I am sure there are lots of folk out there who already have the experience and knowledge to surf the web, play with email, and in general use the ‘net with a measure of safety. However, there are lots of people still who really don’t know that much about what to do and not to do when it comes to that big wide open world we call the Internet.
I know this first hand from helping quite a few customers back when I operated a computer repair shop, that would bring computers in that were infested with all manner of viruses, spyware, and the like, plus experiencing glitches, slowdowns and whatever else you can think of. This has prompted me to (attempt to) write a basic primer for Internet users that, for whatever reason, aren’t yet savvy when it comes to the ‘net and best ways to do things.
Before I start, let me preface this by saying that everyone has their own opinions on how to do things, and ‘net safety is no different. What is here is all from my own experience, and is the stuff that I do and recommend to folk when they ask me. Someone else may tell you something different, and that doesn’t necessarily make them wrong or me right or anything like that. The thing you have to do is use some common sense, and take a look at whatever it is and see if it makes sense. If something don’t quite sound right, don’t do it, or go ask someone that would be in a position to know. Heck, head on over to the forums and ask the community.
All that being said, these are guidelines, or what I like to call “best practices” and should help you to have a better, and safer overall experience with the Internet. I am not going to get too detailed on operating systems and hardware, but for most things I will assume and write for an audience that is running Windows, since that is the majority.
Let’s get started …
Keep your software and operating system patched and updated
This is especially true for your operating system (a.k.a. Windows). Bugs and flaws in the operating system can wreak havoc with your computer when someone with malicious intent writes a virus to exploit that flaw. By running the Windows Update service on a regular basis, you can make sure that your system stays patched and safe from those types of attacks.
In addition to your operating system, any other software that you use like web browsers, email clients, media players, etc., should be kept up to date as well. If one of these applications has a flaw in it, someone could craft a malicious file that caused some kind of problem when you opened it. The majority of viruses spread through software and operating system bugs or flaws that go unpatched.
Don’t use Internet Explorer
I am going to take some heat from some of you out there, saying I am simply busting on Microsoft with this one, but that’s not true. I say don’t use IE because of a couple things, one is ActiveX controls and the other is that IE is hooked into the operating system so deeply, that it has way too much power when it gets exploited. ActiveX controls are small programs made to run in your web browser. This is great for specialized application development, in a known environment like a company’s intranet or something. However, for general web surfing for home users, you don’t want the risk.
I use and recommend using the Firefox web browser. Simply using Firefox will help you stay safer on the ‘net, but the real power comes into play when you add some extensions, or plugins. By adding a few extensions, which are easy to install, you can make Firefox operate better, add some nice conveniences, and make it more secure. We have a whole page here devoted to out list of must have Firefox plugins, be sure to check it out. Simply follow the links to go to the pages for that plugin.
Use and keep updated a good anti-virus program
This may sound like a no brainer, but I can’t tell you how many computers that I would get in to work on that either didn’t have any anti-virus software on it at all, or had some but the definitions were years out of date sometimes. Ok. Folks, that doesn’t do you any good at all, not at all. You see, even if you stay patched and updated, and use Firefox and take all manner of other precautions, you are still likely to face a virus threat at some time or another. When that happens, pretty much the only thing between you and that virus is your anti-virus software. That means that if you don’t have any at all, or if you don’t update it, you just got infected. Some of the viruses out there are nasty enough that once infected, your only option to get rid of it is to format and reinstall.
So, are we clear on this? Get some anti-virus software, and keep it updated. I personally use Symantec’s Norton Anti-Virus, I seem to get the best results out of it. But there are others like McAfee, and some free ones even. You have to have something, and as for updating it, most of them have an auto update option that will check for virus definition updates for you. Anti-virus software is one of those things that you hope you never have to use or rely on, but when you do need it, you’ll be real glad you have it.
Use and keep updated a good anti-spyware program
Just like the anti-virus mentioned above, there is software specifically made for removing spyware. These programs scan your computer, and look for anything that matches known spyware so it can be removed. There are two programs I recommend and use, one is a commercial application called Adaware from Lavasoft that can be used free for personal use, and one is Spybot Search and Destroy and is completely free. Whichever one you use, or if you decide to use them both, keep them updated and scan your machine regularly. I usually scan mine once a week, and as a side note, since I switched to Firefox, I haven’t had more than a couple spyware files found on my system.
Email, spam and attachments
One of the key things that every user needs to handle is their email. This includes spam, email attachments, viruses and more. There are some basic principles to follow when you are checking your mail and managing that inbox.
Don’t ever, ever, ever, ever open attachments from anyone that you don’t know. Period. I don’t care how cute it says it is, or how fun it looks, if you don’t know the person that sent it, don’t open it because is will have some type of payload that you don’t want, even if it doesn’t appear to right away. Lots of these cute little programs and videos have viruses or spyware hidden in them.
Don’t ever, ever, ever, ever open attachments from people you know, if you aren’t expecting them. This may seem silly, after all, you are saying to me “But Bob is my friend, and he wouldn’t send anything malicious!” While this may be true, Bob might have gotten himself a little virus that sent this attachment to you, in which case it’s not really Bob, it’s the virus. I have seen lots and lots of viruses that spread this way, you get an email from your friend, thinking they sent you some cool thing by surprise, and whammo, you are infected. Simply verify with your frien, before you open the attachment. I suggest setting up a code with your friends you regularly email with, so that when they are going to send an attachment, they put your secret code word in the subject line. So if you get an email with an attachment from them without the code, you can know right away that something isn’t right.
Make sure your anti-virus software is set to scan any email attachments as they are downloaded to your computer. You do have anti-virus software, right? Remember our notes above? Well, make sure it is set to scan those attachments, that alone will help stop any viruses that come in.
When dealing with spam, don’t hit the button or link that says “Click here to remove your name from this list”, or something similar. Let me tell you a secret, the spammers will never remove you from their lists, they are spammers. First off, they don’t care and second they send out millions of messages to millions of people, they aren’t going to worry about your request to remove yourself. What they are going to worry about is valid recipients. Do you know what that is? That is an email address that they know is good, because it becomes worth more to them, because they then know that a real person is behind that email address. Guess what, when you click on that remove me link, all you are really doing, is verifying your address to them and in the end, ensuring that you will recieve more, not less, spam from the spammers. The best thing you can do is just delete the email, and not fall into their trap.
Don’t fall for phishing scams. No, that’s not a typo. Phishing is really just a modern word for social engineering, which is when someone bad tricks you into giving them some important information about yourself. You need to watch out for and be very careful with any email from any institution that asks for personal information such as usernames, passwords, account numbers, pin numbers, etc. I don’t know of any company that will ask for that kind of information in an email, if at all. So if you get an email, that looks like it’s from your bank, or some where else that you might deal with, don’t immediately give them all of your information. Call them on the phone and verify it! You definately don’t want to give your personal info, like your bank account numbers to an online criminal. The most common of these phishing scam emails I have seen are from eBay/Paypal, Bank of America, and more. Remember though, these are not from the real companies, they are from online thieves that are trying to steal from you.
Last updated 2007/07/06