Thwart the Three Biggest Internet Threats of 2007
By Cher K Markov
The same Internet connection that lets you reach out and touch millions of Web servers, e-mail addresses, and other digital entities across the globe also endangers your PC and the information it contains about you. Here's how to stymie the three gravest Internet risks.
Internet Explorer heads the list of top Internet security attack targets in the most recent joint report of the FBI and security organization SANS Institute.
One reason: As the most widely used browser, IE provides the biggest payoff for malicious hackers who set out to exploit its flaws. The biggest problem with IE is its reliance on Microsoft ActiveX technology, which allows Web sites to run executable programs on your PC via your browser.
Security patches and upgrades, including Windows XP Service Pack 2 and the recently released IE 7, make ActiveX safer, but the inevitable flaws that allow malware to circumvent those security measures--combined with the reality that we computer users are often a credulous lot--make ActiveX a risk not worth taking.
Happily, with very few exceptions (such as Microsoft Windows Update site), you can browse the Internet effectively without ActiveX.
To disable ActiveX in IE 6 and 7, choose Tools, Internet Options, Security, Custom Level, scroll to 'Run ActiveX controls and plug-ins, and select Disable.
Click OK, Yes, and OK to close the dialog boxes. To enable ActiveX on a known and trusted site, click Tools, Internet Options, Security, choose Trusted Sites, click Sites, enter the site address in the text box, and click Add. Uncheck Require server verification (https:) for all sites in this zone, and click Close and OK.
If you leave ActiveX enabled, you may quickly encounter malware-harboring sites and e-mail attachments that ask you to let them install their ActiveX controls on your system. Unless you are 100 percent certain that the control is safe and legitimate, do not allow it.
Regardless of which browser is set as the default on your system, always keep Windows (and IE) updated to minimize your risk.
To keep Windows XP up-to-date, visit update.microsoft.com (you will have to use Internet Explorer) and install Service Pack 2, if you have not already. Next, choose Start, Control Panel, System, and click the Automatic Updates tab.
Select Automatic (recommended) If you trust Microsoft implicitly, Download updates for me, but let me choose when to install them if you trust the company a little bit, or Notify me but do not automatically download or install them to play it safest. (Click "Do not Let a Windows Update Bring You Down" for more on Windows updates.)
Whichever option you choose, click OK to download and install the most recent security patches.
If you stick with IE, upgrade to version 7, which improves ActiveX security. Still, the best way to reduce your PC vulnerability to ActiveX exploits is to download and install another browser, and set it as your default browser.
Mozilla Firefox is the most popular IE alternative. Unfortunately, Firefox growing popularity has enticed malware authors to exploit its own flaws. While no software is perfectly secure, many experts think the Opera browser is safer than either IE or Firefox.
Threat 2: Phishing and Identity Theft
You have probably seen your share of phishing attacks, which look like communications from your bank, PayPal, eBay, or another online account. The message may ask you to click a link that leads to a bogus Web page, complete with realistic user-name and password log-in fields, or it might ask for a credit-card number.
The fake address often resembles the real institution URL--'citibank.fakesite.com' in place of 'citibank.com', for example. The phishers site and e-mail message may even load images from your bank, or have links to the institution own Web site.
When you take the bait, the phisher harvests your data, and either sells it to someone else, or uses it to drain your account right away. A variant called spear phishing identifies you by name in the lure message or Web site, making the sham even harder to spot.
You may have read that your bank will never send you an e-mail asking you to log in to your account, and it should not, though it does happen on occasion. The vast majority of messages that appear to come from financial institutions are phishing attacks, so assume that such messages are bogus and avoid opening them at all, let alone clicking any links they contain.
If you are concerned that the bank or other service is really trying to notify you of a problem with your account, open your browser manually and log in to the site directly, or better yet, pick up the phone and call a customer service agent (if you can find one via the bank automated phone system).
The place you are most likely to notice that your credit card or bank account has been compromised by a phishing attack or identity theft is on the statement you receive from them via mail. Check it carefully for unauthorized charges, and report any to the institution immediately.
IE 7 asks you a couple of times if you had like to enable its phishing filter during installation; say yes. To enable this feature, choose Tools, Phishing Filter, Turn On Automatic Website Checking, and click OK.
Firefox 2 phishing filter is enabled by default, but it uses a static downloaded list of known phishing sites. Many firewalls and other security programs include identity-protection features that scan the stream of data leaving your PC for sensitive information, such as passwords or social security and credit card numbers, and then block the unauthorized transfers.
Resist the temptation to post personal information on your Web page, blog, or social site (Facebook/MySpace) account. Identity thieves, spammers, and online predators are always on the lookout for such data. Browse to "Safeguard Your Reputation While Socially Networking" for an explanation of the risks to both adults and children, and for tips on what you can do to avoid the dangers.
Threat 3: Malware
Every day, virus, spyware, and adware creators come up with new, ingenious ways to gain access to your PC.
These steps will help keep you safe:
Think before you click.Use a spam filter. Update your antivirus software.Download with discretion.Use a bidirectional firewall.Use antispyware.
About the Author
Cher K Markov articles on various subjects and has a treasure chest of information and resources on Software Downloads at http://online-downloads.blogspot.com
Article Source: http://www.simplysearch4it.com/article/52135.html
|If you wish to add the above article to your website or newsletters then please include the "Article Source: http://www.simplysearch4it.com/article/52135.html" as shown above and make it hyperlinked.|
| Some other articles by Cher K Markov|