BLOG TIPS: SECURITY

Showing posts with label SECURITY. Show all posts

Copying Online Messages

When posting messages online, it’s a good idea to copy the message to your clipboard before pressing the Send button. Ctrl+A, then Ctrl+C.

If the Send doesn’t take, you can just paste your clipboard contents back again in a new post window.

If it appears to have been sent, but it’s important, you can paste it into a Notepad .txt file (Ctrl+V) .

If the message disappears into digital limbo or if the recipient at the tax department denies receiving it, you at least have a copy of the original to resend.

If it’s a long tome, copy it at several intervals.

computertips.com

Recovering from Viruses, Worms, and Trojan Horses

How do you know your computer is infected?

Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer's normal operations. Be aware of any unusual or unexpected behaviors. If you are running anti-virus software, it may alert you that it has found malicious code on your computer. The anti-virus software may be able to clean the malicious code automatically, but if it can't, you will need to take additional steps.

What can you do if you are infected?

Minimize the damage - If you are at work and have access to an IT department, contact them immediately. The sooner they can investigate and clean your computer, the less damage to your computer and other computers on the network. If you are on your home computer or a laptop, disconnect your computer from the internet. By removing the internet connection, you prevent an attacker or virus from being able to access your computer and perform tasks such as locating personal data, manipulating or deleting files, or using your computer to attack other computers.
Remove the malicious code - If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. If you do not have anti-virus software, you can purchase it at a local computer store (see Understanding Anti-Virus Software for more information). If the software can't locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities (see Understanding Patches for more information).

How can you reduce the risk of another infection?

Dealing with the presence of malicious code on your computer can be a frustrating experience that can cost you time, money, and data. The following recommendations will build your defense against future infections:

use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current (see Understanding Anti-Virus Software for more information).
change your passwords - Your original passwords may have been compromised during the infection, so you should change them. This includes passwords for web sites that may have been cached in your browser. Make the passwords difficult for attackers to guess (see Choosing and Protecting Passwords for more information).
keep software up to date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities (see Understanding Patchesfor more information). Many operating systems offer automatic updates. If this option is available, you should enable it.
install or enable a firewall - Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer (seeUnderstanding Firewalls for more information). Some operating systems actually include a firewall, but you need to make sure it is enabled.
use anti-spyware tools - Spyware is a common source of viruses, but you can minimize the number of infections by using a legitimate program that identifies and removes spyware (see Recognizing and Avoiding Spyware for more information).
follow good security practices - Take appropriate precautions when using email and web browsers so that you reduce the risk that your actions will trigger an infection (see other US-CERT security tips for more information).

As a precaution, maintain backups of your files on CDs or DVDs so that you have saved copies if you do get infected again.

Author: Mindi McDowell

Avoiding the Pitfalls of Online Trading

What is online trading?

Online trading allows you to conduct investment transactions over the internet. The accessibility of the internet makes it possible for you to research and invest in opportunities from any location at any time. It also reduces the amount of resources (time, effort, and money) you have to devote to managing these accounts and transactions.

What are the risks?

Recognizing the importance of safeguarding your money, legitimate brokerages take steps to ensure that their transactions are secure. However, online brokerages and the investors who use them are appealing targets for attackers. The amount of financial information in a brokerage's database makes it valuable; this information can be traded or sold for personal profit. Also, because money is regularly transferred through these accounts, malicious activity may not be noticed immediately. To gain access to these databases, attackers may use Trojan horses or other types of malicious code (see Why is Cyber Security a Problem? for more information).

Attackers may also attempt to collect financial information by targeting the current or potential investors directly. These attempts may take the form of social engineering or phishing attacks (see Avoiding Social Engineering and Phishing Attacks for more information). With methods that include setting up fraudulent investment opportunities or redirecting users to malicious sites that appear to be legitimate, attackers try to convince you to provide them with financial information that they can then use or sell. If you have been victimized, both your money and your identity may be at risk (see Preventing and Responding to Identity Theft for more information).

How can you protect yourself?

Research your investment opportunities - Take advantage of resources such as the U.S. Securities and Exchange Commission's EDGAR database and your state's securities commission (found through the North American Securities Administrators Association) to investigate companies.
Be wary of online information - Anyone can publish information on the internet, so try to verify any online research through other methods before investing any money. Also be cautious of "hot" investment opportunities advertised online or in email.
Check privacy policies - Before providing personal or financial information, check the website's privacy policy. Make sure you understand how your information will be stored and used (see Protecting Your Privacy for more information).
Conduct transactions on devices you control - Avoid conducting transactions on public resources such as internet kiosks, computers in places like libraries, and other shared computers and devices. Other users may introduce security risks.
Make sure that your transactions are encrypted - When information is sent over the internet, attackers may be able to intercept it. Encryption prevents the attackers from being able to view the information.
Verify that the website is legitimate - Attackers may redirect you to a malicious website that looks identical to a legitimate one. They then convince you to submit your personal and financial information, which they use for their own gain. Check the website's certificate to make sure it is legitimate (seeUnderstanding Web Site Certificates for more information).
Monitor your investments - Regularly check your accounts for any unusual activity. Report unauthorized transactions immediately.
Use strong passwords - Protect your computer, mobile devices, and accounts with passwords that cannot easily be guessed (see Choosing and Protecting Passwords for more information). Use different passwords for each account.
Use and maintain anti-virus software - Anti-virus software recognizes and protects your computer against most known viruses. However, because attackers are continually writing new viruses, it is important to keep your virus definitions current (see Understanding Anti-Virus Software for more information).
Use anti-spyware tools - Spyware is a common source of viruses, and attackers may use it to access information on your computer. You can minimize the number of infections by using a legitimate program that identifies and removes spyware (see Recognizing and Avoiding Spyware for more information).
Keep software up to date - Install software updates so that attackers can't take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Enable automatic updates if the option is available.
Evaluate your security settings - By adjusting the security settings in your browser, you may limit your risk of certain attacks (see Evaluating Your Web Browser's Security Settings for more information).

The following sites offer additional information and guidance:

U.S. Securities and Exchange Commission - http://www.sec.gov/investor/pubs/cyberfraud.htm
National Consumers League - http://www.fraud.org/tips/internet/investment.htm

Author: Mindi McDowell

Understanding Firewalls

What do firewalls do?

Firewalls provide protection against outside attackers by shielding your computer or network from malicious or unnecessary Internet traffic. Firewalls can be configured to block data from certain locations while allowing the relevant and necessary data through (see Understanding Denial-of-Service Attacks and Understanding Hidden Threats: Rootkits and Botnets for more information). They are especially important for users who rely on "always on" connections such as cable or DSL modems.

What type of firewall is best?

Firewalls are offered in two forms: hardware (external) and software (internal). While both have their advantages and disadvantages, the decision to use a firewall is far more important than deciding which type you use.

Hardware - Typically called network firewalls, these external devices are positioned between your computer or network and your cable or DSL modem. Many vendors and some Internet service providers (ISPs) offer devices called "routers" that also include firewall features. Hardware-based firewalls are particularly useful for protecting multiple computers but also offer a high degree of protection for a single computer. If you only have one computer behind the firewall, or if you are certain that all of the other computers on the network are up to date on patches and are free from viruses, worms, or other malicious code, you may not need the extra protection of a software firewall. Hardware-based firewalls have the advantage of being separate devices running their own operating systems, so they provide an additional line of defense against attacks. Their major drawback is cost, but many products are available for less than $100 (and there are even some for less than $50).
Software - Some operating systems include a built-in firewall; if yours does, consider enabling it to add another layer of protection even if you have an external firewall. If you don't have a built-in firewall, you can obtain a software firewall for relatively little or no cost from your local computer store, software vendors, or ISP. Because of the risks associated with downloading software from the Internet onto an unprotected computer, it is best to install the firewall from a CD or DVD. If you do download software from the Internet, make sure it is a reputable, secure website (see Understanding Web Site Certificates for more information). Although relying on a software firewall alone does provide some protection, realize that having the firewall on the same computer as the information you're trying to protect may hinder the firewall's ability to catch malicious traffic before it enters your system.

How do you know what configuration settings to apply?

Most commercially available firewall products, both hardware- and software-based, come configured in a manner that is acceptably secure for most users. Since each firewall is different, you'll need to read and understand the documentation that comes with it to determine whether or not the default settings on your firewall are sufficient for your needs. Additional assistance may be available from your firewall vendor or your ISP (either from tech support or a website). Also, alerts about current viruses or worms (such as US-CERT's Cyber Security Alerts) sometimes include information about restrictions you can implement through your firewall.

Unfortunately, while properly configured firewalls may be effective at blocking some attacks, don't be lulled into a false sense of security. Although they do offer a certain amount of protection, firewalls do not guarantee that your computer will not be attacked. In particular, a firewall offers little to no protection against viruses that work by having you run the infected program on your computer, as many email-borne viruses do. However, using a firewall in conjunction with other protective measures (such as anti-virus software and "safe" computing practices) will strengthen your resistance to attacks (see Understanding Anti-Virus Software and othersecurity tips for more information).

Both the National Cyber Security Alliance and US-CERT have identified this topic as one of the top tips for home users.

Authors: Mindi McDowell, Allen Householder

Understanding Anti-Virus Software

What does anti-virus software do?

Although details may vary between packages, anti-virus software scans files or your computer's memory for certain patterns that may indicate an infection. The patterns it looks for are based on the signatures, or definitions, of known viruses. Virus authors are continually releasing new and updated viruses, so it is important that you have the latest definitions installed on your computer.

Once you have installed an anti-virus package, you should scan your entire computer periodically.

Automatic scans - Depending what software you choose, you may be able to configure it to automatically scan specific files or directories and prompt you at set intervals to perform complete scans.
Manual scans - It is also a good idea to manually scan files you receive from an outside source before opening them. This includes
- saving and scanning email attachments or web downloads rather than selecting the option to open them directly from the source
- scanning media, including CDs and DVDs, for viruses before opening any of the files

What happens if the software finds a virus?

Each package has its own method of response when it locates a virus, and the response may differ according to whether the software locates the virus during an automatic or a manual scan. Sometimes the software will produce a dialog box alerting you that it has found a virus and asking whether you want it to "clean" the file (to remove the virus). In other cases, the software may attempt to remove the virus without asking you first. When you select an anti-virus package, familiarize yourself with its features so you know what to expect.

Which software should you use?

There are many vendors who produce anti-virus software, and deciding which one to choose can be confusing. All anti-virus software performs the same function, so your decision may be driven by recommendations, particular features, availability, or price.

Installing any anti-virus software, regardless of which package you choose, increases your level of protection. Be careful, though, of email messages claiming to include anti-virus software. These messages, supposedly from your ISP's technical support department, contain an attachment that claims to be anti-virus software. However, the attachment itself is in fact a virus, so you could become infected by opening it (see Using Caution with Email Attachments for more information).

How do you get the current virus information?

This process may differ depending what product you choose, so find out what your anti-virus software requires. Many anti-virus packages include an option to automatically receive updated virus definitions. Because new information is added frequently, it is a good idea to take advantage of this option. Resist believing email chain letters that claim that a well-known anti-virus vendor has recently detected the "worst virus in history" that will destroy your computer's hard drive. These emails are usually hoaxes (see Identifying Hoaxes and Urban Legends for more information). You can confirm virus information through your anti-virus vendor or through resources offered by other anti-virus vendors.

While installing anti-virus software is one of the easiest and most effective ways to protect your computer, it has its limitations. Because it relies on signatures, anti-virus software can only detect viruses that have signatures installed on your computer, so it is important to keep these signatures up to date. You will still be susceptible to viruses that circulate before the anti-virus vendors add their signatures, so continue to take other safety precautions as well.