Whether you’re using a computer connected to the Internet from home or office, your computer is a target. Hackers are often looking for credit card numbers, bank account information and any other information they can use for their own gain. It’s not just money-related information they’re after; once they invade a computer, intruders can use the hard disk, processor and Internet connection to attack other computers. Many personal computers are especially vulnerable because in general the average computer user does not realize the risks of being on a network and the protections that are available to guard against these threats. All computer users need to educate themselves and understand the threats in order to more effectively protect their personal information and computer systems.
Computer Threats and prevention
Various computer threats and their prevention are
Viruses
Various types of viruses, their spread and prevention are
- Virus: a program that replicates and infects another program by inserting or attaching itself; basically “piggybacking” on files already present on your computer.
- Trojan horse: a program that does not replicate or copy itself, but causes damage by tricking user into opening an infected file.
- Worm: a program that makes copies of itself specifically intended to be distributed to other computers it can reach, such as via e-mail or network connections.
Methods of spread
Viruses spread through a variety of methods. The most common methods are
- E-mail attachments
- Instant Messenger or Internet Relay Chat (IRC) file transfers and web links
- File downloads from hacked or untrustworthy web sites
- Using infected floppy disks, CD-ROMs, USB keychain drives, etc.
- Insecure computers being hacked and configured to send out viruses
Prevention
- Do not open unknown or unsolicited e-mail attachments as they may have infected attachments.
- Do not download files from websites you do not recognize or trust.
- Do not use file-sharing software such as LimeWire, Kazaa, eMule or BearShare as they also spread viruses through the files they download.
- Keep the operating system updated with latest fixes for new viruses, worms, and trojan horses.
- Use a firewall as it prevents unauthorized use and access to computer.
Phishing
The act of sending an e-mail to a user and falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. It is also called brand spoofing or carding. Prevention involves
- Never respond to emails that request personal financial information.
- Only visit banks’ websites by typing the URL into the address bar.
- Be cautious on opening attachments and downloading files from emails.
- Keep a regular check on your accounts.
- Check the website you are visiting is secure as it should start with “https://” (“s” for security) rather than the usual http:// and a lock icon on the browser’s status bar.
- Be cautious with passwords and personal data.
- Keep your computer secure by installing anti-virus software and keeping it up to date. Also use anti-spam software to stop phishing emails.
- Always report suspicious activity.
Spyware
Any software that covertly gathers user information through the user’s Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. Its prevention involves
- Using a firewall – Installing a firewall provides a helpful defense against these hackers.
- Update software – Update by automatic updating for all the latest critical and security updates.
- Adjust browser security settings – You can adjust your web browser’s security settings to determine how much-or how little-information you want to accept from a website. It is recommended that you set the security settings for the Internet zone to Medium or higher.
- Download and install Anti-Spyware protection – Install anti-spyware software.
- Surf and download more safely – The best defense against spyware and other unwanted software is not to download from un-trusted sites.
Identity Theft
It is a crime whereby criminals impersonate individuals, usually for financial gain. If a thief is able to access this personal information, he or she can use it to commit fraud in your name. Its prevention involves
- Watching for shoulder surfers who see a credit card PIN or password by peering over shoulder.
- Shred everything so none can take your personal information from trash, by documents through a shredder.
- Destroy digital data when selling or disposing computer system, hard drive, CD, DVD, or backup tape as it may have some personal data.
- Be diligent about checking personal financial statements.
- Analyze your credit report annually.
- Online shoppers need to know that the company they are doing business with is legitimate and that they take the security of your personal information seriously.
Mobile Device Security
As mobile devices become more part of our work, personal information, and sensitive data are stored on them which can be lost, stolen, or even hacked. Prevention involves
- Keep mobile device in sight, within reach and take appropriate physical security measures to prevent theft or enable recovery.
- For laptops, use cable locks.
- Use tracing and tracking software for laptops, cell phones, tablets, etc.
- Lock it with a password. Use auto-lock and require a complex password, also consider requiring the password to be re-entered after a certain period of inactivity.
- Avoid using auto-complete features that remember user names or passwords. If someone gains control of your device, they will have access to your accounts.
- Where applicable, run anti-virus software.
Wireless Security
A wireless network sends signals through the air instead of a wire. Thus, others can easily intercept the information being sent when using a “unsecured” public or “open access” wireless connection. Its prevention involves
- User authentication for accessing an wireless network
- Proper authorization of access point and network interface cards
- Data encryption (WEP or WPA/WPA2) which is transmitted
Using personal firewalls on computers
