "Security Center Advisory" that informs customers their account "has been randomly selected for maintenance," and that they need to click a link to verify their identity.
- Yet another fraudulent e-mail states that there is a pending charge (often a quite large one) to the customer's account, and in order to decline the transaction, the customer needs to click a button or a link in the e-mail.
All of these e-mail messages include links that appear to take customers to a legitimate Web site; however, the Web pages they go to are not legitimate. They actually take customers to fake Web pages where the scammers collect personal and account information. For example, click on the following link to see how you can be misdirected without even knowing it -- Western Counties' Employee Credit Union.
[ Return to Top ]
E-mail Attachments. E-mail viruses and worms are fairly common. Do not download attachments to your hard drive. Instead, if you have a floppy disk drive and the download is less than 1.35 MB, download it to a floppy disk. Then run your anti-virus program to check the file on the floppy.
Here are steps you can use to help you decide what to do with every e-mail message attachment you receive. You should only open and read a message that passes all of these tests:
- The know test. Is the e-mail from someone you know?
- The received test. Have you received e-mail from this person before?
- The expect test. Were you expecting e-mail with an attachment from this sender?
- The sense test. Does the e-mail subject make sense based on who is sending the e-mail? Would you expect this type of attachment from this person?
- The virus test. Does this e-mail contain a virus? To determine this, you need to install and use an anti-virus program.
[ Return to Top ]
Keep Your System Up-to-Date. Most software vendors provide free patches to fix problems in their products. You can usually download these patches from the vendor's Web site. When you purchase a program, it's a good idea to find out how the vendor provides customer support.
[ Return to Top ]
Backups: How Important? It is a good practice to back up important files and folders on your computer. To back up files, you can make copies onto media that you can safely store elsewhere, such as CDs or floppy discs.
[ Return to Top ]
Delete Temporary Internet Files And Cookies. It is also a good practice each and every time you sign off of the Internet to immediately delete your cookies, temporary files, and clear the history record. To do so:
If you are using Internet Explorer 6:
- Open (activate) Inernet Explorer
- In upper toolbar click on TOOLS
- In the drop down menu click on INTERNET OPTIONS
- Click Delete Cookies (if it is available). Select OK to delete all cookies in Temporary Internet folder.
- Click Delete Files. A second box will appear. Put a checkmark in "delete all offline contents" checkbox and press OK
- Click Clear History. Select OK to delete your history files.
If you are not using the latest version of Internet Explorer then you might not be able to delete the cookies using the above instructions. However, you can still delete all cookies by doing the following:
- Right click on the My Computer icon on the Desktop
- Left click on Explorer. This opens Windows Explorer
- Click on the plus sign for My Computer
- Click on the plus sign for the C: drive to expand it
- Click the plus sign for the Windows folder
- Click on the Cookies folder in the left pane to show files in the right pane
- Highlight any folder or file in the right pane
- In the top taskbar click on Edit
- In the drop down menu click on Select All. All cookies will be highlighted in the right pane
- Hold down CTL or CTRL and in the right pane click on index.dat to de-select it. Then delete all remaining files.
[ Return to Top ]
Install the Microsoft AntiSpyware Program: If you don't have the new Microsoft AntiSpyware Beta then go to the Microsoft Download site and download and install it. It will update the definitions the first time you run it. Just make sure you have deleted all of your cookies, temporary Internet files, and history before running the AntiSpyware or it will list all of them as spyware/adware.
Go to the Microsoft Download site to download and install the AntiSpyware Beta program.
[ Return to Top ]
|
