Avoiding common computer and internet pitfalls

What are they?
 

The Internet was originally designed with princples of trust and open communication in mind. That helps make the Internet a great source of news, information, education and entertainment. Unfortunately, it also means that computers on the Internet are not always very secure, and hackers who take advantage of the openness of the Internet can cause a lot of damage.

Your web browser, e-mail program, instant message client, and countless other programs give you a window onto the Internet, but may also put your computer at risk of being hacked. That's why it's important to protect your own computer from Internet-based intrusions.

Don't panic, though! With the right tools, it's not very difficult to protect your computer! In this article we've listed several pitfalls that are common for computers and computer users, and what you can do about it. And you may not even have to spend a dime!

Viruses and Worms

What are they?

Viruses and worms are malicious computer programs designed to spread from computer to computer. A virus or worm can enter your computer through e-mail, or programs you've downloaded, or through open ports on your computer (see the description of firewalls for more information on open ports). Viruses and worms sometimes are programmed to do destructive and malicious things, such as send copies of itself to everyone in your address book or delete files on your computer

What can you do?

Make sure you have an anti-virus program installed. Some good ones include:
AVG Antivirus (free for home users)
McAfee VirusScan (commercial)
Norton AntiVirus (commercial)

Make sure your anti-virus program updates itself every day or so with the latest virus information. Your computer may have come with a free 30-90 day trial version of an anti-virus program, but if you don't purchase the program at the end of that period, it will no longer update itself and will be unable to deal with new virus and worm threats.

Some e-mails with virus-infected attachments may appear to have come from someone you know. Be careful not to open e-mail attachments unless you're sure you know what the attachment is.

Operating system updates

What are they?

Periodically companies like Microsoft and Apple will release updates for their operating systems (i.e. Windows and MacOS) and other products. These updates often are security and enhancement patches, designed in response to bugs and vulnerabilities as they are discovered. It's important to have these fixes to make sure your operating system is up-to-date.

 What can you do?

You should download and install any critical patches released by Microsoft (if you have Windows) or Apple (if you have MacOS). You can get these by visiting the following websites and following the instructions you'll find there:
Microsoft Windows Update
Apple Featured Software (or use the built-in "Mac OS Software Update" tool.)

Some operating systems like Windows XP will automatically download updates, then pop-up a window when you log on to your computer, telling you that the updates are ready to install. When that happens, click the icon next to the pop-up window and follow the instructions to install the updates.

Firewalls

What are they?

Firewalls are tools to block access to/and from your computer's ports. If you think of your computer as a castle, then the computer's ports are like the doors and windows leading in and out of your castle. Unfortunately, many times these doors and windows are left open, sometimes allowing hackers to use them to get into your computer.

Like a wall surrounding a castle, a firewall puts a barrier between your computer and the Internet. Although the doors and windows on your computer may remain open, the firewall makes sure nothing goes in our out without your permission. The best firewalls monitor both incoming and outgoing Internet traffic on your computer.

What can you do?

Install a firewall on your machine. A number of vendors offer firewall products:
Zone Alarm Basic Version is free and highly recommended. (Look for the "Basic" or "Free" version - you probably don't need the commercial versions for sale).
BlackICE (commercial)
Norton Personal Firewall (commercial)
McAfee Personal Firewall Plus (commercial)
Windows XP comes with a built-in firewall, although it monitors only incoming, not outgoing Internet traffic. Click here for more information on how to activate the Windows XP firewall.

Once installed, your firewall may occasionally ask you whether you want to allow certain programs to access the Internet. Read the description of the program carefully, and if you feel the program has a legitimate reason for accessing the Internet (such as Internet Explorer or Outlook Express), answer "Yes". If you're unsure, say "No".

Your firewall may pop-up windows alerting you when it blocks a suspicious attempt to access your computer. Don't panic! It is fairly common for hackers (or just curious people) to scan a wide range of computers, looking for open ports. Rest assured that your firewall is doing its job, and turn off the pop-up notifications if they get too bothersome.

Spyware and Adware

What are they?

 Have you seen ads on the web for programs that will make sure your computer's clock is always accurate? Or that will put a small, handy calendar in the corner of your screen? Or will supposedly accelerate your web surfing speed? Be careful! Many of these programs are actually either spyware or adware.

Spyware programs sit on your computer and monitor your activity (usually while you surf the web). As they collect data, they will report that data to the maker of the spyware program, which they can then use for marketing or other purposes. Adware programs will cause pop-up advertisements to appear on your screen, even when you're not surfing the web. These programs not only invade your privacy - they can slow your computer down significantly.

What can you do?

Download and periodically run a spyware/adware removal tool. Three of the best ones are listed below. There's no harm in downloading and running all three - one may catch something that the others missed.

Spybot - Search And Destroy (free)
Ad-Aware (free)
SpywareBlaster (free - stops some spyware/adware before they can install themselves)

Commercial spyware/adware removal products are also available from companies like Norton and McAfee.

Be very careful not to install programs you're unfamiliar with. Many spyware/adware products will try to install themselves on your computer, causing a window like this to appear on your screen:



Unless you're absolutely sure you requested and want the program that is trying to install itself, click the "No" button to stop the installation attempt.

Junk mail/Spam

What is it?

Junk mail and unsolicited e-mail (aka "spam") is a major annoyance for most e-mail users. Whether it's offers for lower mortgage rates, herbal supplements, get-rich-quick schemes or weight loss formulas, spam wastes your time, takes up space in your mailbox, and just keeps coming and coming and coming.

Most of the junk that fills your mailbox is unsolicited, but sometimes you can sign up for junk mail without even realizing it. Often you are required to enter your e-mail address in order to download a program or use a website. When you do that, you may be giving the company or website owner the right to send you junk mail.

What can you do?

First of all, do everything you can to stay off spam lists before you get on them! Once your e-mail address is "discovered" by a spammer, it will be put on a list and then be sold to other spammers (who will sell it to still more spammers, etc.) Once you're on a spam list, you can't get off. So how can you keep off their lists in the first place?

Guard your e-mail address carefully. Give it out only to your family, friends and acquaintences who you personally know and trust. Don't give it out to untrusted companies or web sites that ask for it.

Use two different e-mail accounts. Get a free e-mail address from companies like Yahoo or Hotmail, then use that address anytime you register for a site or order goods online. That way, even if you get tons of spam at your Yahoo/Hotmail address, you can just ignore it completely. Keep your GulfTel e-mail address for your friends, family and acquaintences only.

If you have a webpage, don't post your e-mail address on it. Spammers have software that goes through websites and "harvests" any e-mail addresses it finds on them. This is the most common way that e-mail address end up on spam lists.

If you're already getting lots of spam and want to try to get rid of it, get a spam-filtering program that will filter your e-mail as it arrives. Good choices include

SAproxy
MailShell
Spam Sleuth
McAfee SpamKiller
Norton Internet Security
Spam Bully

Don't click on any "Unsubscribe" links that appear at the bottom of spam e-mails. Spammers often use this technique to verify that your address is working. If you reply to them, they'll just send you more spam.

If nothing else works, you can always change your e-mail address (e.g. from yourname@gulftel.net to yourname1@gulftel.net). You'll have to tell your friends and family your new address, but if your old address is constantly bogged down with junk mail, it may be worth the inconvenience (and don't forget to keep your new address private!)

Don't ever buy anything being sold by a spammer. This only encourages them to continue spamming.

Pop up Advertisements

What are they?

Anyone who's been surfing the web for any length of time has seen pop-up windows - advertisements in small (or not so small) windows that pop up over or under the content of whatever site you're visiting. Many sites use pop-up windows to generate extra revenue. Some sites rely almost exclusively on pop-up ads for their revenue, and may pop-up more and more ads almost as fast as you can close them.

What can you do?

Install a pop-up blocker. The Google Toolbar is a great choice if you use Windows and Internet Explorer. It gives you quick access to the Google search engine and blocks pop-up ads at the same time.

If you find that you're getting pop-up ads even when you're not surfing the web, your computer may have spyware/adware installed on it. See the section on SpyWare and AdWare for details on how to get rid of them.

If you feel that you're pretty handy with computers, considering downloading and installing Privoxy. Privoxy is a proxy server that can strip out most pop-up ads and even the banner ads that appear on many websites. Configuring it can be tricky, however, which is why we suggest only advanced Internet users try Privoxy.

Don't ever buy anything being sold through a pop-up ad. This only encourages the makers of pop-up ads to continue using them.

Web content filtering

What is it?

The Internet reflects the culture we live in. There are countless pages on the Web with fun, exciting, informative, and educational content... but there are also lots of sites that you may find inappropriate for you and your family. To help keep from stumbling onto offensive sites, several companies sell content-filtering products that will block access to sites based on different criteria (such as known "blacklisted" sites, or by analyzing the words found on a page to determine whether that page is likely to be inappropriate or not, based on settings you specify.)

 What can you do?

First, realize that content-filtering software is not perfect. New web pages are created every day, and even the best filtering software cannot block 100% of offensive sights. Don't let filtering software be a substitue for personal vigilance and monitoring.

If you are concerned about protecting your children while they are online, visit GetNetWise, where you'll find tips for both parents and children on how to surf the web wisely, along with information on how you can protect yourself and your family.

Purchase and install a content-filtering program. Many products are available, such as:
Bsafe
Cybersitter
Cyber Patrol
NetNanny
SurfControl
S4F
We-Blocker

Scams

What are they?

Have you been contacted by an African government official who needs your help in moving millions of dollars out of the country? Have you gotten a notice from your bank that your account will be suspended if you don't immediately logon to their website and update your account information?

These are just a couple of examples of the many scams that have resulted in the theft of thousands of dollars from unsuspecting e-mail users. Here are some of the more common ones you may see:

419 Scams. Also known as "Advance Fee Fraud" schemes, these are scams where you receive a letter from someone claiming to be a high-ranking government official (usually in Africa) who needs your help in transferring millions of dollars out of his country, in exchange for which you will receive a generous cut of the funds. Those who fall for this scam are tricked into paying for customs fees, transaction fees, taxes, etc. Once the scammer has extracted as much money as possible from the victim, he disappears.

"Phishing" Scams. This variety of scam tries to trick users into revealing details of their private accounts. Usually these scams take the form of e-mails that appear to be an official communication from a company you do business with, such as your bank, eBay, PayPal, etc. The letter will usually instruct you to fill out an online form or visit a certain website and enter your name, password, social security number, etc. in order to verify your account. What the victim doesn't realize is that the website they visit is controlled by the scammer. By filling out the form, they give the scammer all the information he needs to access and control the victim's account.

Pyramid Schemes. This scam goes back almost 100 years, but is still victimizing people today. The details of the scam vary, but it usually takes the form of an e-mail containing a list of people. You are instructed to send money to the person at the top of the list (perhaps by "buying" something of dubious worth, like pamphlets), removing that name from the list, adding your name to the bottom of the list, and sending the list to 5-10 of your friends. Within a few weeks, the scammer promises, you'll be at the top of the list and people will send you money.

The scheme (also called a "Ponzi scheme") is illegal according to the U.S. Postal Service, and unfortunately only serves to make the scammer (and maybe a few other people) rich at the expense of everyone else.

What can you do?

Scammers usually play on either greed or fear Don't be taken in by scams that promise to make you rich with almost no effort on your part. As always, if it sounds too good to be true, it probably is. And don't be tricked into giving up details of your online accounts by messages that imply serious consequences if you don't. Banks and legitimate retailers only need your account details when you come to them on your own (for shopping or online banking). They do not send unsolicited e-mails demanding that information from you.

If you believe you have received an official e-mail from a company you do business with and the link you click on appears to take you to a legitimate-looking website, look at the Address: bar at the top of your browser window. Make sure the URL it displays looks correct for the site you're visiting. Don't be fooled by addresses that are close, but not exactly the same as what you're expecting (for example, the address for CitiBank is www.citibank.com. Don't be fooled by similar addresses like www.citibanknet.com or www.citibank-site.com.)

If you're about to enter your password on a site that you're not completely sure is legitimate, try entering an incorrect password to test it. A legitimate site will reject the incorrect password, but a fake site will most likely accept it.

If you suspect that you've received a scam e-mail, do some research to see what others are saying about it. Many financial institutions and retailers have links on their home page alerting their customers to scam e-mails. You can also search for key phrases in your e-mail message on sites like Google or the Urban Legends Reference Pages.

There are several governement sites set up to help consumers recognize and avoid online scams:

The FTC's list of Top Ten Dot Cons
The National Fraud Information Center
Federal Citizen Information Center - Scams and Frauds
Secret Service - Advance Fee Fraud (419) Schemes
SEC - Avoiding Internet Investment Scams

Hoaxes and urban Legends

What are they?

Have you heard about the little girl dying of cancer who wants you to send an e-mail to everyone you know? Did a friend send you a message about a new virus that can't be detected that will destroy your computer? Did you get a message telling you that Congress is getting ready to impose a tax on e-mail messages?

None of them are true. Internet hoaxes, false virus warnings, and urban legends have been circulating for years, and new ones are invented almost every day. Most of them appeal to our emotions - sympathy for someone in need, outrage over some alleged abuse, or greed for easy money. And almost all of them end the same way: "Forward this message to all your friends!"

What can you do?

Be wary of any e-mail that asks you to forward the message to everyone you know. That's a very good indicator that the message is a hoax.

Do some research to see if the e-mail is telling the truth or not. The Urban Legends Reference Pages has an excellent search engine and is a great place to start. For computer-related hoaxes, visit the Symantec Hoax Page and the CIAC HoaxBusters site.

Try entering a few keywords in a search engine like Google to see if the e-mail you received was a hoax or not. (e.g. "e-mail tax")

If you discover that you've received a hoax e-mail, consider gently pointing that out to the person who sent you the message and suggest that he/she pass the word on to anyone else who was sent a copy of the hoax e-mail.

Electrical Surges

What are they?

Although not an Internet-based threat, the damage that can be done to your computer by electrical surges can be far worse than any computer virus you might get. Lightning strikes, brownouts, and power spikes can be fatal to electronic equipment. Sensitive components in your computer can be damaged or destroyed in a split-second if a high-voltage surge hits them.

What can you do?

Buy a good surge suppressor for your computer. You can find them at any computer or office supply store for between $10-$50.

Be sure to buy one that protects your phone/Broadband line as well. Electrical surges can come through the phone wire as well as the power cables.

Make sure to buy one with enough outlets to protect all your important equipment (computer, monitor, printer, Broadband modem, etc.)

Consider buying a surge suppressor that comes with insurance. Many mid-range and upper-range surge suppressors guarantee to pay for any equipment damaged while properly connected, up to $10,000-$25,000 or more.

Consider buying a personal UPS (Uninterruptable Power Supply) instead. For less than $50, a UPS will give you "clean" electricity at the proper voltage even during brownouts and will provide a short amount of power during blackouts, giving you time to save your work and shut your computer down properly. The following companies all sell personal UPS products:

APC
Tripp Lite
Belkin