/ phishing

Protect your computer from yourself

Security is a hot issue these days, anti-this and anti-that software is being sold to the not so computer savvy consumer making them feel less burden and safer while using their shiny machine. But are they safer with these types of software?

While it does protect a computer system from malicious programs (e.g. viruses, trojan horses, malware, etc) to an extent, at least when the user keeps the software up-to-date, it isn't foolproof or should I say user-proof. At the end of the day it is the user that will make all the difference when it comes to protecting a computer system from malicious software.

Of course a operating system can make all difference. As Windows is still the most used and dominant OS in the world, it has to deal with a lot of unwanted attention by crackers that make malicious programs. It also has a lot to do with Windows security design but to make my point with some statistics:

According to theregister (post from 6th of October 2003) about the amount of viruses per OS:

Linux has a low number of viruses. "There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux" according to Dr. Nic Peeling and Dr Julian Satchell's Analysis of the Impact of Open Source Software (source: theregisteer).
So you might be a bit safer using an open-source based OS (Unix, Linux and Apple) but still the end-user comes in to play. He/she will be the one that makes or breaks the integrity of the computer system.

There are some basic things you can keep in mind while you use your computer though. Most of which are pretty straight forward but worth a mention:

  • If you get a message via chat without prior messages from a contact and it contains a link, don't click it! Ask the person if they send it, 9 times out of 10 they didn't and are infected by a virus that send the message without their knowledge. The link would have taken you to a website that installs malicious code on your computer,
  • If you get an e-mail from someone say a bank or any other person requesting your credentials (loginname, password, pincode, passphrase, etc), don't trust it and don't respond. This is probably a phishing attempt. A good indicator of a phishing e-mail will be the request for credentials but also the poor translation if in non-English. Another indicator will show itself if you hover your mouse pointer over the link, don't click it. Notice the difference from the url in the e-mail and the one it actually points to (see the status indicator in the lower part of your window),
  • Never open an e-mail attachment from a stranger but watch out for e-mails from your friends too. If you get an e-mail with attachment notice attachment name (probably something currently in the news or a celebrity's name) and the body of the e-mail might also be an indicator,
  • Keep your software up-to-date, make sure you are running the latest version but also keep the definitions (sort of a database to recognize viruses, etc) of security programs (anti-virus, firewalls etc) current. You can get daily or more frequent updates of the definitions via the internet. Make sure you update at least daily,
  • Last but certainly not least, use your head. Logic can save you in a lot of situations in life and people should use it more. Computers aren't different. If you don't trust something then don't open, execute, view, etc it. Ask a friend with more computer know-how for help if need be.
Be safe now...