- Worldstart's Tech Tips Newsletter - http://www.worldstart.com -
Spyware and Adware Prevention
Posted By On June 28, 2010 @ 11:15 AM In Security Help | Comments Disabled
The term firewall started with – surprise! – Firefighting.
My dad was the Fire Chief in the city where I grew up. One day we were on the interstate heading north and we passed an uncontrolled forest fire (the fire wasn’t close enough to the freeway to close it down). Continuing north we came across firefighters lighting a huge fire about the width of the forest fire that was approaching. That made no sense to me (if you’re trying to put it out, why are you lighting another one?), but he explained to me that it was a “controlled burn”. A controlled burn is a fire that burns trees and bushes intentionally to form a barrier from fire getting to the other side. In other words, if the trees and bushes are already burned, a forest fire has no way of going any further because there is no fuel for it. The firefighters had created a barrier of a sort so that the fire could not continue on its destructive path; the fire was heading in the direction of an area filled with expensive homes.
This isn’t specifically called a firewall, but this is the concept of a firewall. Picture your computer surrounded by a really high block concrete wall with no gates and that’s what I mean.
In (firefighting) construction, a firewall is a wall that separates buildings or subdivides one building to prevent the spread of fire and having a fire resistance rating and structural stability. For instance, in your home there are certain walls that are built according to code that protect fire from burning through that wall for one hour.
In the computer world, a firewall is a barrier against anything that would compromise the security of a computer and keeps out things such as spyware, viruses, malware, hackers, etc.
The internet is a public network, which means that any computer that is connected to the internet can connect to another one. A firewall scans any incoming and outgoing data and upon examination stops or approves that data. On its own it cannot fight all of the malignancies out there trying to gain access to computers. However, combined with other security measures (i.e. anti-spyware programs) it becomes an essential part of computer security.
When your firewall is in place, check your settings. Firewall settings can be confusing so read the help files and don’t hesitate to ask someone who is “good at the computer stuff” to either configure it for you or explain how to do it. If that isn’t an option, then do as I do – Google it! Once you’re up and running, there are a couple of online firewall scans that you can run to see if it’s working properly.
After you’re through with that, then hop online if you want to and check out one of the online scans that test your firewall security. Depending on what comes up, you can keep your current settings or adjust them accordingly.
Here are the names of a couple of online firewall scans:
#3: Update, update, update!
I was really bad where updating my security software was concerned, but I am better now. I figured that everything could update itself, and if it didn’t then the current version or whatever was probably fine. Not so! New spyware and viruses are written everyday and it is essential that you keep up-to-date with the prevention definitions.
Windows updates (yuck), security updates, patches, definitions, your firewall, your anti-virus program, your anti-spyware program – make sure it’s all current! You can configure your programs to update automatically or you can do them yourself. I update some of these things myself because I don’t like any update programs running in the background to slow me down (oh, that need for speed!) but I have to make sure I remember to do my updates manually.
#4: Be Safe!
Okay, now I am going to give you specific tips on how to surf safely. Adhere to them, and you will definitely be ahead of the bad guys.
Don’t click on it!
If I don’t know what it is, no matter what it is, I never click on it. Never. If there’s something I come across that looks like something I would be interested in (“Want to lose 25 pounds in 25 hours? Click here for this free easy tip!”) I just sigh and go on to my original destination.
Below a pop up that it very tempting to click on; in fact, you almost automatically do it because it looks legitimate and you need to know if you’re infected, right? Well, it’s not legitimate; in reality it is an advertisement that probably contains adware or spyware of some type. How can you tell? Look in the lower left-hand corner, all the way at the bottom. I have circled it in red.
Now I know that you probably have a pop up blocker in place, but if you don’t have one yet, just use the one installed with your browser; it’s way better than nothing. Even with a pop up blocker, however, you’re going to land on the occasional site where you get an annoying (but then aren’t they all?) pop ups, and you need to know how to close it out without catching something you don’t want. Yes, you read that right.
But all you have to do is just click on the little X in the top right-hand corner, right?
The answer is yes if that’s the X you click on. Confused yet? Let me explain.
Take a look at the pop-up below:
Note that there are two X’s to close the pop up with. Now companies are putting an X in the upper-right hand corner inside the pop up so that they can confuse you. I have circled the X that you should always click on in red; it is on the outside of the pop-up itself. If you close the pop up by clicking the inner X (I have circled it in green) then you have just activated the adware/spyware. In other words, never click inside the box!
Who wants to check which X to click on? Geez, this is getting ridiculous. Do it the easy way:
If you have a Windows operating system, hit ALT and F4. Use CMD and W for if you have a Mac. Since the pop-up is the active window, it will shut down easily with these hot keys, and you will have bypassed the pop up entirely.
While we’re on the subject, please be careful with the pop-ups that include a free download!
Yes, all downloads have this warning (I circled it in red) that you would normally adhere to on the bottom. Just accept this as normal – for a good and bad download and check out the rest of the download box. Since this is an unwanted download, close the box with the X in the upper right-hand corner and don’t click on the “Don’t Install” button, as shown below:
Be careful of all downloads! Tonight I had to re-install my antivirus software and went to its “uninstall page” and it turned out to be a bogus download – it had nothing to do with my program.
The point of all of this is that once you have clicked on something with spyware, that’s pretty much the whole ballgame. And remember – even if you don’t care about them, they care about you.
But I don’t feel like going “Phishing”.
How many times have you gotten an e-mail from someone you don’t know that didn’t get directed to your spam folder, has your name on it and looks enticing enough to check out? Let me warn you: Just clicking on a link within that particular e-mail can get you in trouble. If the sender is not who they portray themselves to be, then someone is Phishing, with you as the fish, and the e-mail as the bait. For example, I belong to eBay, and I can’t tell you how many bogus e-mails I get that look exactly like the ones eBay sends me. Here are some of the things to look for to make sure someone doesn’t hook you.
I receive an e-mail from Worldstart. I check out the reply address and it’s http://www.worldstart.com.
Whew, it’s real. Right?
The first step is to hover over the link. The real name of the website that you will be redirected to will show (hover over the Worldstart address I just typed and you will see that it’s not Worldstart. If not, it is the address to which you will be redirected. It took me 30 seconds to alter it; it’s not like these people are super smart or anything; they are just crooks.
The address you see should match the one you are going to exactly.
If the website is made up of numbers and not a name (something like http://422.222.1152), then it probably isn’t legitimate.
Watch the extension. This particular e-mail could have been http://www.Worldstart.net and that would be an easy thing to overlook.
Okay, so let’s say that I didn’t hover over the link and clicked on it. I am now at a webpage that looks exactly like Worldstart and it is asking me to verify all personal information because it looks like my account was compromised.
Nope. Legitimate businesses don’t ever ask you for personal information in an e-mail. It’s as simple as that.
The best practice is to never click on a link in an e-mail. If you really want to know what’s up, then go and type the exact address in the address bar of your browser and log it to see what’s up. If there is nothing there, you know somebody has been phishing. You may want to contact the institution and let them know what happened. With eBay, I usually copy and paste the false e-mail into a brand new one and send it to them with an explanation. I always get a (legitimate) thank-you e-mail in return.
Get out your glasses.
Well, only if you need ‘em. But here’s my point: Read everything! If you go to install a program, I don’t care if it’s been recommended as a safe program by Bill Gates, read the “fine print’ that comes before you start installing.
My mother always said to read everything when you are about to sign something, because who knows what could have gone into that contract (or whatever) when you weren’t looking. It’s the same thing for a program installation.
Most programs don’t have any fine print to be aware of. There is a EULA (End User License Agreement) at the beginning of any programs installation. Read it! Most are fine, but others have what is called bundled software; have you gotten sucked into one that looks like this:
You will find examples of the above at any given point in the installation, not just at the beginning. It’s very easy to whip through an install and just click on “I agree to the terms above” just to get the installation over with, but if you don’t read through that whole EULA (or the rest of the installation), you may find that you have not only installed a program you wanted, but one (or more) that you didn’t want, as well.
Personal stuff, Passwords, Privacy…
ID theft is a huge problem these days. Huge. And at the heart of every ID theft is a computer or computer network.
Eight years ago I was going over my bank statement and I noticed that my account had a bunch of charges that weren’t supposed to be on there. The charges were from a resort that my family and I had vacationed at the previous month before. Long story short, one of the guys who was delivering our room service took my card’s number and did very intricate things with it on the hotel’s main computer; hence the charges. The bank took care of it and I didn’t get burned, but the point is, if you don’t want anybody in your personal stuff, be it your bank account, websites online that have your account information (eBay, PayPal, Amazon), etc., then make sure nobody can touch it! I know a lot of people that enter no personal information (financial or otherwise) on the web, and that obviously is the perfect way to go.
To lessen the chances of spyware and stealing, make up a really good password (don’t use something like JDoe1111) to all of the online websites you have personal information on – all of them. Hackers have amazing password cracking capabilities, so the longer and more jumbled the password, the better. And don’t use the same one for each account because if they get one account, they get them all. Just don’t forget to write them all down!
Okay, enough already. To sum all of this craziness up:
#1: Make sure you have a good spyware blocker program installed.
#2. Make sure you have a good firewall installed. Build a fence to keep the thieves away!
#3: Update your entire security “system” regularly – more than regularly!
#4: Be safe! Do with your computer what you would do in your normal life. Don’t go to unsafe neighborhoods. If someone rings your doorbell and you don’t know who it is, don’t open the door. Make sure that all of your personal information and valuables are put in a place where nobody (except maybe your other half) has access to it.
If you do all of these things, I can pretty much guarantee that you won’t be dealing with any of the bad guys any time soon.
Article printed from Worldstart's Tech Tips Newsletter: http://www.worldstart.com
URL to article: http://www.worldstart.com/spyware-and-adware-prevention/