I’ll start by admitting that this topic probably won’t interest 99% of the audience I generally draw to this blog but I’ve personally encountered a number of situations recently where I thought I would at least try and do my part to educate and inform the masses on how they should be protecting their identity and securing their home personal computers.
In the past three months I’ve made several house calls for both neighbors and friends for various PC related problems and in every circumstance I found at least one personal computer with both expired AntiVirus software and uninstalled security updates. One PC I came across was so infected and unreliable that the only solution was to format the hard disk and reinstall the operating system.
Anti-Virus
I can’t stress enough how important it is to have an up-to-date AntiVirus solution running on your personal computer. When I asked a few of the individuals why they hadn’t renewed the AntiVirus subscription they told me basically two answers, 1) they didn’t want to spend the $40 to renew or 2) they just hadn’t found the time to do it. I realize money is tight for everyone these days with the economy and all but there are free solutions out there if your budget is tight;
I’ve used both AVG and Microsoft’s Security Essentials and both get the basic job done. I’m currently running Microsoft Security Essentials on all of my testlab machines (some virtual). MSE is very easy on resources so it’s great for older, slower PCs yet provides you that basic protection. If your looking to step up from the free solutions I would suggest either of the following;
I’m personally using Kaspersky Internet Security on three personal computers within my household. I believe both products are licensed to allow you to install the software on three different personal computers. You can also purchase multi-year subscriptions which provides additional savings. You can often find either solution on-sale at your local Best Buy at an even better price but for at most $70/year you can protect upwards of three personal computers.
Security Updates
You need to keep your software up-to-date to avoid falling victim to some of the latest Internet threats.
- Verify that Automatic Updates are enabled in Microsoft Windows XP, Vista or Microsoft Windows 7.
- Verify that the latest version of Adobe Flash is installed.
- Verify that the latest version of Adobe Reader is installed.
- Verify that the latest version of Java is installed and remove older versions.
If you’re an Apple customer let’s not forget about all the potential security updates for Mac OS, QuickTime, Safari, iTunes, etc.
Phishing Scams (SPAM)
Phishing is a scam in which the attacker sends an email purporting to be from a financial or other official institution. The email will often contain links to fraudulent websites which look legitimate to the everyday user, however, the purpose of the website is to capture the victims sensitive financial information such as their username, password, bank PIN number, their Social Security number, mother’s maiden name, etc. This information is then surreptitiously sent to the attacker who then uses it to engage in credit card and bank fraud or outright identity theft. Other phishing scams may ask to you to reply with sensitive confidential information. In all of this the email messages usually appear to be quite legitimate.
You should never provide your username, password, credit card number, PINs, or other sensitive information via email. If you receive an email message from any institution make sure the link in the URL is actually from a legitimate domain. I’ve seen numerous phishing scams where users happily reply with their username and password giving the attackers “the keys to the kingdom”.
Is there any real danger?
Yes, the dangers of identity theft, theft and fraud are real. Virus’s and trojans are no longer just annoyances written by hackers looking for bragging rights and publicity. Real world criminals are utilizing virus’s and trojans to steal identities, personal information and in growing cases user credentials to commit theft and fraud. Take the case of United Shortline Insurance Service Inc. of Michigan which lost $150,000.00 back in February 2010 when a personal computer used by the firm’s controller had been infected with ZeuS, a highly sophisticated banking Trojan that steals passwords and allows criminals to control infected hosts remotely.
Conclusion
With the growth of the Internet and online banking criminals are themselves turning to the Internet finding new ways to make/steal money. I have no doubt that almost everyone reading this probably locks their doors every night to keep any unwanted intruders out, are you doing the same for your personal computer?
References
I recently purchased a Sandisk Cruzer 4GB flash drive which including the following documents. I thought they did a pretty good job of articulating all the major points in a concise manner for the common user.
Help Keep Families Safer Online
Protecting Tweens and Teens on the Internet
Protecting Yourself from Identity Theft on the Internet
Top Tips for Internet Safety at Home
If you are looking for additional information I suggest you visit either of the following sites;
http://www.microsoft.com/protect/
http://www.staysafeonline.org/
Cheers!
Another good tool to add to the list is Secunia Personal Software Inspector. It scans your system and compares it against a huge database of 3rd party software, warning you about anything that’s out of date. This way you get notified about updates not just for Windows and Office, but also for putty, gimp, wireshark, and the dozen other tools you install once and forget about.
Thanks for the tip Frank!