How to Protect Yourself and Your Computer Online

Charles Anderson

Consultant and Educator

Outline

• Basic steps to safeguard your computer

Phishing and online fraud prevention

• Just hitting the high points

Computer Risks

• Malware literally refers to “bad software” - viruses, worms, spyware

Malware typically arrives w/o your knowledge

• Be careful what you intentionally install

Malware Prevention

• Software Updates

Anti-virus & anti-spyware

• Firewall

• Be careful/suspicious of free software

• Non-Microsoft alternatives

Prevention - OS Updates

• Keep the operating system up-to-date via Automatic Updates

Free service from Microsoft

• Can be slow over dial-up

Prevention

• Install anti-virus & anti-spyware programs

There are free and paid programs

• MS has free program - Defender

• These programs must be kept up-to-date, too

A bigger problem for dial-up

• Run regular scans

Prevention - Firewall

• Windows comes with a firewall

As of XP Service Pack 2, it should be on by default

• External hardware firewalls also available - built-in to broadband?

Prevention

• Be careful/suspicious of free software

If you’ve heard about it from a reputable source, should be OK

• If a program arrives via email - BAD

• Use Google to check for complaints about the software

• Use the name of program plus words like “spyware” or “virus”

Alternative Software

• Microsoft Windows and applications are a big target for the bad guys

Firefox is a free web browser - safer than Internet Explorer

• Still needs updates

• Thunderbird is a free email program

• Macintosh - not impervious but less of a target and safer

Online Fraud

• Much online fraud is the same as offline fraud

Topics include: get rich quick, government grants, IRS checks, false charities, stimulus checks, foreclosure prevention, debt consolidation

• If it sounds too good to be true...

Online Fraud: Phishing

• Phishing typically refers to sending a fake email in order to collect personal information

Can even be a phone call - “vishing”

• A type of “social engineering”

Target information: bank account, PayPal, eBay, AOL

Phishing Example

Phishing Example

Phishing Shut Down

Phishing Example

Number of New Phishing Sites

Anti-Phishing Working GroupAnti-Phishing Working GroupOctober 2006October 2006

Why Does Phishing Work?

• Cheap: send millions of messages for very little cost - even small conversion rate pays

Hard to track: email is hard to trace back to senders, often hijacked computers

• Web site registrations are cheap and pretty anonymous

How to Avoid Phishing

• Remember, your bank (or any other business) will never ask you for personal information - “just say no”

Do not enter any personal information on a web page after clicking on an email link

• Enter the web address yourself by hand

• Not a victim until you react to message

• Do not fill out forms within email messages

Conclusion

• Keep your software up-to-date

Use anti-virus/spyware, up-to-date

• Vista should help

• Be suspicious of email asking for personal information

• Be aware of the “scam du jour”