Big Geek Daddy follows some basic rules when surfing the Internet to help protect his computer from being attacked by Viruses, Trojan Horses, Spyware, Adware, Malware, Keyloggers, and Phishing emails. I have listed these security tips below and hope that they prove helpful to you or anyone else you know that’s using the Internet.
No security software is 100% effective and while the layered defense software concept I advocate on my Free Virus Protection page will do a great job of protecting you from yourself please use common sense when surfing as your actions are the biggest threat to your PC security!
1. Never Open Attachments in Email: Instead, save the attachment to a separate folder on your computer. Then go to that folder and scan it with whatever Anti-Virus program you are using. If the scan comes back clean then it’s probably OK to open it. Use common sense here though and don’t open attachments from people you don’t know.
2. Don’t click on Hyperlinks in Email: Never respond to email’s that ask you for your security info such as passwords and account numbers. An email arrives supposedly from PayPal, eBay, or your bank asking you to verify your info and they conveniently provide a link for you to do so. Even if the email appears to be from a company you do business with do not reply to it with your info. The link will most likely take you to a spoof website and once you enter your info you’ve just compromised your account.
3. Never send Sensitive Info to anyone via Email: Email isn’t secure and can be intercepted and read by hackers.
4. Use Strong Passwords: These would be the longest and most confusing password allowed by the site. For example, if a site will let you use a 32 character long password then choose to do so, don’t opt for an 8 letter password. Why? You tell me which one is easier to crack based on example below:
BigGeek1 (Weak Password)
cgzSF9S&!5c!vfe3XkDPCcDTapfvFMyN (Strong Password)
The first one was generated by my simple mind. The 2nd password was created by LastPass’s Password Generator. If you haven’t tried LastPass yet I encourage you to do so. To use the password generator click on the LastPass icon in browser toolbar and choose Generate Password. Make sure you immediately log in to whatever site your generating the password for until LastPass prompts you to save it because unless you’re a genius there’s no way your going to remember a long random password.
5. Log off of Websites: I know it’s much easier to just click the X in upper right corner of a web page to close the site, however, that might leave you vulnerable. Take the time to actually log off the site and then close the browser window by clicking the X. Then open a new browser window to go to the next site you need to visit.
6. Watch for websites using Similar Names: Again, this can be prevented by using LastPass. Let’s say you’re on someone’s web page and you click on an Amazon.com link to shop.
It takes you to: http://www.amazen.com/gp/product/B00008BFS8/102-4136487-3340104?n=228013
Instead of: http://www.amazon.com/gp/product/B00008BFS8/102-4136487-3340104?n=228013
The difference is so subtle you probably wouldn’t even notice the “e” instead of an “o” in amazon.com. So you add the hot product to the checkout basket and proceed to type in all your info to complete the order – you just gave it all away to a hacker.
LastPass will help prevent this because once you go to checkout it will ask you for your user name and password as a returning customer and if it’s not a legit site then LastPass won’t pop up asking you to fill in the user name and password.
7. Don’t enter Security Info on Another Computer: For example, you’re in the hotel lobby and want to check how your stock portfolio did so you go to your brokers web page and type in your easy to remember user name and password. So, since you’re on a public computer let’s just assume it’s infected and has been targeted by hackers…you just gave them your info. Solution: Don’t enter sensitive info on someone else’s computer or if you must use a computer other than your own use a USB Drive with RoboForm Pass2GO.
8. Make sure you spell Search Words correctly in Google or whatever Search Engine you use: This will help you avoid being the victim of Search Engine Typosquatting.