Simple and easy ways to keep your computer safe and secure on the Internet
Lawrence Abrams
- August 17, 2004
- Read 541,947 times
Introduction
Let's face it, the Internet is not a very safe place. There are hackers trying to access your computer, worms trying to infect you, malicious Trojans disguised as helpful programs, and spyware that reports your activities back to their makers. In many cases those who become infected unknowingly become a breeding ground for unwanted programs and criminal activity. It does not have to be this way. With proper education and smart computing the Internet can be a safe, useful, and fun place to visit without having to worry about what is lurking around the corner.
This tutorial was created to provide tips and techniques for smart and safe computing. When using these techniques you will not only protect yourself and your data from hackers and viruses, but also keep your computer running more smoothly and reliably. The advice in this tutorial applies to all computer users and all operating systems, but we have tried to point out specific steps for various operating systems as it becomes necessary.
What you need to know to keep your computer safe on the Internet
Tip 1: Always install Operating System updates
The most important steps for any computer user is to always install updates, especially security updates, when they become available for your operating system. When operating systems are developed, bugs, or programming errors, are unfortunately created that could cause security vulnerabilities or make your computer act unexpectedly. Though the developers spend many hours trying to prevent these bugs, they are ultimately human, and bugs occur. It does not matter what operating system we are talking about, bugs are always introduced. Due to this, companies will routinely release updates and patches to fix any security vulnerabilities or errors as they are discovered.
In order for your computer to operate smoothly and safely it is imperative that all users install updates, especially security updates, as they are released. By not installing these updates you leave your computer at risk from remote users hacking into them or viruses exploiting these bugs to gain access to your computer. Thankfully, all modern operating system provide easy methods for installing new updates. In fact, most of these methods do all the work for you and just require you to click a prompt to allow the updates to install. Therefore, there really is no reason not to install them.
Below are two tutorials that can be used to learn how to update your operating system in Windows and MacOS:
For Macs: How to install Software Updates on your Mac
For Windows: How to update Windows
Tip 2: Keep your installed applications up-to-date
A common method that computer infections use to infect your computer are security vulnerabilities in your installed programs. Common programs that are targeted due to their large install base are web browsers, Microsoft Office, Adobe Reader, Adobe Flash, Adobe Shockwave, and Oracle Java. In order to make your computer as secure as possible, you need to make sure these programs are updated when new security fixes are released. The problem is that many people just ignore alerts about new updates, even though these updates fix security problems that could allow hackers into your computer.
If you are prompted by a known application that you commonly use stating that there is a new update, just click the button to allow it to be updated. This is especially true for web browsers, which are commonly targeted by malicious code on web sites. If there is a new version of your web browser available, you should upgrade it so that any security vulnerabilities are fixed.
If you use Windows, there is a great program called Secunia PSI that automatically scans your computer for applications and automatically updates them for you. Information about this program can be found at this tutorial:
How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector (PSI)
Tip 3: Do not use the same password at every site
It has now become common to hear about a company who was hacked and the hacker was able to access the company members email addresses and passwords. If you use the same password at every site, and one of those sites was hacked, the hacker now has your account information everywhere that you have an account. They can now login to your email, see what other accounts you have, banks that you use, etc and gather even more private information about you.
It is very important to use a different password at every site where you have an account. Unfortunately, we all know it's not realistic and even possible to remember a different password for every account you may own. To help with that you can use a password management program like Keepass to help you store your account information for each site you login to. Keepass also contains plugins that allow you to automatically login to sites you visit using the information stored in its database.
If you would rather not store your passwords in another program, then creating a standard password format is better than using the same password at each site. For example, for each site you visit you can create a password in the format [year born][sitename]!55. So if you were registering an account at Bleepingcomputer and you were born in 1975, you could use the password 1975bleepingcomputer!55. Then at CNN you could have an account 1975cnn!55. As you can see you are now using a different and strong password at each site, but you have an easy to remember format that you can use to determine the password.
Tip 4: Install and be sure to update your anti-virus software
It is very important that your computer has antivirus software running on your machine. By having an antivirus program running, files and emails will be scanned as you use them, download them, or open them. If a virus is found in one of the items you are about to use, the antivirus program will stop you from being able to run that program and infect yourself.
Is it also important to note that there is no point in running an antivirus program if you do not make sure it has all the latest updates available to it. If you do not update the software, it will not know about any new viruses, trojans, worms, etc that have been released into the wild since you installed the program. If a new infection appears in your computer, the outdated antivirus program will not know that it is bad, and not alert you when you run it and your computer becomes infected. It is imperative that you update your Antivirus software at least once a week (Even more if you wish) so that you are protected from all the latest threats.
It is also suggested that you install a free anti-malware scanner in addition to your normal anti-virus program. These free anti-malware scanners do not offer real-time protection unless you upgrade to the commercial version, but offer excellent detections when scanning with them periodically. Two recommended Windows anti-malware programs are MalwareBytes Anti-Malware and Emsisoft Anti-Malware. Tutorials on how to use these programs are listed below:
How to use Emsisoft Anti-Malware to scan and clean malware from your computer
How to use Malwarebytes Anti-Malware to scan and remove malware from your computer
The following link has a list of some online and stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources
Tip 5: Use a firewall
The importance of using a Firewall on your computer or on your network cannot be stressed enough. Just because you have all the latest security updates, you are still susceptible to unreported, unpatched, or unknown vulnerabilities that a hacker may know about. Sometimes hackers discover new security holes in a software or operating system long before the software company does and many people get hacked before a security patch is released. By using a firewall the majority of these security holes will not be accessible as the firewall will block the attempt.
For a tutorial on Firewall's and a listing of some available ones, please visit the following link: Understanding and Using Firewalls
Tip 6: Backup your data!
Backing up your data is not necessarily a way of keeping your computer safe, but it is a way of keeping your data safe. As you use your computer there may come a time that you cannot find a document or your hard drive fails. Having a regular backup of your data available saves you from the anguish of losing those hours of work or precious baby photos.
Both Windows and MacOS have free built in backup software so please be sure to use them to protect your data. In Windows, you can use Windows Backup program and Macs have the Time Machine program. If you wish to use a third-party program, we have listed two tutorials below that utilize free backup programs.
How to backup and restore your data using Cobian Backup
How to Backup and Restore your hard drive with DriveImage XML
Tip 7: Enable the display of file extensions
It is important to enable file extensions so you can see the complete file name. A file extension, or file name extension, is the letters immediately shown after the last period in a file name. Many viruses that are sent via email as attachments contain two periods. For example, picture.jpg.exe. Since Windows is by default configured to not display extensions, Windows will strip off the .exe and instead the file will appear as picture.jpg. To you this looks like harmless image file. Once you click on it, though, instead of an image opening, it actually runs the virus and you become infected. Though a Mac hides file extensions by default as well, this is less of a problem on that operating system.
For more information about file extensions and how to show them click here:
How to show File Extensions in Windows
How to show filename extensions on a Mac
What is a File Extension?
Tip 8: Do not open attachments from people you do not know
Don't open an attachment from someone you do not know. Simple as that. If someone you do not know sends you something, just delete it. If you receive an attachment from someone you know well, then you should still never open attachments that end with the following extensions: .exe, .pif, .com, or .bat. For more information about file extensions, please see step 3.
Attachments are a common way that computer infections spread from computer to computer. As described in the previous tip, malware writers exploit default settings on operating systems to make attachments harmless looking so that you will then open them.
If you really want to see the file, first scan it by saving it to a folder on your drive and then scanning it using a site like Virustotal. You can also email the person directly and ask if they actually sent you that file.
Tip 9: Ignore emails that state you won a contest or a stranger asking for assistance with their inheritance
A common online scam are emails from strangers that state that you won a contest or that they need help transferring money or receiving an inheritance. These are all scams where they are trying to get your personal information in order to perform identify theft or want to use you as part of a money laundering scheme. When you receive these emails just delete them.
Tip 10: Watch out for online and phone support scams
Phone support scams are becoming more common and involve receiving a phone call from someone pretending to be from Google, Microsoft, or another large company. They state that they have detected you are having computer problems and are offering free remote diagnostics to see what is wrong. After they take control of your computer and pretend to look at various things, they state that your computer has a lot of problems and then try to sell you a support contact or software. Microsoft, Google, and other large companies will NEVER call you out of the blue and do this. If you do receive a call like this say "No thanks" and hang up.
Just like phone support scams, online support scams are common as well. These scams come in the form of online advertisements that display misleading messages stating that your computer is having an issue. Just like the phone support scams, these are just advertisements from people who are trying to sell you software or services. Just ignore any advertisements and messages you see like this.
Tip 11: Ignore web pop ups that state your computer is infected or has a problem
When browsing the web, it is not uncommon to be shown an advertisement that pretends to be an online anti-virus program. These advertisements will pretend to scan your computer and then state you are infected. It will then prompt you to install a piece of software.
An example of this type of advertisement can be seen below:
Fake Online Scanners (Click on each image to enlarge)
If you see these types of advertisements, just close your browser to close the message. If you are having issues closing your browser, then you can use the Alt+F4 keys in Windows or the Apple Key+Q in MacOS to force the program to close. If the browser refuses to close, then you can use these guides to help you close the programs:
How to force quit a program on a Mac
How to close a program in Windows
Tip 12: Ignore and close web pop ups that pretend to be a Windows alert
Another tactic some software vendors use is to display web pop ups that pretend to be an alert from your operating system. These alerts look just like a Windows or Mac window, but are instead a web popup trying to get you to click on the ad.
If you see these types of advertisements, just close your browser to close the message. If you are having issues closing your browser, then you can use the Alt+F4 keys in Windows or the Apple Key+Q in MacOS to force the program to close. If the browser refuses to close, then you can use these guides to help you close the programs:
How to force quit a program on a Mac
How to close a program in Windows
Tip 13: Some types of web sites are more dangerous than others
Some types of sites are more prone to distribute malware or use deceptive techniques to have you click on ads. With this said, do not visit porn sites! I know some of you may not be happy about this, but the reality is that many sites in this category happily try to infect machines who visit them.
Other sites that you can commonly become infected from are Warez and Crackz sites. Not only is pirated software illegal, but the sites that distribute them are a breeding ground for malware.
Tip 14: Be vigilant when using Peer-To-Peer Software
Using a program like Bittorrent for legitimate applications is perfectly fine. On the other hand, if you use P2P applications for copyrighted movies or software there is a good chance that they may contain Trojans as well. It is very common for malware developers to distribute malware on P2P networks that pretends to be a program required to view a movie or play a game. Therefore, it is strongly suggested that you do not use Peer-to-Peer software for illegal activities as you will probably get what you pay for.
Tip 15: When installing a piece of software, watch out for "bundled" tool bars and programs that you may not want
A common practice used by free programs is to bundle others programs with them. This allows the developer to offer a program for free, but still earn revenue by bundling tool bars and other software in them. When installing a program, please read through all the prompts and instructions carefully. If you come to a screen where the program is asking if you wish to install another companies tool bar or program, then please do some research as to whether or not you think these programs will be useful to you. If you do not wish to install these bundled programs, then uncheck the option to install them.
On a general note, having too many browser tool bars can negatively affect the functionality of your web browser. As most browsers have built-in search fields that you can customize, there is typically no need to install separate search tool bars unless they contain specific functionality that you would find useful.
Tip 16: When installing a piece of software, read the End User License Agreement (EULA) so you know what you're getting into
When you install a piece of software be sure to read the end user license agreement, or EULA, before allowing it to install. By law, an EULA must contain information on how this program will interact with your computer and use your private information. If you find that a particular program is using your personal data or tracking your computer use, then you can use that information to determine if you really want to continue installing the software.