The title of this blog says “Stay Safe Online” but really, we are going to talk about all the ways you can keep your computer safe and secure, not just how to when you’re browsing the web. When we use our computers day to day the thought of security takes a backseat to timeframes and automation. This can lead to a slow running computer, programs not functioning correctly or worse, your personal information being stolen. I’ve broken this post into sections to make it easier to navigate. Please take note that this guide assumes you are using a Microsoft Windows based computer.
Every computer needs an antivirus program. Let me repeat that, every computer needs an antivirus program. There is a lot of debate going back and forth as to which is the best. When choosing an antivirus the things you need to look at are the amount of computer resources it takes to run the program and the rate at which it catches viruses and blocks them. There are several websites that rate these programs from greatest to lowest and to be honest, you can’t really trust that. They are getting paid by the program they rate the highest. The easiest way to tell is that each site rates a different program highest and provides different data results on the exact same “lab test”. It’s my opinion that your best option is Windows Defender. It’s a free product that comes with windows 7 and 8. It can also be downloaded using the Windows Update Tool.
While Windows Defender will protect real-time malicious treats, there are a lot of malware that’s missed simply because on a technical level, they are regular programs that you allow, but still act like malware. These are things like search bars or ad servers that are attached to installer files that you download (think WeatherBug). The tool I use and recommend is Malwarebytes. It’s easy to use and picks up everything you will need it to. It’s free to use (they do have a paid for version) but you will have to manually scan your computer. I do a scan every week at the start of the week. You can download Malwarebytes here.
Email is one of the biggest spyware and malware threat. This is because spammers, or people trying to steal your information, are getting outstandingly good at passing fake emails as the real deal. When this happens you use the email as it was real, and end up downloading or installing some type of spyware / malware or virus, or worse… you give away your personal and sensitive information on a fake website. I’ve seen this happen a lot with emails coming from a bank asking for you to update your security settings. When you click on the link, it takes you to a fake website setup to look exactly like the real one and ask you to login. Once you “login” your username and password are sent or stored to be used against you later. Most likely not to steal anything from you directly, but to sell your information to someone who wants to.
There are several things that can help you stay safe when using email, and some of those should be happening in the background for you. Whichever email provider you use should be providing virus scanning at the server level. This will take care of any nasty file attachments that contain malicious code. If for some reason they do not provide server level virus scanning, your virus scanner should do its job in catching these files before they do any harm. The second part of good email safety is having a good spam filter. This will keep a good portion of these harmful emails from ever reaching and you potentially making a mistake. The spam filtering TillerPhish uses is Spam Assassin. It has a long list of features and we feel all around the best and most cost effective option. If your email provider does not provide spam filtering you must rely on built in filtering tools in your email client (think junk folder in OutLook). While this will work with some, it’s not nearly as robust as a server side spam filter. The final part of email security is you. Your diligence in determining a good email from a bad one and not just blindly clicking away. Here are a few tips you need to remember for doing your part in staying safe:
- If you get an email that in any way references an account for a company or website or bank that you have not physically signed up for or are a member of, then the email is most likely fake and needs to be deleted without follow through.
- If an email that you are unsure of has a file attachment it’s best to be deleted. The most common used file attachments for malware emails are ZIP, PDF (malicious code can be attached to a PDF document), HTML, DAT, DOC, and BAT
- No subscription or membership based website will send emails with attachments, it would cost too much. If for some reason there is a file they need you to have they will send a link for you to download it, as this is more cost effective. So, if for instance your bank has a document they need you to review and sign they will never send it as an attachment, so watch out for emails from these types of places that has an attachment.
- If you receive an email asking you to verify your information by following a link or by clicking a link to do anything really, there is a simple way to determine if it’s legit. If you hover your mouse over the link, the actual end point website will be displayed in a little pop up box. If this URL does not match the sender then it is fake. For example, if you get an email from PayPal asking you to login and verify info, but the end point URL you see in the pop up box is “paypal-gateway.ca” you can 100% certify it’s fake, because it’s well known the URL for PayPal is simply “paypal.com”
Web Browsing Safety
The best way to stay safe browsing the web is to browse the web in a safe way. This means not going to websites that are prone to pushing bloat ware and spyware. These sites include, but are not limited to, pornographic, free games, free online movies or TV shows, or any other type of category that seems to reside in the darker side of the net. I know though, that it’s not always possible to stay away from such websites, and for those times there is one super easy thing you can do to stay safe: use Google Chrome. Chrome does a wonderful job at analyzing a website before it feeds it to you and blocking things that are potentially hazardous. Even website that are on the “up and up” but have been infected are blocked by Chrome. You do have the option of going along the path anyway, but you have to verify that’s what you really want to do. You can download Chrome from here.
This one can be tricky for some people. You could be downloading what you think is a funny picture of cute cats, but in actuality is a harmful rootkit that steals your information. There really is no rhyme to reason that we can talk about for you to follow, so the best solution will be on you to scan each file you download before you open it. There is a free online scanner that I use that will scan a file against all major virus scanners and give you a report of how safe the file is to open. I would recommend using it for each and every file you download from the internet. Check it out: https://www.virustotal.com
Personal Information Safety
Keeping your personal information safe online will ultimately fall in your hands. The best advice I can give to you is to keep your wits, don’t give away personal information unless you are 100% certain the information is securely going to the correct source, and when possible use fake information until the source can be verified… you can always update your information at a later time to be correct.