Keeping safe online
Before you can work effectively with computers, you need to take measures to protect yourself and your computers.
Despite all the scary stories you hear about how dangerous it is to surf the web with all its security threats and nasty computer viruses, with some common sense, a good understanding of what you're up against, and the right tools and online behavior, it's pretty easy to keep your PC safe.
You will need to protect yourself on FIVE fronts:
- Backup you important files
- Keep your operating system, browsers, plug-ins, anti-malware, and other software up to date.
- Practice "safe computing" by maintaining proper email, browsing and downloading hygiene.
- Use free anti-virus and anti-malware software
- Establish a sensible Password security regimen and change passwords often.
Passwords will be addressed next, but let's cover the first four in the list here.
Your first measure should be to set up a workable back-up regimen. This means always maintaining TWO backup copies of your important files.
1. Backup to a local external hard drive like a memory stick or portable drive.
TB (1,000 GB) hard drives are very cheap now and should be used to copy the entire contents of your computer. Store this drive is a save location, or better yet, at another location.
2. Backup to an off-site location. This means moving your portable back-up drive to ANOTHER LOCATION, such as at the office or friend's or relative's home.
However, an even more secure practice is to backup files to a web server. Several FREE services provide backups to their web servers and even provie a utility to automate this process. Sweet!
Sign up for one of these FREE ONLINE BACKUP service and back up your most important files and folders.
- www.mozy.com (2 GB Free)
- www.humyo.com (5 MB Free, 5 MB of additional media files free)
2. Keep Your Software Up To Date
It's laughable how many people install multiple antivirus applications but don't keep their software updated. If everybody would simply keep their systems patched, we wouldn't have to worry so much about computer security.
Your security software can only protect you from bad things it KNOWS about, so make sure you keep your software up to date. Check for email, browser and operating system software updates at least once a month. Older versions may have security flaws that allow unauthorized access to your system.
Keep applications like Acrobat and Flash updated or uninstall them. Even though we're complaining about people not keeping Windows updated, the fact is that most drive-by malware infections these days occur in your browser plugins. Adobe Flash is notoriously full of security holes. The latest attacks have been using vulnerabilities in Adobe Acrobat to infect your PC without installing a thing! Simply go to the wrong website containing a PDF file with a hidden exploit in a hidden frame, and bingo,your system is compromised.
Here are links to help you to find new versions, upgrades or security patches:
3. Learn and Maintain Proper Browsing and Downloading Hygiene
Just as you have a routine for avoiding germs and viruses in the physical world ( covering your mouth when coughing, washing your hands, etc....) you need to establish correct "computer hygiene” for the online world.
Anti-virus software is no GUARANTEE that you will remain safe. You need to combine anti-virus and anti-malware tools with correct online behavior. Even with antivirus software, sooner or later you WILL receive an email that contains a computer virus. Perhaps you got one today with the Heart Bleed virus attached. But if you understand a few simple concepts about email and viruses, there is really nothing to worry about. If you learn and maintain safe email handling and browsing habits your chances of getting computer infections goes down dramatically.
Do not send or open attachments
You can't get a virus just by reading your email and a virus cannot attack without your help. Don't click on email attachments unless you're sure it was sent on purpose, and the sender can explain what it is. Never send attachments (and tell your friends, family and co-workers not to use them either. It is safer to share files with cloud storage services, like DropBox, but more on that in another article.)
Anti-virus software may help sniff out bad attachments, but if the virus is very recent, your anti-virus package may not be able to detect it.
Here are some practical tips to help you deal with attachments sent to you:
- If you get an email with an attachment from someone you don't know, delete it. You don't take candy from strangers, and you should behave the same with email attachments.
- If you get an email with an attachment from someone that you do know, even a friend, don't assume it's harmless. Many viruses spread by automatically sending themselves to the addresses found in the victim's address book, and they often include something in the message body that looks like a personal message from your friend. CALL or EMAIL your friend and ask if they meant to send you an attachment.
If they say no, then obviously you should delete the message and let them know THEY might be infected with a virus. It's also quite likely that the virus didn't come from your friend at all. Many viruses spoof the "From" address in the emails they spew out, so it's hard to learn the true origin.
Semi-technical side Note:
To force Windows to display the entire filename (which is good practice anyway), open My Computer then click on Tools/Folder Options/View (on some systems, click on View/Folder Options/View) then uncheck the "Hide file extensions for known file types" option. But even this may not be enough. Some viruses are designed to hide certain file extensions even when they are supposed to be unhidden.
Be alert and pay attention to where you browse
The way computer threats work is they install malicious software on your system. Sometimes they do this by tricking you. This is the classic email attachment scam. Open an email attachment from a "friend”, but it is really malware or a virus. Another trick is to take you to a fake site that purports to be a legitimate source to download the Firefox or Chrome browser or the Flash player, but it is really a malware site trying to install bad things on your system.
The easiest way to protect yourself from these kinds of threats is to simply pay attention to the sites you visit. Look at the URL address of websites for clues. The URL of the site should match the name of the publisher of the software you want.
For example Goooogleadsence.biz and googleanalytics.net were two of a number of sites trying to fool people into believing they were visiting a Google site. ( the site had been taken down at the time of this writing).
The publisher of the Firefox browser is Mozilla, so be sure to always download Firefox updates from the Mozilla website
Look at the website itself for clues. High pressure tactics to click on links or download software you are unfamiliar with are signs of illegitimate sites, as are cheesy designs or sites that look like they were put up in a few hours.
If in doubt, do not click on any links and get out of the site immediately or just shut down your browsers and start over.
Don't browse the web using Administrator accounts
Other web scams work by installing software on your system by installing software without your knowledge. If you browse the web using a Mac or Windows account that does not have Administrator privileges, this is not possible. Without administrator privileges needed to make changes to your computers settings, installing software will be blocked, until you provide the Admin access credentials.
Not having Administrator access in Windows 8 or Mac can be frustrating and will definitely slow you down. You'll have to type in the account administrator account password every time you need to do something that requires you to have it. However, this is much safer and pretty much ensures that no malware or virus can sneak themselves onto your computer without your knowledge..
If you share you computer with your kids or an undisciplined roommate, or you are finding that despite following the advice here that you are sill getting malware infections on your computers, you should consider setting up a non-admin user account and using it when surfing the web.
Here is the link to a video tutorial covering how to create non-admin accounts in Windows 8
Here is a link to instructions on creating a new user on a Mac running OS X
4. Use Both Anti-virus and Anti-malware Software
To deal with today's dual virus and malware threats, security experts recommend using one On-Access Antivirus Tool and one Anti-Malware Tool.
Let's start with the differences between viruses and malware. Viruses are a specific type of malware that is designed to replicate and spread. Malware is a broad term used to describe all sorts of unwanted or malicious code. Malware can include viruses, spyware, adware, nagware, trojans, worms, and more.
Early security software focused on the more sexy viruses, so the term antivirus software is better known. Many of these programs are referred to as on-access, or real-time, because they are loaded during operation system start-up and interact with programs in the background until the system is shut down again. The software scans files in real-time and blocks the activity of components known to represent malware.
Let's now review which tool covers which threats, and how to keep safe. Over the last dozen years the focus of online criminals has shifted away from viruses to malware. Most malware these days is written for monetary gain. The bad guys want to spy on you to capture your passwords, get your email address to send you spam, steal personal data including credit card and banking details, pins and passwords, or collect information such as home addresses, phone numbers and even the names of family members. Criminals can, for example, write malicious code and distribute it as malware referred to as trojans. Trojan malware collects personal data which can be sold to crime organizations who can then steal money directly from the victim's bank account.
When it comes to keeping your Windows PC secure, all of the scare tactics and overblown virus stories out there make it hard to feel safe online. The good news is there's a lot of very good FREE anti-virus software out there, so you do not have to spend any money.
The release of Microsoft Security Essentials ( MSE) changed the landscape of antivirus software. MSE is a free download for Windows 7 and earlier and comes already installed on all Windows 8 machines as Windows Defender. Finally, we have a completely free application that protects against viruses, spyware, and other malware without killing system performance. We are talking about you Norton and McAffe!
Many security experts rate MSE one of the best designed antivirus programs out there; it's so easy to use, even the most tech-un-savvy person can figure it out pretty quickly. There are other antivirus programs out there and some claim MSE is lame and somthing is better but the key here is MSE (or Defender if you are running Windows 8) is FREE and so EASY to use that it WILL get used. Everything else my students have tried may work great but is HARDER to use slows downs their computers. Harder to use means you wont use it, or you will use it correctly, which is so much worse.
Get MSE. Use MSE. In my personal experience, it barely slows down the machine and rarely affects my work flow. During a deliberate attempt to download some viruses (for testing purposes), it immediately found and blocked them from doing anything. MSE is great at removing viruses, but it only detects some of the malware out there, so it is recommended to pair it with one of the anti-malware applications mentioned below.
Avast! is another free anti-virus option and is one of the most effective free programs out there for protecting your computer. You can use it with, or instead of, MSE. Avast has both free and commercial options. The free version protects you from the "classic" threats like viruses, worms, and trojans, but also offers protection against adware, bots, and other malware exploits. Avast scans all files, email, URLs, and more for malware.
Avast! isn't as easy to use as MSE, but it's probably the second simplest free program out there, so it hits a good sweet spot between protection and usability. For power users, it has a lot of advanced settings you can tweak, though they can be hard to learn. I recommend using the "Custom" option when installing and then choose "Minimal."
Some of today's malware is specifically designed to slip past antivirus programs undetected. To deal with these threats, security experts recommend supplementing anti-virus software with an anti-malware utility.
Malwarebytes has an excellent free version which aims to protect users from new exploits, trojans, backdoors, adware, and spyware. This tool detects and protects against malware in real-time, blocks hacking and phishing attempts, blocks malicious websites that can steal your credit card information or identity, and even removes malicious rootkits, one of the most dangerous forms of malware.
Malwarebytes will not help you deal with classic threats like viruses and worms. To handle these threats, you'll want a traditional security tool like MSE or Avast.
As for other free anti-malware options Avira is another solid option. AV-Comparatives found it to be the most effective free program out there, but it is harder to use, not to mention it has some annoying ads and pop-ups.
Bitdefender's free option is also good, and while it lacks any sort of customization, it's a good set-it-and-forget it alternative.
AVG is another popular free program, but doesn't really beat the others in any one category according to AV-Comparatives.
Panda is fantastic at removing malware, but is a bit less beginner-friendly than the others.
The experts I researched for this article think most free programs should be more than good enough, but if you want the absolute best protection out there, you'll have to spend some money.
At the time of this writing, Kaspersky and Bitdefender are the two highest-ranked paid solutions according to AV-Comparatives, while Norton, F-Secure, and G Data also get high marks from AV-Test.org. Again, most experts do not think they're necessary in a home setting, especially if you use good browsing habits, but if you want to protect yourself against every possible virus or theoretical piece of malware you could get, they might be the way to go.
There are many more antivirus programs out there, but these are probably the best out there at the time of this research. You may have your own favorites, some not listed here, so please share these (and why they're your favorites).
For a deeper review of this topic, be sure to check out AV Comparatives' summary report from the past year. It has a wealth of information more detailed than we could begin to cover here.
In the end, security experts all recommend using some kind of antivirus program. However, the best way to avoid malware is to practice safe computing practices (in case I haven't mentioned that enough!). They're more effective than any antivirus software, and they won't put a strain on your system resources, money, or stress level.
Keep Windows and applications like Flash updated, stop downloading questionable files, stop browse the web using an administrative account, and just practice good common sense. If you do, you'll probably have to deal with your antivirus program very little. But you should still have one.
More Helpful Resources
Learn more about the Difference between antivirus and anti-malware and which to use.
Symantec AV Center offers information on the latest virus threats, removal tools, and a Virus Encyclopedia.