Basic Security (See also Help 13 for more detail)


Index Page  Index Page Click on >> SITE MAP
 
Next Page Search Engines (Browsing)  

Staying safe on the Internet requires some help from you

As hackers get more sophisticated (or just pay for methods of hacking) you may feel it is necessary to tighten up your passwords. You can get a password program that should keep your passwords safe and enter them for you (such as Dashlane or Lastpass).  But there is a lot of talk about 2FA and 2SV (two step authentication or two step verification). Guru Graham Cluley discusses these at length HERE  He also goes into detail how to set up 2SV if you have a Google Account.  Personally, I find the idea of waiting for a code so I can do something to be a bit of a bind and wish there was a simpler way to protect my computing.

In fact Google (and Gmail) is very hot on 2FA and offer various alternatives.

Two step verification with Google (and Gmail)
Get codes via text message
Google can send verification codes to your mobile phone via text message.

Backup phone numbers
Add backup phone numbers so Google has another way to send you verification codes in case your main phone is unavailable.

Want a phone call instead?
Google can call your cell or landline phone with your verification code.

Backup codes
You can print or download one-time use backup codes for times when your phones are unavailable, such as when you travel.

No connection, no problem
The Google Authenticator app for Android, iPhone, or BlackBerry can generate verification codes. It even works when your device has no phone or data connectivity.

Register your computers
During sign-in, you can choose not to use 2-Step Verification again on your computer. We'll still ask for codes or Security Key on other computers.

Keep your account even more secure
Instead of using verification codes, you can insert a Security Key into your computer's USB port for even more protection against phishing.
 
*******************

Internet Guru Bon Rankin doesn't spend much on security software.  To quote him in 2016 : Free Antivirus Programs. For the past few years, I've been using the free version of Avast Antivirus, with an occasional scan using MalwareBytes AntiVirus, and this combo has served me well. Advanced SystemCare cleans, optimizes, and protects very reliably.  CCleaner is another tool that I've mentioned several times on this site. I also recommend Privazer, a tool packed with utilities to keep your PC in top shape.

2017. One free AV program was rated highly.  Try https://www.totalav.com/free-download

I am beginning to think that much of the hype about internet threats is exaggerated for the sake of selling newspapers.  But the Cryptolocker scam DID manage to cream off millions before the group was broken up. But, if you are affected, the following address might get you out of trouble https://www.decryptcryptolocker.com

But to see what the UK government suggests see https://www.cyberaware.gov.uk/

The June 17 version of Ransomeware is called Petya or similar words.  If you wish to read the full story of this version please click on the Sophos site HERE

Sophos also offers a free anti virus software (but insists that you get rid of all your current anti malware programs)

Sophos also offers a free malware clearances tool which can be downloaded from HERE

Stolen data.  The Europol Cybercrime unit says "We have seen an increase in the misuse of wi-fi, in order to steal information, identity or passwords and money from the users who use public or insecure wi-fi connections,"  and warns people not to use public wi-fi, such as trains and cafes when communicating things such as bank data.

After several year relying just on Microsoft Security Essentials for anti virus protection I have reverted to Avast Free.  Since I last used Avast it has introduced some useful extras. e.g. It suggests which of your programs have available updates and updates them with a click on each (without the common risk of being diverted to other software). It enabled the creation of a virus free Rescue disk (in case you still get some infection) It does a browser cleanup of the add-ons that have crept in. Also it makes accessing your PC from elsewhere more easy. The paid versions do even more, of course.

Leo Notenboom gives sensible advice and, like me, doesn't go overboard - or pay for - his security software.  His articles on the subject suggest the sort of thing you should have and it includes, Microsoft Security Essentials, plus a number of other free programs to be run if you think you have a problem.  Like me he prefers Antimalwarebytes and Spybot Search and Destroy and cleans up rubbish with Ccleaner and defrags with Defragler and, like me he does NOT go in for Security Suites, especially the paid ones that are often added to new machines. When doing a virus check he also uses Microsoft Rootkit Revealer and boots from Windows Defender Offline tool (not just Windows Defender, which is already installed on most machines. You need to make a CD of this on a clean machine.

Sunday Times suggests ways of creating complex but memorable passwords.  They suggest the first letters of a memorable sentence.  So that might be "I like to go to Spain in the Winter"  which becomes  IltgtSitW.  Passwords are usually case sensitive so note the capitals. To make it more difficult you can use the same phrase but add a couple of extras at the beginning or end. One bank's password could be B1IltgtSitW. A second bank could be B2IltgtSitW. Amazon could be AIltgtSitW.  Adding numbers or even symbols like @ or ? can strengthen it further. Lastly (and I do this) you can keep all your passwords in a passworded program. See www.lastpass.com

Microsoft have brought out a 'Safety Scanner'. It is around 67 Mb and expires every 10 days, so has to be renewed if you wish to run it again later.  It is just another asset to your armoury and can be downloaded from http://www.microsoft.com/security/scanner/en-us/default.aspx

This site gives a safety rating for websites. http://www.mywot.com/en/scorecard/www.silverhairs.co.uk Mine was rated highly !

Security Tip : Anything with a serial number, such as a mobile phone, a laptop, a bike or an mp3 player, will have a serial number – this can be entered into the National Property Database through www.immobilise.com . If the registered item is lost or stolen then recovered by police, officers can search the database and reunite you with your property. Items can also be postcode marked with UV pens or SmartWater.  Checkmend www.checkmend.com/uk works closely with the immobilise site. For a small fee you can check whether an item has been stolen. They also sell various security devices such as labels to attach to phones or electronic tracers for bikes.

I find the help site by Leo Notenboom https://askleo.com  useful. If you register he will allow you to download a useful PDF file on keeping your PC safe on line.

Microsoft has made it easier to install anti virus software as their Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. If you installed Microsoft Windows Defender on your PC it will be automatically turned off when you install Security Essentials.  So, you might as well delete it. It is a free download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple. It runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times. Reports say that it checks on line for certain things, which may slow things now and again and its Full scan takes for ages.  But it has the approval of many reviewers and I am gradually dispensing with my favourite AV program. See http://www.microsoft.com/Security_Essentials/

Microsoft SpyNet is the network of Windows Defender and Microsoft Security Essentials users that help determine which programs are classified as spyware. The signatures created for any submitted programs by the users of the product are available to all users, displayed as a bar graph that shows the percentage of people who have allowed, blocked, or removed an item. This method of spyware classification allows rare, unknown, or new spyware to be categorized as most people choose to send their data.

My favourite browser comes out on top ! At a CanSecWest security conference in Vancouver, and just one day in, Firefox, Safari and Internet Explorer (8) had all been hacked, leaving just Google Chrome still standing.

If you are unsure what parts of your software are not up to date and therefore vulnerable to attach take a look at http://www.softwarepatch.com/.  This is no good to you if you do not have Windows XP, Vista or Windows7. But it may be a help to people whose machines fail the Microsoft Genuine Application (WGA) test and are deprived of Windows Updates. 

A report has shown that many people are using old versions of web browsers, some as old as Internet Explorer 4 (!) The current version is 9 (not available to XP).  Anyone not using the latest versions (including 7) and its updates are not only likely to be affected by viruses and spyware but may be the unwitting propagators of such attacks.

The size of security downloads these days (M'soft and Antivirus) must put off an awful lot of people if they have a slow connection.  Recently I had to update a laptop with 42 security updates on a slow connection. It took hours and that did not include Service Packs 2 & 3 for XP, which I loaded from a disk. If I had downloaded those I would have to let it run all night. Programs such as Zone Alarm Free (firewall) are now 27 Mb and frills like Quicktime and iTunes  updates are as much as 65Mb.

Some people will say " Well I only use it for the occasional e-mail". If so, they are not on line long enough to get the security updates that are so essential these days - and are thus prone to virus infection and doomed to face endless trouble just to stay on line (and likely to infect others). It is a shame, but that is a fact. I think the answer for them MUST be to get a tablet computer.  Fewer downloads and faster connection.

The background to the security threats

There are said to be several thousands of malware programs created every day but most do not make it 'into the wild'.  Why do people do this ?  Well, there are two main groups malware creators. The first is the geeky 'hoodie'; the same people who would pull down a sapling, deface a wall with grafiti, or throw a beer can down in the street.  They are the ones who get a kick out of being able to say "I did that". But the other group are the real threat.  They are after money and, if you are sitting in a grotty town in Siberia or The Ukraine it can be very tempting.  There is a lot of money to be made if you can get behind the (weak) defences of the world's personal computers. It is now the domain of criminal gangs who can afford to purchase the best ways to do this. They can 'infect' millions of computers and control them in something called a 'Botnet'.  They can then use these computers to distribute spam (though I find it difficult to know how spam pays - but apparently it does.  There must be one idiot born every day). They can blackmail companies by threatening to overload their systems.  They can filch credit card and bank details (though there are other, less sophisticated, ways to do this). They can scare people into paying for software to clear viruses that either don't exist or which they, themselves have planted. What is more they are becoming more sophisticated with what they do.  Anti virus software must be kept up-to-date daily to keep pace with this flood.  If yours doesn't, then you and your PC are vulnerable.

Definitions

Malware.  A general term for any harmful program

Viruses. Software (programs) that get onto your computer with the intention of causing trouble. They take various forms. They are mostly written by people trying to prove they are clever with computing. Some have the intention of stopping a website working by inundating it.

Adware  Advertising which is sent to your computer without your agreement but more often a marketing tool. See Spyware.

Anti Virus program. One which is resident in the memory of your computer which is alert to viruses and can stop, clear or quarantine viruses which it recognises from its data file

Anti Spyware /Adware program.  One which will clear spyware from your machine, when run

Cookie .  A small text file of unintelligible letters and numbers, which is used by honest and dishonest organisations to send information to them. When you agree to your details being kept, so you don't have to re-enter them, they are kept in a Cookie. But if you would prefer to clear cookies regularly you should turn off Browsing History in your web browser. In Firefox the setting is under Tools, Options, Privacy.  In Internet Explorer, Tools, Internet Options, History, History.

Dialers or dialers. A method by which your dialup number is changed without your knowledge so it telephones a premium number in this country or abroad. This may or may not be linked to pornographic sites.

Firewall.  Software or hardware that makes your computer invisible to unwanted outsiders.

Identity Theft. When you finally dispose of your computer you are advised to wipe the hard disk clean.  Otherwise people may find your details, even though you have deleted them. Many recycled computers are sent to third world countries to help them. But you do not want them to help themselves to your bank account !  If you lose a phone, Pad or laptop which has your details on there, change all your passwords immediately. And don't forget to wipe any hard disk you are disposing of: see Piriform at http://www.piriform.com/ (Recuva advanced) for a tool to do this.

If you, like me, hate to take perfectly good equipment to the tip, another thing you can do is install a copy of Ubuntu. It will wipe all your current data and Windows programs but will make the machine safe and useable, with its installed software and internet access.

Keylogger. A program (usually installed by a virus) that keeps a log of your keystrokes so that someone can retrieve this information later, usually with the intention of finding your (bank ?) passwords.

Phishing  A scam which specifically uses a false e-mail or website (which may look like your bank) with the intention of obtaining information to rob your bank, building society, credit or debit card accounts accounts.

Popups  Small screens which appear on top of the main page usually advertising something.  But can be associated with Malware

Popup Stopper.  A program that stops unwanted popups

Scams. Various criminal methods used to try to obtain money or goods from you

Scareware. Software that claims to detect viruses on your computer then suggests software to clear them - usually costing $39

Spam    Unwanted advertising that is sent to you as emails

Spyware Often linked to Adware but with the intention of reporting back to someone or an organisation as to your activities Usually kept in the Cookies folder.

Temporary Internet Files. Records of your visits to various websites.  The original intention was to make a repeat visit to the page open more quickly but, frankly, they are a nuisance, using space on your hard disk.

Trojan. A program lurking on your PC ready to open the gates from inside, Trojan Horse style.

Should you care and, if so, what should you do?

It IS important to address these issues to ensure that you don't pay out cash unnecessarily but also to help prevent the breakdown of what is an important communication medium.  Doing nothing to safeguard your machine will make you very unpopular with the people your virus is passed on to.

Mind you, your Internet Service Provider (ISP)  and Microsoft have some responsibility, too.  The quality of the protection you get varies enormously. Why some ISPs can provide effective spam filters and others don't is difficult to imagine. Should you put up with any ISP that has let through malware of any kind?  In this day and age it is just not on. So why have I just come back from hours of work getting rid of Trojans on Tiscali and NTL machines? When asked "How did they get on there ?" I was unable to say.  Without protection it is very easy to get infected. In fact, I will guarantee it.

So what should you do? Apart from being vigilant it is ESSENTIAL that you ensure that your machine is protected against these unwanted intrusions.  To do this you need at three types of software. See above (January 2010).

1) Anti Virus software
2) A Firewall (Windows has its own)
3) An anti spyware program
4) If you use Internet Explorer get Mcafee's Site Advisor http://www.siteadvisor.com/download/ie.html. But don't trust its site ratings implicitly

You may also like to use spam blocker and a popup blocker. Whilst these are not normally a security issue they are annoying and, if you get many popups, it MAY mean you have a Trojan lurking in there. Worst of all, clicking on a popup may then install the nasty software.  It is regularly used as a marketing technique by very dubious companies.  Once installed this type of software requires considerable skill to clear it out.

Because viruses and spyware are constantly changing the preventative software needs to be regularly updated.

What software should you get ?

NB. Microsoft has stopped supporting Windows 98 and ME amd XP platforms. No more security updates, no more technical support, nothing. You are now, officially, on your own. Guru Patrick Crispen recommends that, if you continue to use Win 98 you should be sure to have good security protection such as anti virus and firewall.  He also adds that, in his view Internet Explorer will continue to be a vulnerable Browser, he recommends that you change to Mozilla Firefox. See my Search Engines page Here 

For Windows XP, 2000, Vista and Windows 7 users Microsoft has a very thorough, anti Spyware program which you can download (free) from http://www.microsoft.com/athome/security/spyware/default.mspx There is an explanatory video.
If you think you have a virus you can run The Microsoft Windows Malicious Software Removal Tool which helps remove specific, prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows XP, Windows 2000, Windows 7, 8 and 10. You can download it from HERE. It is updated regularly.

But most people can use the excellent Spybot Search and Destroy from http://www.safer-networking.org/.You can use it free but there is a donations section.

If you are not happy with what Microsoft now offer you can buy a SUITE of software which will do all of these things  The most famous are Norton Internet Security  and Mcafee Internet Security, Zone Alarm Suite, PC-Cillin at various prices. There is an additional subscription each year.  You may occasionally see these on special offer (like half price !)

Once installed on your computer these will automatically be updated when you connect to the Internet for any length of time. These days they should update at least daily and some may update even more than once a day - just to keep up with new viruses.

You can also protect your computer with very effective free alternatives. These include Clamwin,   AVG7 Free (anti virus), Avast! Anti virus from www.avast.com (my current favourite - it just takes care of itself) Ad-aware and Spybot (anti spyware) and Zone Alarm Firewall. Each of these excellent programs can be downloaded from the internet by searching for them but they may have fewer features than the paid versions.

Windows XP, Vista and & W7, 8 and 10 all have integral Firewalls, which is normally turned on but Zone Alarm is rated higher. A thorough firewall not only stops someone 'polling' your computer (using a piece of software to scan the internet to see which computers are vulnerable) but also stops your computer sending information out.  Of course you require your computer to send out e-mail and also to contact the net, so many programs will ask you if you want to add a program to your 'exceptions' list.  You will be asked, the first time this happens, to agree (or decline) to let the program through. But if that all gets too much I think you will find that the Windows firewalls are quite sufficient.

Whereas firewalls are only occasionally updated both anti virus and anti spyware software must be, due to the fact that new threats are continually developing.

Unfortunately, it is not enough to leave everything to clever software. You can still get a virus merely by clicking on a link on your screen or in a website. The usual technique is to have a popup say that you have a vulnerable computer and click here to check it. Whether you click Yes, No or even the close X in the corner you may fall for it.  Close the screen with Ctl + W. If that fails press Shift Ctrl and Esc to access the Task Manager and close the application from there.

You can also get caught out by various scams.

The most common are

Phishing : You are told to connect to your bank site to clear up some problem and are then asked for your bank details

The pleading email : This unfortunate person is unable to get at his rightful (or even criminal) millions unless you agree to help. People who fall for this (and it is a major industry in Nigeria) are usually spurred on by greed (or debt)

The email from someone you know, who says they are stuck somewhere and have no cash....

The offer you can't refuse : You have advertised something (anywhere) and someone will kindly send a you a cheque for much more as long as you send them the difference (for one obscure reason or another). The bank clears the cheque/bankers draft etc and only reneges on it after you have sent your cheque to the miscreant. Banks do NOT take responsibility for this (even if they should).

The Freecycle item that is very tempting but suddenly to 'owner' has move and has arranged to send you the item to you by a (non existent) delivery company.... happened to me.

Dialers are a common ruse, if you have a dialup (not Broadband) connection. Although someone changing your dialup number without your knowledge may seem to be illegal this is difficult to prove and you will usually only find out too late.  Telecom companies will NOT reimburse you. You can ask your Telecom company to block all outgoing UK premium numbers from the number you use for the net but most charge for blocking foreign premium numbers. Broadband people, who do not dial up, are not caught out with this one. BT has now issued some software that will warn you if your computer is dialling a premium number. Such simple technology and they only just found it ! You do have to be a BT subscriber.  If you do get caught (in the UK) get in touch with ICSTIS (Now called Phonepayplus) They may be able to help and have the power to fine companies that use this practice.  

So, I hope you stay safe because, I can tell you, getting rid of these pesky little critters is skilled work and exceedingly time consuming..And, if you don't get rid of them you may just find that your credit card (or bank) account suddenly shows a big bill. It really does happen all the time.

Site Navigation Links :- Please click on SITE MAP

 


You can change the advertisements on most pages by clicking the arrows on the left


Index Page  Index Page Top of Page Next Page Next Page