by ·Comments Off on Basic Home Computer Security

When people think of home computer security, antivirus software always comes to mind. Unfortunately this isn’t enough to cover the basics of home computer security. Since there are many ways computers can be breached, it makes sense to employ multiple solutions to address the various vectors of computer attacks. Regardless of your computer or Internet skill level, you must establish some basic computer setup and practices in the following areas:

  • Tools that keep malware out and help avoid malicious sites or content
  • Safe computing practices to keep malware from getting in and to keep your private information from getting out

Malware (virus, spyware, worms, adware, root kit, Trojan, etc.) can enter your computer using the same path as data—through the network interface (via wireless or the network interface card) by exploiting one or more operating system vulnerability, email, web downloads, flash drives, CD/DVD discs , external hard drives and many others. You can also be lured in through malicious web sites where you can unsuspectingly download malicious content.

When malware makes it into your computer, the damage can range from a minor annoyance, file corruption, computer slowness, computer operating system corruption, identity theft, all the way to financial loss, or a mixture of any of these damages.

Your privacy or identity can be breached through your computer when fraudulent email posing as your bank, the government, or some authority requesting your confidential information is acted upon. Or through some links that takes you to a malicious site disguised as a bank, government, or other authoritative site.

First let’s look at the various tools you can use to keep malware out and help protect your privacy/identity. You will need one or more of these tools to keep malware away and protect your privacy/identity:

  • K9 Web Protection (free)– provides web filter and protection from malicious sites; this is great for keeping you from entering malicious sites.
  • AVG LinkScanner(free) – helps provide web surfing protection while you search; it rates and assess the integrity of sites during web searches and thus can keep you from visiting malicious sites .
  • Avast! Home Edition (free) – provides basic spyware, root kit, and virus protection; has worm protection and malware protection via web shield feature.
  • ZoneAlarm Internet Security Suite – provides a comprehensive protection solution ranging from firewall, root kit detection and protection, antivirus/antispyware, privacy protection, anti-Spam, anti-Phishing, and identity protection.
  • Kaspersky Anti-Virus 2009 – provides virus, spyware, and adware protection; getting the Internet suite version also provides intrusion protection, personal firewall, protection from malware sites, content filtering, spam protection, and identity protection.
  • SurfSecret Privacy Protector – provides privacy and identity protection; also sells a privacy vault product designed to secure through encryption your confidential files and information; the privacy vault can prevent exposure of your confidential information from malicious programs and spyware.
  • SurfSecret Keypad – provides identity theft protection by protecting passwords and usernames; also protects credit cards and other financial information through the use of an external device.
  • CA Anti-Virus 2009 – provides protection against viruses, worms, Trojan horse programs; they have a separate anti-spyware program to protect against spyware.

Tools alone aren’t enough to keep your computer from getting affected or impacted by malware. You need to exercise safe computing as part of your basic computer security. When you exercise safe computing, you avoid opening email attachments that you aren’t expecting. You also learn to spot phishing scams—those fraudulent emails promising millions of dollars if you send personal and bank information, or those emails scaring you into providing your bank account login information to correct supposed account issue.

Should your computer get corrupted as a result of malware getting through, backups of your important files would become very important. Maintaining backups outside your computer is best. Elephant Drive is an Internet service which provides unlimited secure online storage; you’ll need this before your computer files are corrupted by malware. It’s like insurance, you’ll need it when disaster hits.

At the very minimum, your computer security should include the use of tools to protect a computer from malware and malicious sites and reinforced by the exercise of safe computing habits.

by ·Comments Off on How to spot Internet phishing scams

In order to properly spot an Internet phishing scam, you need to know what it is.  When someone or some organization is phishing, they are attempting to obtain confidential information under false pretenses with the objective of stealing credit card numbers, passwords, or other personal or financial data.  With this in mind, spotting an Internet scam may be extremely difficult for a novice Internet user like grandma, grandpa, or anyone who isn’t familiar with the Internet or someone who doesn’t know what may or may not be legitimate online.

When you finish reading this article, you will:

  • Know how to spot and avoid phishing scams 100% of the time
  • Know what to do with phishing attempts against you
  • Know what to do should someone you know become a victim

Pay close attention to every word of this article; it may save you and others a lot of headache later.

Phishing scams is nothing new.  If you use Google Trends, you will see that the term “phishing” and “phishing scams” can be found in news articles ever since Google started tracking them in late 2003, early 2004.  You will also notice that the search trend for the term “phishing” took off in the second quarter of 2004.  The search for the phrase “phishing scam” only took off in the first quarter of 2005.  At the time of this writing, June 2009, there continue to be several news articles regarding the rise of phishing scams.  Here are some recent ones just to give you a feel:

  • Phishing Scams can Wipe Out your Bank Account (19 Jun 2009) – The lure of money can convince some people down on their luck to send in their bank account information in hopes to get free money.
  • Internet Job Scams (19 Jun 2009) – Job postings online lure job seekers into providing confidential information online
  • Phishing Disguised as Virus Warning(15 Jun 2009) – Users are University of Arkansas being scammed of their account information through an e-mail warning users of a virus
  • E-mail Account Phishing Scam hits Penn State (08 Jun 2009) – Penn State users being scammed through an e-mail that purports to come from the Penn State helpdesk; e-mail requests users to divulge their account name and password.

It may seem that one has to have some degree of computer and Internet literacy to spot a phishing scam.  Fortunately, that isn’t the case.  It is extremely easy to spot these scams; all you need to remember are two simple rules.

These two rules will help ensure you have a 100% hit on your ability to spot any phishing scams.

  • If it is too good to be true, it probably is.
  • Any unsolicited communication (e-mail, text, social networking message, or any other forms of communication) requesting for confidential information or asking you to click a link to sign in is an attempt at phishing.

You can apply these rules against the examples below and see how easy it is to spot a scam:

  • You receive an e-mail stating that there is some inheritance that is to be released to you; however, they need to receive your name, address, phone/fax, age, and occupation in order to release the funds to you.
  • You receive an e-mail from Mrs. Aaisha Ali Abaul who is dying and who happens to have inherited millions of dollars.  She would like to give you her millions as her last good deed; of course you will need to provide her your bank account information in order to transfer the millions
  • Bank of America sends you an e-mail stating that you need to verify your account information.  A login link is provided for your convenience.
  • PayPal sends you and email stating that your account has been breached.  They ask you to login in order to correct the problem, and they conveniently give you a link to help you do this.
Now that we know how to spot phishing scams, dealing with their disposition is very straight-forward and easy.  Simply, if they are in your e-mail box or message inbox, simply delete them.  If you cannot delete them, simply ignore them.  By all means, do not respond to any of these communications as it lets the “scammers” know you are a live one.
At this point in the article, you should never become a phishing scam victim; but what if a relative or close friend becomes one?  It is never to late to learn, so have them read this article as well and learn.  Then have them read the article at the Federal Trade Commission web site on Defend: Recover from Identity Theft. This site provides a wealth of information on what to do.
If you don’t remember anything else from this article, just remember this:  “If it’s an unsolicited communication, it is very likely a phishing scam in one form or another.”

by ·Comments Off on Multi-layered approach to protecting your computer and confidential information

Protect your computer

Protect your computer/confidential information

Introduction

These days, there are so many bad or nasty things your computer can catch or stumble into from the Internet without even trying.  Virus, malware, trojan, spyware, and malicious web sites are some of the things to avoid. Each is intended to damage files, steal your identity, capture your account information, show you ads, or turn your computer into a platform for launching more infections (worms, virus, adware/spyware).

With so many potential vectors of attack, what is one to do? How is a typical computer user going to fight this onslaught? Well, if you are reading this, chances are you are looking to improve your computer’s security because of some prior bad experience. Guess what, you’ve found the most complete discussion on computer protection ever.

First Line of Defense

In order to protect your computer, you need to acquire a multi-layer set of solutions like the one listed below.  All these are free!

Last Line of Defense

If your first line of defense fails, your last line of defense can help you by protecting your personal or confidential information.

Encryption

If you own a laptop, then you shouldn’t leave home without making sure you are using TrueCrypt–an encryption solution that can help make sure your confidential and personal information are totally secure should you lose your laptop, or god forbid, should it be stolen.  This free open-source software solution allows you to create virtual encrypted disk drives which only you can read.

ID Protection

If you are worried about identity theft and have a few dollars to spare, look into subscribing to a credit or identity protection service like protectmyid.com.  This service sends you alerts whenever there is a change in your credit status–like someone applying for credit under your name!

by ·Comments Off on Bogus Computer Anti-virus

WARNING: Bogus Alert!

WARNING: Bogus Alert!

Just recently I noticed something very interesting on my wife’s laptop.  I noticed it because I’m normally the one who install her anti-virus (AV) and other programs.  This one was obvious because there appeared to be another AV program reporting that laptop is being attacked or hacked and that I must purchase it in order to protect the computer from this attack!

The bogus AV is called Spyware Guard 2009.  This one is categorized as a parasite–meaning that it is one heck of a program to remove from your computer.  It is one destructive and nasty parasite because it does the following:

  • Prevents you from going to the Internet
  • screws up the user profile…meaning that if you log out then login, it will tell you that your user profile is missing; effectively you can’t get back to your desktop

It does more, but I didn’t wait too long to find out.

Most users would be easily scammed and overwhelmed by this, but fortunately I’m not most users.  Even then, it was one heck of a parasite to remove.  How did I do it?

I did a lot of searches on the Internet (using another computer).  Most solutions I found provided free scans to find the problem but wanted me to pay to remove.  However, I found a solution that allowed me to scan an remove.   It is called Malwarebyte’s Anti-malware.

It allowed me to scan and identify registry entries and files that were part of this parasite.  Then it gave me the option to remove them.  It couldn’t remove about 5 of them, even after a couple of attempts.  I knew then that I had a relatively new or different strain.

Fortunately, MalwareByte Anti-Malware clearly identified which ones it couldn’t remove.  I tried removing them in Windows safe mode, with no luck–system reports that they cannot be deleted.

As a last resort, I booted using ERD Commander and deleted the bad files and registry entries.  And FINALLY got rid of that parasite.

The last thing I did was removed the administrative rights of my wife’s account.  This should help prevent any future major infection.

I hope this is helpful to others who read this.

by ·Comments Off on Blue Coat K9 Web Protection

I’ve been using the BlueCoat K9 Web Protection product for some time now.  It’s purpose is to help keep you or your kids from going to inappropriate web sites.  The degree of inapropiateness you disallow is dictated by how you configure the filter and what site categories you allow.

Note that if you have kids, this is a perfect companion for your home computer.  The product is free; all you have to do is register to get your free license key.  Download the  product here:

by ·Comments Off on Malicious Web Site Protection–AVG Linkscanner

As you may know your standard anti-virus (AV) software cannot generally protect you from malicious websites.  Although the big names in the AV market have implemented such features in the past, those solutions have gotten so bloated that they pretty much make your computer run like a snail.  That is why I’ve pretty much have given up on most of those solutions and have used a more lightweight solution from AVAST!.  AVG provides a lightweight solution as well, and they’ve recently made public their link scanner–called AVG Linkscanner.

This linkscanner is supposed to protect you from malicious web sites by blocking or informing you of a site’s reputation before you even go there.

You can get an online demo of  AVG Linkscanner here:

I’ve installed it at home.  It’s free; let’s see how it does.

by ·Comments Off on avast! Home Edition (Free AV)

Your Anti-Virus (AV) software starting to bog down your computer?  I’ve seen and have experienced this personally.  What did I do?  I uninstalled my AV software and installed something more lightweight like avast! Home Edition

Give it a try, I’ve been using it, and I have been very happy with its performance.

by ·Comments Off on Secure your Flash Drives!

One of the worst things that can happen to you is to lose a flash drive.  The one thing that can is even worst than that is if teh flash drive has confidential information.

Enter TrueCrypt!

TrueCrypt is an encryption product that will allow you to create a secure file which you can access like a drive (e.g. drive G:, M:, or whatever you choose it to be).  In order to mount it like a drive you need to supply a passphrase–which you setup when you build a TrueCrypt file volume.

If you save the TrueCrypt file on a USB flash drive and access it like a drive, you can store your confidential files there.

If you ever lose this flash drive, no one can access the confidential data you have in the TrueCrypt file because they are encrypted.  That solves your problem.  The only thing you need to make sure you do now is make backups of your data so you can recover them should you lose your flash drive; and you won’t have to worry about others seeing your confidential files!