I’ve noticed a number of my friends get burned on the internet. These are smart, educated folks who are otherwise model members of the community, but they have obviously made some bad choices online. 🙂 I did some research online and didn’t find anything that would help keep someone safe from current attacks, so I thought I would put something simple together. Let me know if you have questions. More importantly, let me know what I’ve missed that you think is important. I’ve made this note visible to everyone in the world, feel free to pass it on. In face, the more people who learn how to stay safe the better it will be for all of us, so spread the word.
Stop using Internet Explorer!!!
I use Firefox. It is available for free for just about any OS, but if you are moving from IE you are on Winders, eh? You can also use Google Chrome, or Opera or Safari. If you insist on using IE, make sure you are using version 7 or 8. Running the right browser will make you less susceptible to drive by downloads. We’ll talk about those later.
Never, and I mean never install anything you didn’t ask for.
A common sequence of events is one where you see a link your buddy posted about his latest video. You click the link and are told “oops, you need a new player to see this video” so you click install. You’ve just installed a trojan or root kit and some mafia in Eastern Europe now owns your PC. You’ve become a zombie. Congratulations! If you are on Facebook and the video doesn’t play on the Facebook page be warned. Click on your friends name, and if they’ve sent multiple, identical messages you can be 100% they are now a zombie. Don’t click the link. Don’t pass go. Don’t get infected.
If you are on IM (MSN Messenger, Microsoft Live, AIM, Yahoo!, etc…) and you get a link, ask the sender if they really sent the link. If you get a message, reply immediately and are told your friend is “not online” you can be 100% sure that they are infected. Don’t click the link.
Finally, you’ll see ads for free screen savers, fancy emoticons, ways to dress up your email and such. Some of those are legit, but many of then will install spyware on your computer. You don’t want spyware, so I recommend you always pass on those types of software. Its just not worth the risk.
Pay attention to addresses.
Be aware of where you are going before you go there. If you put your mouse pointer above a link, but don’t click the browser should show you what the link really is in the lower right hand corner. Make it a habit to always look before you click. Every single time. Let’s practice: Clicky clicky click here, please!! . Did you fall for it? Always look where you are going. Nothing worse than clicking a link to visit PayPal to “update your security” preferences and find out you’ve just given your login credentials to a crook because you didn’t notice you were logging into paypal.gimmeallyourmoney.com. Pay attention!
Never click on link in emails unless you can see where they go.
Same as the previous, but some email clients (mostly from Microsoft) make it way to easy for the bad guy to obscure where it is you are going to end up. Unless you’ve asked for the email, and sometimes even when you have, it is best to copy the address from the email client to your browser. Once you’ve done that inspect it to make sure it is what you expected, and only then click go or hit enter. Make sure you know where you are going to land before you jump.
Install a firewall and antivirus solution.
So you now only click on links that go where you expect them to go. You check out emails, posts and instant messages before you click and you never install things you shouldn’t. You are still at risk. Some folks who own web servers manage to let the bad just take control of their servers. In some cases, companies that host thousands of servers have managed to get them all infected. This puts you at risk of a drive by download. Internet Explorer is most at risk for this, but there are a few times where the other browsers are also vulnerable. This brings us to your last, best defense against internet scum. First, firewall and antivirus.
If you get your internet from Comcast you have a free copy of Norton Internet security waiting for you. I’d never pay for McAfee, but for free I am happy to use it. If I am going to pay for a solution I’ll pick TrendMicro . For free, non-Comcast I always pick AVG for antivirus and ZoneAlarm for the firewall. Pick something and install it. Now.
Install and use an Antispyware tool(s).
*New* Never give your Facebook credentials to any other web site!
There is a group of scammers who have surfaced recently who are using Facebook as their form of advertising. You may have seen posts by your friends saying “I made $109 today working online. U guys have to check out *******.com to get started!” What happened was they saw a post from one of their friends and checked out the site. They didn’t realize it was a scam and so signed up. As part of the sigup they gave up their Facebook credentials and became part of the scam. Never give up user names or passwords to companies you don’t know. Ever.
That’s all I’ve got for right now. I’ll add more to the note as I think of things to be aware of, but if you’ll do those things you’ll be much, much, much safer than before.
Good luck, and be careful out there.