Computer security guidance from Hassocks Neighbourhood Watch

If you were to believe all the hype reported in the media, you'd probably never use your PC again for fear of getting a virus/getting hacked/personal info read/credit card number obtained, etc.  However, with a few precautions the risks can be minimised.  Read on...

VIRUSES...
The biggest threat to your computer's security comes from computer viruses.  If they get onto your PC they can infect various applications, deleting or overwriting files and can reproduce themselves to pass on to others, usually via your e-mail address book.  Years ago they came in via floppy disks, today they're mainly introduced via e-mail attachments, dodgy websites and unsavoury downloads.  Never open an attachment if the e-mail has an odd title such as 'A poem for you', 'Load this great screensaver now!', etc, even it appears to come from a known contact.  Delete it off your PC straight away (shift, delete).
Purchase, set-up and keep up-to-date good quality anti-virus software.  It's worth reading the user guide to set it up correctly and get updates automatically in the background.  They're some free anti-virus products available (check out AVG), but you're better off purchasing one from a specialist company.
Only download files you trust, from known sources, and if you're at all unsure run them through your virus checker before installing.  A searchable database of known viruses and a remove tool for certain ones can be found at Symantec.  F Secure provide latest security alerts via their RSS feeds and Trend Micro have a good online virus scanner.
Don't get taken in by virus warning hoaxes (see Hoax-Slayer), usually forwarded to you via e-mail from well meaning friends.  They're easy to spot as they usually contain lots of exclamation marks, big bold red text and dire warnings of what will happen if you don't delete certain files and it urges you to forward the mail onto everyone in your address book.  Check at F-Secure or Net Security first to confirm the hoax and gently inform the sender they were had!  Don't pass on the hoax warning, it's nothing but a chain e-mail designed to spread panic and bring down e-mail systems!  Although many are harmless, it's best not to pass on chain e-mail anyway, your friends won't thank you if you pass them a virus or cause unnecessary worry.
Latest online scams here.
Another risk is from spyware, usually unknowingly introduced from freeware or unsavoury websites.  Lavasoft have a free spyware scanner called Ad-Aware and Windows Firewall is available for Windows XP SP2 and Vista.

Windows Security Centre in Vista can monitor your computer's Firewall, anti-virus, anti-spyware, anti-malware and Internet security settings for you and alert you if attention is required.

HACKERS...
Hackers try to access your PC's files, destroy them or access your personal information.  Your first line of defence against hackers is a good firewall.  Many broadband routers incorporate a reasonable firewall (check it's set-up correctly) and Windows XP SP2 has an updated version of the original ICF XP one.  Windows Vista also incorporates a much improved firewall, called Windows Defender.  However, these can't control which applications on your PC are allowed Internet access, so treat these as a minimum.  The free ZoneAlarm, has application control and the Pro upgrade option is well worth considering.  However, you're better protected by purchasing a good quality firewall and keeping it up-to-date.  Read the guide to set it up correctly.
A good firewall will stealth unused ports on your PC, the route in that hackers usually take, and render them invisible on the Internet.  They'll also prevent Trojans (a program that allows a hacker to look at your PC as if it were their own) from operating, control which applications on your PC are allowed Internet access, control the sending of personal information and the running of Active X and Java Applets.  With an 'always on' broadband connection and Wi Fi, a good firewall is essential, best of all is a Security Suite that includes anti-virus, firewall, anti-spyware, spam filtering and network intrusion detection.
Having said all this, even a good firewall can be broken through by a determined hacker, but as with other types of crime, they'll more than likely look for an easier target.  See Get Safe Online.

To see if your PC is vulnerable to attack you can run the security check from Symantec.

COMPUTER MAINTENANCE...

Many users assume they've got a virus when their PC starts malfunctioning.  Often, it's just poor maintenance that can cause anything from it refusing to boot, applications refusing to run, freezing up, strange things happening or it just taking a long time to do things.  You wouldn't expect a car to run trouble free if you didn't maintain it and the same is true for your PC.  A bit of time spent in TLC now will save a lot more time, worry and probably expense in the future!
Remove clutter - Keep files and folders organized and tidy and delete those no longer required - remember to delete from the recycle bin too!  Back-up vital files to removable media such as CD/DVD/flash card/ext. hard disk, etc.  Uninstall unused programs with the program's own uninstall utility where possible, removing manually any files it reports it couldn't remove.
Maintenance utilities - Most versions of Windows allow you to set-up and run routine tasks automatically at intervals you set.  Some tasks need doing often, like the Scan Disk utility and virus/firewall updating and scanning, others like the Disk Defragmenter need doing less frequently depending on how much use your PC gets.  See your user guide/manual for information.
Many applications can be updated via the manufactures' websites.  Often, issues discovered after initial release are fixed and small improvements made.  You should regularly check the Microsoft website for critical updates to the operating system and Internet Explorer/Outlook Express/Windows Mail and Office.  Many security loopholes are plugged with fixes on an ongoing basis!  For other browsers and e-mail client programs, see the relevant companies' websites.

CHILDREN'S PC SECURITY...
Blogging, forums, chat rooms newsgroups, gaming, podcasting and P2P TV are all modern social networking facilities popular with children.  They aren't dangerous places in themselves, however the anonymous nature of the Internet means the portals are often exploited by paedophiles to groom and meet children.  It's vital parents and children understand the risks.  The Harm Reduction initiative of the Child Exploitation and Online Protection Centre (CEOP) launched Thinkuknow in 2006 with info and advice for kids, parents and teachers and Chat danger has some useful info too.
Parents should make themselves aware of the web/mobile/gaming technologies used by their children and make them aware of the risks.  They should take an interest in what their kids are doing on the web and watch out for anything untoward.  See Parents Online.
Children and young adults should never give out personal information such as their name, address, phone numbers or school/college to people they meet online and should be very wary of the information they post on their profile on social networking sites such as YouTube, MySpace, Facebook, Bebo, etc.  Also they should be wary of uploading any media (podcast, video, images) that could compromise themselves.
The Internet can be a valuable source of information for children with virtually unlimited resources for homework and school projects.  In fact, it's a valuable resource for everyone!
Software can be purchased to control what can be viewed, sometimes it doesn't do much more than you can do achieve by careful setting up.  The help menu files are always worth a look to see what can be done to increase web security.  See Net nanny too.  A simple action to restrict web access on your home network can be made by setting a time window and/or inbound and outbound policies in your router for the LAN port(s) used by your kid(s) PC(s) or game consoles.
Please also see Web Security up there on the right >

Sussex Police have an Internet Guide for parents (now somewhat dated) which can be downloaded here:
Download Internet Guide (182KB)
Downloading and Printing info here.

Alternative web browsers and e-mail client programs - many open source and free - are available that are more secure than Microsoft, sometimes just because they're not Microsoft so don't get targeted as much!  The open source Firefox is a well regarded modern browser with many security options plus lots of other benefits.  Opera is another web browser worth a look.  At the very least ensure you're using the latest Internet Explorer 7 - it's much more secure than the aged IE6!  Both Thunderbird and Pegasus Mail are good, secure e-mail client programs.
For help setting these up see Wurd and select 'browsers' or 'e-mail' on the left menu.

ONLINE FRAUD...
Some years ago the media was full of security breaches such as online bank customers being able to access other customers accounts, credit card numbers being collected by fraudsters and so on.  Now things are much more secure and there's no reason why online services cannot be used with confidence, in fact, it's probably more secure to shop and bank online than in the High Street if you follow simple precautions.
When doing any transactions online always look for the padlock symbol on the bottom right of the status bar in your web browser and the 'https' protocol in the address bar - the 's' signifying a secure site.  This means the site uses at least 128 bit encryption and any information you enter into a field, such as your credit card number, will be scrambled when sent.  Also read the site's security policy, the best ones require the use of Digital Certificates for online banking.  All the passwords and security questions needed may seem like a pain, but it all helps to prevent fraud and becomes quite straightforward with use.  Don't use AutoComplete incorporated into some modern web browsers for completing sensitive personal information, such as bank details.
The websites of the major banks have plenty of information on Internet banking and current scams, see Bank Safe Online.
Latest online scams.
 

WEB SECURITY...
In order to maintain your surfing privacy, there are many things you can do - the following just scratches the surface!
Always keep your operating system, browser and e-mail programs up-to-date by installing the latest security updates.
Many websites (including this one!) use analytical systems to retrieve information from your PC when you visit, such as what site you came from and your operating system and browser.  This information is often used to improve the site and isn't usually a security problem!  Whatever browser or e-mail client you use, you can set-up security features.  The bias here is towards Internet Explorer (IE), Outlook Express (OE) and Windows Mail (for Vista) as these are by far the most common in use by users of Hassocks NHW website.  Others follow a similar procedure - see your application's menu bar help.

All websites that place cookies or use visitor logging and tracking systems, including voluntary ones such as this one, should have a clearly written Privacy Policy in place.  Further, they must inform visitors on their options for preventing cookies being placed on their PC.
View our Privacy Policy here.

Cookies are usually harmless and are small files placed on your PC by websites you visit.  Among their uses is to customise the web page to your preferences and to enable the page to load faster.  This site uses cookies to display the date of last visit and preferred style (for accessibility), for instance.  You can control how cookies are handled in later browser versions - Firefox and Opera are particularly good.  In IE go to Tools>Internet Options>Privacy>Advanced and allow first party and session cookies, disallow third party ones as sometimes sites use cookies to trigger pop-ups ads from third party sites.  You can also control cookies on a site-by-site basis.  To delete them go to the general tab.

Temporary Internet Files are stored on your PC so you can view pages offline, but these days with broadband this is unnecessary.  You should delete them: Tools>Internet Options>General tab (in IE)>Delete Files, and clear history content too.  Set your browser to the minimum disk space to store Internet files in: Settings.  To remove what you enter in online forms, go to the Content tab and delete everything in AutoComplete (forms and passwords) and personal info in My Profile.  Firefox can be set to clear private data on closing the browser.
The Advanced tab in IE also has some security settings towards the bottom of the list, ensure both 'use SSL' boxes are checked, also the three 'warn about' boxes at the list end and uncheck 'enable profile assistant'.

Internet Zones - To control what zone you browse in, select Tools> Internet Options>Security.  Usually the Internet zone is adequate, for more precise control click 'custom' and use the slider.  For further control you can put sites you don't want to allow access to in the restricted zone and operate in this zone.  This is useful for blocking annoying pop-up ads, over time by putting ad sites in restricted you can reduce the annoyance considerably!  A good firewall can allow you to do this as well as block cookies.

Pop-up ads - Auto pop-up windows that appear when you visit a website are not only a nuisance, they can be a security risk too.  They can install spyware/adware software on your computer without your knowledge, an example is the installing of a premium rate dialler that charges £1.50/minute, see scams!  Disabling JavaScript can prevent many pop-ups, but it's a bit too brutal as many useful site functions can be prevented from running.  Both  Firefox and Opera browsers afford more precise control of pop-ups and JavaScript and pop-up blocker software can be purchased too.  Using the Firefox browser blocks them by default, or installing the Google toolbar with IE is yet another way to block auto pop-ups.  Using Windows Defender or Ad-Aware software from Lavasoft can dig out and remove any spyware that may have been installed without your knowledge.

Parents can set-up their web browser to prevent undesirable content from displaying, in Internet Explorer have a look in Tools>Content>Content Adviser, enable it and click on settings and set-up the level of what to allow, then protect your settings with a password.  Note that this ratings feature relies on the websites employing this rating system, not many do now.

E -mail - Every e-mail you send also sends information about you and your computer.  Select an e-mail message and have a look in File>Properties on the details tab.  This info can be useful in tracking mails sent to you.  To make Outlook Express (OE) more secure, select Tools>Options and the security tab.  Make sure you check 'restricted zone' and check the next two boxes to 'warn' and 'not allow'.  Go to the connection tab and click the change button - this takes you to the IE settings again where you should click the security tab and restricted zone, make sure it's set to high, then click custom level and ensure scripting, active scripting is disabled.  This goes a long way in protecting your PC from e-mail viruses.  Back on the general tab of OE options, uncheck 'automatically log onto MSN messenger', any other messenger service you use should also be disabled as they all present a security risk.  Microsoft Outlook is supposedly a bit more secure than OE and you can use Word to compose your messages.  For further info on customising OE, see Wurd and select e-mail on the left menu.

An EEC law came into force on 11th December 2003 which outlaws the sending of unsolicited e-mail within Europe, however this has proved rather ineffective as much spam originates elsewhere.

Blocking spam and phishing attacks -  Of course it's better to not get spam (junk e-mail) in the first place.  Only give out your e-mail address when necessary and to trusted friends and organisations.  Always tick the 'I do not wish to receive mailings that may interest me' box (opt out), where provided, when you have to give your address to a company.  If your address appears on any websites, ask that the webmasters use appropriate web technology to present it in such a way that makes it difficult for automated address harvesters to collect.  Although relatively harmless, spam can be extremely annoying, however filters can be set-up within many e-mail programs to filter it out.  In OE go to Tools>Message Rules>Mail, set-up a rule and enter common words found in spam mails and set another rule to only allow mail with your e-mail name in the 'to' line.  See the help menu for more info.  Consider using spam filtering software, or the open source Thunderbird e-mail program has an excellent 'learning' spam/phishing filtering system.  Windows Mail has built-in junk and phishing mail filters.  Finally, never tick the box or click the link to be removed from the spammers mailing list - this just confirms to them they've reached a working e-mail address and you'll get a whole lot more!  See Wurd (select 'e-mail' on the left menu) for more info on filters and blocking spam.

Finally, if you find you're not receiving expected e-mail check your spam filtering as it could be removing wanted mail.  Or it could be your ISP's filters removing it - log-in to your account to check and adjust.  Despite what you may think, e-mail rarely just vanishes into cyberspace!

If you ever receive abusive, threatening, racist or pornographic e-mail, inform your ISP without delay, they can trace it and inform the police.  You can trace an IP address too, see DNS Stuff.  Use a more secure e-mail client, such as Thunderbird.

Don't get paranoid about computer security!
Unless you're using your computer for anything illegal or dodgy, no one's really that interested in it.  Out of the millions upon millions of PCs worldwide, the chances of a hacker picking out yours to attack is very unlikely, you've probably got more chance of winning the lottery!  If you run a good anti-virus and firewall software, keep it and your installed software up-to-date and spend a little time checking security settings as above then you'll go a long way to avoiding trouble.

Please report any broken links by  to the webmaster.

Page last updated April 2008