7 Practices for Computer Security
- Protect your personal information. It's valuable.
- Know who you're dealing with.
- Use security software that updates automatically.
- Keep your operating system and Web browser up-to-date, and learn about their security features.
- Keep your passwords safe, secure, and strong.
- Back up important files.
- Learn what to do in an emergency.
Computers often hold all kinds of personal and financial information. If you’re getting rid of your old computer, there are things to do before you log off for the last time so your hard drive doesn’t become a 21st century treasure chest for identity thieves and information pirates.
- Save important files on an external storage device – for example, a USB drive, a CDRom, or an external hard drive – or transfer them to a new computer.
- “Wipe” your hard drive clean – use software available both online and in stores where computers are sold. They’re generally inexpensive; some are available on the Internet for free.
- If your old computer contains sensitive information that would be valuable to an identity thief, consider using a program that overwrites or wipes the hard drive many times. Or, remove the hard drive, and physically destroy it.
- If you use your computer for business purposes, check with your employer about how to manage business-related information on your computer. The law requires businesses to follow data security and disposal requirements for certain information that’s related to customers.
Once you have a “clean” computer, consider recycling, donating, or reselling it – and keep the environment in mind when disposing of your computer.
While you're online:
- Know who you're dealing with. In any electronic transaction, independently confirm the other party's name, street address, and telephone number.
- Resist the urge to enter foreign lotteries. These solicitations are phony and illegal.
- Delete requests that claim to be from foreign nationals asking you to help transfer their money through your bank account. They're fraudulent.
- Ignore unsolicited emails that request your money, credit card or account numbers, or other personal information.
- If you are selling something over the Internet, don't accept a potential buyer's offer to send you a check for more than the purchase price, no matter how tempting the plea or convincing the story. End the transaction immediately if someone insists that you wire back funds.
Some email users have lost money to bogus offers that arrived as spam in their in-box. Con artists are very cunning; they know how to make their claims seem legitimate. Some spam messages ask for your business, others invite you to a website with a detailed pitch. Either way, these tips can help you avoid spam scams:
- Protect your personal information. Share credit card or other personal information only when you're buying from a company you know and trust.
- Know who you're dealing with. Don't do business with any company that won't provide its name, street address, and telephone number.
- Take your time. Resist any urge to "act now" despite the offer and the terms. Once you turn over your money, you may never get it back.
- Read the small print. Get all promises in writing and review them carefully before you make a payment or sign a contract.
- Never pay for a "free" gift. Disregard any offer that asks you to pay for a gift or prize. If it's free or a gift, you shouldn't have to pay for it. Free means free.
It's important to protect your personal information, and to take certain steps quickly to minimize the potential damage from identity theft if your information is accidentally disclosed or deliberately stolen:
- Place a "Fraud Alert" on your credit reports, and review those reports carefully. Notifying one of the three nationwide consumer reporting companies is sufficient.
- Close any accounts that have been tampered with or established fraudulently.
- File a police report with local law enforcement officials. This is an essential step in claiming your rights.
- Report your theft to the Federal Trade Commission, online, by phone, or by mail.
Thinking of bidding in an online auction, or selling some of your stuff? Internet auctions are a great resource for shoppers and sellers, but you need to watch out for some pitfalls. Here's how:
- Evaluate how soon you need to receive the item you're bidding on, and whether you can tolerate it being delivered late, or even not delivered. Many complaints about Internet auction fraud involve late shipments, no shipments, or shipments of products that aren't the same quality as advertised.
- Carefully consider your method of payment. Learn what recourse you have if something goes wrong. Don't send cash, and don't use a money wiring service.
- Don't reply to "phishing" emails: messages that look like they've been sent by an auction website or payment service and ask for your password or other personal information.
- Know who you're dealing with. Avoid doing business with sellers you can't identify, especially those who try to lure you off the auction site with promises of a better deal. Confirm the seller's telephone number in case you have questions or problems.
- Know exactly what you're bidding on. Read and print a copy of the seller's description of the product closely, especially the fine print. Save copies of all emails you send and receive from the auction site or seller, too.
Thinking of taking your laptop on the road? It's a great way to work and stay in touch when you're out and about, but you need to take some steps to keep your laptop safe–and in your possession. Here are some things you can do to keep track of your laptop:
- Treat it like cash.
- Get it out of the car,don't ever leave it behind.
- Keep it locked. Use a security cable.
- Keep it off the floor. Or at least between your feet.
- Keep passwords separate. Not near the laptop or case.
- Don't leave it "for just a sec"! No matter where you are.
- Pay attention in airports. Especially at security.
- Use bells and whistles. If you've got an alarm, turn it on.
Malware, short for "malicious software," includes viruses and spyware to steal personal information, send spam, and commit fraud. Criminals create appealing websites, desirable downloads, and compelling stories to lure you to links that will download malware – especially on computers that don't use adequate security software. But you can minimize the havoc that malware can wreak and reclaim your computer and electronic information.
If you suspect malware is on your computer:
- Stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information.
- Confirm that your security software is active and current. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall.
- Once your security software is up-to-date, run it to scan your computer for viruses and spyware, deleting anything the program identifies as a problem.
- If you suspect your computer is still infected, you may want to run a second anti-virus or anti-spyware program – or call in professional help.
- Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do to avoid it in the future.
The Internet allows investors to access account information 24/7, initiate securities transactions from virtually anywhere, and quickly and inexpensively research investment opportunities. But the Internet is not fail-safe. To invest wisely online:
- Protect your passwords for your online investment accounts. Keep passwords in a secure place, and don't share them on the Internet, over email, or on the phone.
- Use anti-virus and anti-spyware software, and a firewall, and keep them up-to-date. If your firewall was shipped in the "off" mode, be sure to turn it on and set it up properly.
- Avoid using public or other shared computers to access your financial accounts online, and use extra caution when using your own computer in a wireless "hot spot."
- Don't believe everything you read in online newsletters, investing blogs, or bulletin boards. Fraud artists often float false information and "hot tips" as part of their efforts to rip-off investors or manipulate the market for a particular security.
- Turn to unbiased sources when researching investments, such as the U.S. Securities and Exchange Commission, your state securities regulator, and securities industry self-regulatory organizations (including FINRA, Amex, and Nasdaq).
Shopping on the Internet can be economical, convenient, and no less safe than shopping in a store or by mail. To help keep your online shopping experience a safe one:
- Know who you're dealing with. Confirm the online seller's physical address and phone number in case you have questions or problems. .
- Know exactly what you're buying. Read the seller's description of the product closely, especially the fine print.
- Know what it will cost. Factor shipping and handling — along with your needs and budget — into the total cost of the order.
- Pay by credit or charge card, for maximum consumer protections.
- Check out the terms of the deal, like refund policies and delivery dates.
- Print and save records of your online transactions.
Peer-to-peer (P2P) file-sharing allows users to share files online through an informal network of computers running the same software. File-sharing can give you access to a wealth of information, but it also has a number of risks. You could download copyright-protected material, pornography, or viruses without meaning to. Or you could mistakenly allow other people to copy files you don't mean to share.
If you're considering P2P file-sharing:
- Install file-sharing software carefully, so that you know what's being shared. Changes you make to the default settings of the "save" or "shared" folder might cause you to share folders and subfolders you don't want to share. Check the proper settings so that other users of the file-sharing network won't have access to your private files, folders, or sub-folders.
- Use a security program from a vendor you know and trust; keep that software and your operating system up-to-date. Some file-sharing software may install malware or adware, and some files may include unwanted content.
- You may want to adjust the file-sharing program's controls so that it is not connected to the P2P network all the time. Some file-sharing programs automatically open every time you turn on your computer and continue to operate even when you "close" them.
- Consider setting up separate user accounts, in addition to the administrator's account, if your computer has multiple users. Limiting rights on user accounts may help protect your computer from unwanted software and your data from unwelcome sharing.
- Back up data you don't want to lose in case of a computer crash, and use a password to protect any files that contain sensitive information.
Phishing is a scam where Internet fraudsters send spam or pop-up messages to lure personal and financial information from unsuspecting victims. To avoid getting hooked:
- Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser — phishers can make links look like they go one place, but that actually send you to a different site.
- Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
- Don't email personal or financial information.
- Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
- If you've been scammed, visit the Federal Trade Commission's Identity Theft website at ftc.gov/idtheft.
Social Networking Sites
While social networking sites can increase a person's circle of friends, they also can increase exposure to people with less than friendly intentions.
Here are tips for using social networking sites safely:
- 1Limit the amount of personal information you post- do not post information that would make you vulnerable, such as your schedule or routine.
- 1Remember that the internet is a public resource- only post information that you are comfortable with others seeing, once you post information or pictures online, you can't retract it.
- 1Check privacy policies - Some sites may share information such as email addresses or user preferences with other companies.
- 1Evaluate your settings - Take advantage of a site's privacy settings. The default settings for some sites may allow anyone to see your profile, but you can customize your settings to restrict access to only certain people.
- 1Be skeptical - Don't believe everything you read online. People may post false or misleading information about various topics, including their own identities.
- 2Know what action to take- If someone is harassing or threatening you, remove them from your friends list, block them, and report them to the site administrator.
- Avoiding sex talk online.
3When you begin college, you are probably on your own for the first time. You are taking on new responsibilities, making your own decisions, and becoming part of the campus community. There is an important role that you can play in your college's cybersecurity efforts that combines these elements of responsibility, decision-making, and community. Check out the STOP. THINK. CONNECT newsletter from www.staysafeonline.org for tips and advice on Internet Safety and Security Tips for College Students by clicking here for ideas on how to keep your devices and your information safe.
Spyware is software installed on your computer without your consent to monitor or control your computer use. Clues that spyware is on a computer may include a barrage of pop-ups, a browser that takes you to sites you don't want, unexpected toolbars or icons on your computer screen, keys that don't work, random error messages, and sluggish performance when opening programs or saving files. In some cases, there may be no symptoms at all.
To lower your risk of spyware infections:
- Update your operating system and Web browser software, and set your browser security high enough to detect unauthorized downloads.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.
- Download free software only from sites you know and trust. Enticing free software downloads frequently bundle other software, including spyware.
- Don't click on links inside pop-ups.
- Don't click on links in spam or pop-ups that claim to offer anti-spyware software; you may unintentionally be installing spyware.
Voice over Internet Protocol — VoIP — is a new way to make and receive telephone calls using a broadband Internet connection rather than a regular phone line. A VoIP service may offer unlimited local and long distance calls for a fixed price, as well as features like integrated calls and email, and access to your phone line from many locations. Keep in mind:
- Some services allow you to use a traditional telephone through an adaptor, but others work only over your computer or a special VoIP phone.
- Costs include a monthly calling plan as well as a monthly bill for your broadband service.
- VoIP services don't have the same access to some services — including the 911 emergency system and directory assistance — as traditional telephone service.
- If you lose your Internet connection (or lose power), your phone service will be out as well.
- VoIP services can be attacked by computer viruses, worms, or spam over Internet telephony (SPIT).
Wireless Internet access can offer convenience and mobility. But there are steps you should take to protect your wireless network and the computers on it.
- Use encryption to scramble communications over the network. If you have a choice, WiFi Protected Access (WPA) is stronger than Wired Equivalent Privacy (WEP).
- Use anti-virus and anti-spyware software, and a firewall.
- Most wireless routers have a mechanism called identifier broadcasting. Turn it off so your computer won't send a signal to any device in the vicinity announcing its presence.
- Change the identifier on your router from the default so a hacker can't use the manufacturer's default identifier to try to access your network.
- Change your router's pre-set password for administration to something only you know. The longer the password, the tougher it is to crack.
- Allow only specific computers to access your wireless network.
- Turn off your wireless network when you know you won't use it.
- Don't assume that public "hot spots" are secure. You may want to assume that other people can access any information you see or send over a public wireless network.