With ever increasing incidents of computer information mining viruses, trojans and worms, now is a great time to think about what sensitive personal or business information is on your computer, what information you 'volunteer' to Internet sites and software vendors, and why it matters!
e.g. your full name, address, phone, and especially your date of birth and middle name. Webmail, messaging or chatrooms, and online surveys are likely places you'll feel comfortable to volunteer this information, but they are actually high risk, don't!
Unless of course you have made a direct secure connection to a trusted financial institution or trusted online shop AND your computer is secure. None of these sites need your middle name or date of birth - if they ask for such details, the site could be dodgy - be very wary and report any fraudulent sites immediately.
e.g. dodgy pharmacy supplier sites, sex sites, gambling and 'get rich quick' sites OR take very special precautions. If you're not the kind of person to visit a sex shop, casino or live strip show in real life you probably lack the street wisdom to visit such places on the Internet too - you'll probably end up in some strange situation without trousers like a certian past prime minister!
Unless you're using encryption don't use email for any sensitive purpose. In particular, banks and government agencies will never ask you to send sensitive details to them by email - if you get such a request it is almost certainly a hoax.
While unsolicited email is often quite obviously seedy, many people would be unaware that most chain emails are simply data mining personal details for the benefit of dodgy sales outfits - where do you think the unsolicited email comes from?
If you are using Windows unless you know for certain the email is trustworthy, delete it, don't open it. If you're a compulsive junk email attachment clicker, get a real operating system or pay the price.
Especially banking passwords. Enter them every time you need them. Data mining malware will extract every saved password in a Windows system quicker than you can blink! If your system gets infected and your banking password has been saved, you might as well shout out your banking user name and password up and down every street - someone's going to use it!
REALLY NOT EVER! A quick tip - when entering your username and password use a mouse click rather than enter or tab to move between the username and password fields - that way if your machine gets infected with keystroke recording malware you might discover and correct the problem before they discover which is username and which is password out of one long string of characters.
Notice that most of the list above is really simple to do and just depends on you not doing fairly obviously silly things.
Imagine receiving a credit card statement to the absolute limit of your card full of transactions you didn't make. No problem I hear you saying, just challenge the offending transactions and have them reversed.
If only life were so simple.... first problem, little Katie is going on a school excursion this week, you were going to pay for by credit, but now you can't until the problem is solved - that won't be until a month after Katie has already missed out on her trip. She's been so good and you promised her...
Next problem; the real one. After challenging the bad transactions
the bank comes back with 'proof' from the points of purchase that you
made all the transactions. Seems some collected your middle name and
others your date of birth to verify the various phone and online
transactions. The bank now graciously steps aside, letting you
battle it out with the suppliers - either they, or you, are going to
lose money. So you try to contact them - the bank already supplied you
with copies of the invoices for the transactions which contain all the
necessary contact details - it should be a breeze, they'll back you up
so the bank has to agree the transactions were fraudulent, they'll
probably even give you the address the goods were sent, right - dead
wrong, the suppliers don't exist anymore, mysteriously stopped paying
their rent and closed down.
You feel like a real fool. It suddenly dawns on you that the only way someone could have got your details was when you were flirting online and you volunteered your date of birth - because they suggested you should see if your stars were compatible - you also told them your complete name because they said your first name was cute and wanted to know if your other names were too; and the credit card number - oh no - you bought them a gift from an online site that they told you about....
Even if that doesn't sound like a situation you would get involved in, just be aware that at least half of Internet fraud (and the old fashioned type too) happens because people are just plain stupid, or get a job done on them after being lulled into a false sense of relaxation or security by a seemingly harmless individual or organisation. The special problem with Internet fraud is that it can be blindingly quick and leave no evidence. That's what makes it more dangerous than the regular old fashioned kind.
Most people presently use one of Microsoft's Windows operating systems. At this point, I'll declare a personal bias against all versions of Windows. This is not born of ignorant prejudice - indeed like most people I cut my teeth on Windows - I've even made quite a bit of money out of it, having reinstalled it's various versions several thousand times and having configured countless small business and home networks. I've also lectured Cert IV and Diploma networking courses based on Windows. So I can do Windows as well as anyone, probably better than most when it comes to sorting out Windows issues. When it comes to security, especially against malware, I'm afraid Windows just doesn't cut it.
So here's what you have to do if you insist on using Windows to connect to the Internet with ANY margin of safety. (And if you own a business you'd have to be stark raving mad to put up with this!)
This changes quite dramatically from time to time; a little known suite called BitDefender was effective against the recent Zotob worm without updates for example, while most popular suites were not. You should probably even consider subscribing to two anti-virus suites if you have two or more computers networked and cross scan over the network with both suites (don't put more than one suite on the same computer, that's generally troublesome)
If modem lights are flashing while you're not using the Internet for anything you've probably got a problem - you better solve it right now.
This is even more important if you have broadband. I know it defeats one of the benefits of broadband - don't whine - I'm not the one who created the problem. This reduces the risks by reducing the timeframe for possible security breach
OK so you've done it all. What's that? It's time for bed. And you haven't actually used the computer for anything yet. Don't worry, there's always tomorrow, but don't forget to do all the checks again first.
A much simpler and more cost and time effective solution to the never ending Windows anti-virus treadmill is to install Linux on your computer at least for all your Internet work - you can keep Windows too if you want - just start up in Linux to use the 'net.
Linux will remain highly resistant to malware attacks for the forseeable future because:
That means it's impossible for a worm or virus to be able to universally exploit any Linux flaw, unlike in the Windows world where basically three variations of a very common theme get you 90% of Windows users. Find one flaw and you've probably got them all.
Users are always isolated from each other and from the system in the default configuration. Therefore viruses or worms have to break two levels of security, not one, before they can reproduce rapidly. If they can't reproduce rapidly enough, they cannot spread effectively. Contrast that with Windows which by default allows any user full control of everything; malware only needs to break one level of security and it's away.
In spite of it's advantages Linux will not be the most popular platform for a long time yet - if only because most people are still unaware of it's existence.
In the computer world, that easy victim is Windows for all the reasons given here; and that status will not change for quite a while.
By being developed in the public domain, fully open to scrutiny, vulnerabilities in any new releases or updates are much more likely to be found and fixed prior to widespread use than with commercial equivalents where market pressures will always dictate a 'first release, then fix only if absolutely necessary' approach.
Users are given access to resources only on an as needed basis, and never get direct access to system resources. Contrast this with Windows philosophy where the user is by default given access to everything, even system resources. Although this position has improved somewhat since Windows XP, it is unlikely to change significantly in the near future due to the intertia of user and developer expectation. It's easy to see that the Linux philosophy of resource allocation is inherently much more secure than it's Windows counterpart.
While it would be irresponsible to state that Linux is impenetrable, there have only been about 50 Linux viruses/worms reported to date, all of which have been long since fixed. When compared to Windows with nearly 3000 viruses/worms per month 'in the wild' and growing, you probably begin to understand why you won't see me or any other Linux user returning to Windows any time soon. So, 'where do you want to go today?'
Hmmm... I wonder how long the other people will take to wake up to a compelling alternative that really works?