1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Security Best Practices . . .

Discussion in 'Tech Tips and Reviews' started by BobJam, Jul 12, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. BobJam

    BobJam Thread Starter

    Joined:
    Jan 10, 2005
    Messages:
    380
    Not sure if this post should be in this discussion forum or in the Security forum, but I'm making it here because it's NOT a question, but rather some comments - more of a "Tip" sort of thing - on Security "best practices". So, Mr/Ms Moderator, move this post if it's in the wrong forum.


    I hang out mostly in the "Windows NT - 2000 - XP" discussion group and I see a LOT of people making posts about malware infections (and some of them subsequently get moved to the Security forum). HiJackThis logs are a common post. It is apparent to me that a lot of people just don't follow best practices when it comes to security.

    So, with that in mind, let me suggest that these people are doing one or more of the following:

    1. Surfing the web and clicking on unknown links UNPROTECTED.

    2. Clicking on links in Instant Messaging programs.

    3. Opening suspicious Email attachments.

    4. Having emails automatically open - in OE this is known as the "Preview Pane".

    5. Opening Emails from people they don't know.

    6. Leaving your "personal"email address (I'll explain what I mean by "personal") on the web.

    Now I'll address each of these items in detail:

    1. SURFING THE WEB AND CLICKING ON UNKNOWN LINKS UNPROTECTED.

    I'm NOT suggesting that you stop surfing the web, just that you have malware protection software running (e.g. antivirus, anti -spyware, firewall) when you do.

    Ideally you want to have "real-time" protection with your anti-spyware software and "on-access" protection with your antivirus software, and run "on-demand" scans at least monthly. And make sure your definitions are up to date. If they're NOT, your malware protection software won't protect you from the latest threats.

    If you Google a lot, then you're probably going to be clicking on a lot of unknown links. And even "known" links can sometimes be disguised and be phishing scams (which is a whole 'nother topic and not the subject of this post).

    Some categories of links that most often carry malware are: porn sites (more on that in a bit), stock advice sites, and "free" downloads sites.

    Porn sites - I'm not suggesting that users voluntarily go to porn sites (though some do), but some of the names of these sites are misleading. For example, someone wishing to visit the Whitehouse site may think the URL would be "Whitehouse.com". But "Whitehouse.com" is actually a porn site. What is really the Whitehouse web site is "Whitehouse.gov".

    Porn sites will frequently hijack your browser home page, inundate you with pop-ups everytime you run your browser, and embed malware so deep in your Registry that it's hard to get out.

    Stock advice sites - There are a lot of legitimate stock advice sites, like Thomson, Morningstar, and The Wall Street Journal, but a lot of stock advice sites are just plain nasty.

    For example, stock message boards, like the ones that Yahoo maintains, can be breeding grounds not only for pump-and-dump schemes, but links that contain malware. It's a good idea NOT to click on links on these message boards - no matter how "good" the poster (who will likely be a stranger) says the stock advice is.

    Free download sites - There is a lot of good free software out there, like Spybot, ZoneAlarm, AVG, and Ad-Aware. But unless you are sure about the safety of the software you are downloading, it's a good idea NOT to download it. That's because a lot of "free" software is supported by adware and spyware that's included with it, unknown to the user. And, believe it or not, a lot of "free" so-called antispyware software actually contains spyware itself.​

    2. CLICKING ON LINKS IN INSTANT MESSAGING PROGRAMS

    I'm not suggesting here that you stop using Instant Messaging programs, like AIM, or Yahoo, or ICQ. But I AM suggesting that you refrain from clicking on links in the messages. Even if the link is from a friend who says, "Click on the link and look at the pic, it's pretty cool" - DON'T!!! That link could very well download a Trojan at the same time it's downloading that "cool" picture.

    IM's are notorious for spreading malware, so make sure and run all your security software when you run your IM program.

    I have a friend who runs ICQ, and at least once a month he gets infected with some malware he got in an IM. We've reinstalled his OS several times because we've been unable to remove the malware (maybe next time I'll send him to the Security forum here). One of these times I'll probably just say, "NO, I'm not coming over because you did what I repeatedly told you NOT to do!!"​

    3. OPENING SUSPICIOUS EMAIL ATTACHMENTS.

    Many viruses are sent in email attachments. If the attachment has a .scr, .exe, or .dll extension, then it's likely malware. There are other suspicious extensions, but I can't remember what they are right now.

    If you insist on opening an attachment, store it first to a folder named something like "Email attachments to scan", and then scan it with your antivirus software BEFORE opening it.

    Even if the attachment is from a friend, scan it FIRST. And definitely DON'T open an attachment from someone you don't know - delete the entire email.​


    4. HAVING EMAILS AUTOMATICALLY OPEN.

    In Outlook Express (OE), this is known as the "Preview Pane". DISBABLE it by going to "View>Layout" and unchecking "Show preview pane". The word "preview" is misleading, because it makes you think that it's only a snippet, like a preview of a film. BUT IT'S NOT!!! This "Preview Pane" will actually open the entire email, and thus download any viruses that may come with it. And the OE preview pane is enabled by default, and so also is the setting in "Tools>Options>Read" to automatically download all emails viewed in the preview pane.

    This is particularly dangerous when you get an email from a stranger and want to delete it first. If it's opened in the preview pane, it already too late to delete it - the damage has been done.

    I'm not familiar with other email programs, like Eudora, but they probably have something similar to a preview pane. DISABLE IT!!!​

    5. OPENING EMAILS FROM PEOPLE YOU DON'T KNOW.

    You'll have to suppress the temptation to know what this is about - especially if the title of the email peaks your curiosity. If you don't know the person, DON'T open it - delete it. If it's from someone you know or it's something important, they'll likely call you on the phone.

    People you don't know can get your email address from a number of places, not the least of which are those "Forwarded" joke emails you get from your "Auntie" that contain all the addresses of everybody on the forward list.​

    6. LEAVING YOUR "PERSONAL" EMAIL ADDRESS ON THE WEB.

    Leaving your "personal" email address on the web can make you vulnerable not only to spam, but also to malware.

    A lot of spam AND MALWARE (but not all) comes from "harvesting" programs that spammers AND MALICIOUS mailers use to "harvest" email addresses left on Internet pages. Some spammers can also harvest addresses from "Forwarded" emails.

    So, to eliminate the Internet page source of spam and malware via your "personal" email address, there are three things you can do:

    1) NEVER leave your "personal" email address on the Internet.

    Now there are some sites that absolutely INSIST that you leave an email address - like when joining discussion groups, when making a purchase, setting up your profile for your Health Insurance web site, Online banking, etc.

    For that requirement, see point #3.

    2) On discussion group postings, always "munge" your email address if you want to post it. "Munge" means to disguise it.

    For example, one of my email addresses (see point #3 for why I have more than one) is rbjamie [at] gmail.com. Notice that I typed out "at" instead of using the @ symbol. That's "munging". Most harvesters look for the @ symbol to get email addresses, so if you leave out the @ symbol by typing "at", the harvesters will not identify it.

    However, spammers are getting more sophisticated tools, and harvesters may now look for "at" when it's typed out - which is why I put it in brackets too. But then they may look for "at" in brackets too - it's a real cat-and-mouse game.

    3) THIS IS THE TIP THAT'S MOST IMPORTANT

    Get an Internet Email account - such as Yahoo, Gmail (Google), or Hotmail (Microsoft) IN ADDITION to your ISP's Email account (I call that one your "personal" email). Most of them are free.

    For Internet stuff, leave your Internet email address. That way, even if spammers figure out a way to harvest your munged address, spam will only be delivered to your Internet Email address.

    It's like having two snail mailboxes. One is for junk mail only, and the other is for "personal" stuff, like correspondence from family or friends and bills.

    Which brings me to another point on this "two email" strategy. Give your uncontaminated "personal" email address to trusted family members and friends ONLY.​

    OK . . . time to end this lengthy post.

    My final point is this: Anti-malware programs WON'T always provide 100% protection - there is no such thing as "100% protection", unless of course you throw your computer in the trash. The ultimate source of protection is your own common sense!!


    I'm sure there's a lot more that could be said for this topic and that I left out, but this is already too lengthy - perhaps other posters can append their tips to this "Security Best Practices" thread.
     
  2. aarhus2004

    aarhus2004 Gone but always remembered

    Joined:
    Jan 9, 2004
    Messages:
    1,049
    BobJam,

    Another superb post - setting a fine example; and if folk have something to add I am sure you would welcome it. In fact I would like to see a listing of websites which pose a very strong, or proven, threat to users.

    McAfee Site Advisor I find useful if ever I am unsure.

    (y)

    Ben.
     
  3. BobJam

    BobJam Thread Starter

    Joined:
    Jan 10, 2005
    Messages:
    380
    Thanks again, Ben.

    And, YES, I do indeed hope some people post their "Security Best Practices" tips here.

    BTW, I'm a "McAfee Maniac" - which is a volunteer moderator on the McAfee Antivirus discussion board. And, I run McAfee Antivirus Version 8.0i Enterprise on my machine.

    As a side note, I'll mention that I was almost thrown off these boards - for good cause too.

    Here's the story:

    I recently posted a reply to someone who posted that he wanted to make the "error" message go away on an illegal copy of XP (pirated) he had on his machine. He explained that he had gotten the machine from someone else who had later told him that it was an "uncertified" copy (Hmmmm. . . I should have suspected something right there). I responded that he could call Microsoft and explain his situation and see if they would give him a registration code, but that I doubted they would and he would probably have to come up with the cash to buy a "genuine" copy of XP.

    I should have stopped there, but I added some links to a hack that would remove that error message. Some kind souls warned me that my reference to links for a hack to remove a warning from an illegal copy of XP was a violation of the TOS (which I should have known anyway - very embarrassing, and doubly embarrassing for someone who is a moderator on another board).

    Fortunately, no one "reported" me, and I was able to DELETE my post before it was too late.

    Don't know what I was thinking when I did that, but I definitely wasn't in my "mature and responsible" mode.
     
  4. aarhus2004

    aarhus2004 Gone but always remembered

    Joined:
    Jan 9, 2004
    Messages:
    1,049
    Hello Bob,

    I am still chuckling :D after reading of your near miss. I think TechGuy(Mike) has a lot invested in this Forum and in that one area in particular he is very concerned we don't let him down.

    But the other rules are less clear and it's possible to have great fun challenging them. I sometimes use familiar-to-Brits swear words and they are not disputed. I suspect the computers involved are 'calibrated' to pick-up American English cusses!

    You have an interesting 'resume', Bob. Lots of experience and know-how too. You will have detected TSG offers a lot for all types. I have enjoyed my time here and learned enough to have made it very worthwhile. And we all enjoy humour though not necessarily in precisely the same way.

    You will make MOD here, Bob, in due course.

    Welcome and best wishes.

    Ben.
     
  5. BobJam

    BobJam Thread Starter

    Joined:
    Jan 10, 2005
    Messages:
    380
    Hey Ben,

    I see you are from "Western Canada". Want to chit-chat about that a bit, so I'll carry this over to the "Random Discussion" forum - see you there.
     
  6. aarhus2004

    aarhus2004 Gone but always remembered

    Joined:
    Jan 9, 2004
    Messages:
    1,049
    Bob, "Western Canada" in 'Random' would attract a few folk - perhaps as many as 500 but we try to keep it a big secret cos the word is partially out that this is the place to live, Which it is, especially closer to the ocean, (that's a whisper).

    I will look out for you over there, tho random is not a big part of my TSG life.

    Ben.
     
  7. hewee

    hewee

    Joined:
    Oct 26, 2001
    Messages:
    57,793
    And to me that means "trusted family members and friends ONLY" that do not forward email or CC them and show yours and others email address in the email because then you have no way who all is getting your address and doing the same thing and then your address is all over the place in other peoples email. Then one of them gets something on there PC that finds all the address and sends out spam.
     
  8. BobJam

    BobJam Thread Starter

    Joined:
    Jan 10, 2005
    Messages:
    380
    YES, hewee, I agree with you.

    But for the "Forwarding" email variety of spam harvesting, there is something you can do, though the effectiveness of this will depend on your correspondents.

    When people forward you emails, which are most often either jokes or urban legend chain emails, most of the time they'll just send out the email WITH ALL THE PREVIOUS ADDRESSES ON IT (as you said), which is the default sending format. I'm sure you recognize these when you see all those underlined addresses of people, some of who you probably know and some of who you've never heard of.

    So, let's say that Aunt Gertrude believes everything she reads in email. Auntie dear makes sure that you get every warning, every sentimental story and every petition that's going around. However, Auntie's forward list doesn't just include you. There are 37 people on her list and only three of those are relatives. 34 people on her list are perfect strangers to you. In fact, five of these are actually perfect strangers to Auntie as well. She met them in some chat room somewhere.

    Now, as soon as Auntie forwards that email that the government is going to end the social security program and make people like her homeless, 34 people whom you do not know can see your email address. 10 of those people decided to forward the message again. Each of these has a "buddy" list of approximately 10 more. That's now 134 people whom you do not know who now have access to your email address. This happens just in the first two hours since Auntie forwarded the mail to you. Of that 134 people, one could be a professional spammer, one could own a pornography site and wants business and another could enjoy sending viruses. (I'm just saying in detail what you said). Add in all the people who get the forward after that and your email address has just been handed over to hundreds of people in one day.

    So, YES hewee, I definitely agree with you.

    There are a couple of solutions to this though:

    1) Ask Auntie to stop forwarding email to you with other people on the list, and explain to her how she can "cut" those addresses out BEFORE emailing TO ANYBODY

    2) Ask Auntie to forward to you AND OTHERS using only the blind carbon copy (bcc)feature, or

    3) Just ask Auntie to stop forwarding those sorts of things to you anyway.​

    As I said, the success of this depends on your correspondents willingness to do what you ask. Ask Auntie nicely. Actually, if you're rude and Auntie doesn't like you anymore and takes you off her mailing list, you've really accomplished what you wanted to do anyway . .

    One more thing. My own son, who is an Attorney, kept forwarding chain emails to me. I sent an email to him asking him to do #1 above. I continued to get forwarded emails from him with no changes as I had asked. So then I asked him to do #2. Still no change. Finally, I told him to do #3. I haven't gotten any emails from him since. We still talk on the phone (he's on the East Coast, I'm on the Left Coast), but neither of us mentions this email thing we had going. It's like it never happened.
     
  9. hewee

    hewee

    Joined:
    Oct 26, 2001
    Messages:
    57,793
    I had to tell my cousins over and over about the way they emailed but they never got it tru there head. After I changed ISP's they no longer had my ISP address either but a web base address. Even then they keep doing and I keep telling them. So now I don't get emails from them and it's sad but hey do the math of send to 10 other and then those 10 sent to 10 other and 1000's and millions can have your address in no time at all.
    I was email emails that had 100's of address in them and was forward so may time you could not even read then. I mean one word or less then that per line is bad.

    So guess your son was like my cousin's who just don't get it.

    It's easy to BBC. It is easy to copy and paste. It is even easy to forward and then edit out address but you email program has to be setup right so it all shows up in the reply box. Some will attach it so you don't want that because you can't edit a forward email.
     
  10. nod32

    nod32

    Joined:
    Jul 16, 2007
    Messages:
    0
    good information!!!

    For average home users they should have at least the following...

    #1 - Antivirus software (buy one)
    #2 - Firewall (numerous free ones, Windows firewall is decent)
    #3 - Secondary spyware removal utility
    #4 - Operating system fully updated and patched
     
  11. aarhus2004

    aarhus2004 Gone but always remembered

    Joined:
    Jan 9, 2004
    Messages:
    1,049
    Just mailed it to a chap asking my advice on the matter.

    Thanks to all. :D

    Ben.
     
  12. BobJam

    BobJam Thread Starter

    Joined:
    Jan 10, 2005
    Messages:
    380
    Hey Ben,

    I guess that's an example of that "Global Community" you spoke of in our Random Discussion thread.
     
  13. aarhus2004

    aarhus2004 Gone but always remembered

    Joined:
    Jan 9, 2004
    Messages:
    1,049
    Yes, BJ, that is if I may think in a scale of millimetres. My son is 2.092147 mm down the road. :D He is right on the periphery of my world for my brain is now pea-sized.

    Poddy Ben.
     
  14. Tstright

    Tstright

    Joined:
    May 19, 2007
    Messages:
    397
    I don't agree with #4 on the preview pane. Been doing that for years with my work email and I've never had a problem with it.
     
  15. ferrija1

    ferrija1

    Joined:
    Apr 11, 2006
    Messages:
    7,954
    I stick by these tips, from Leo Laporte.

    1. Don’t open email attachments; even if it’s from someone you know. If you do get something from someone you know, make sure that they really sent it to you. Email attachments are the number one way viruses and trojan horses get into your email. You might also want to turn off HTML email in Outlook and other programs. HTML emails are just as dangerous as rogue web sites, and can spread infections just by previewing them.

    2. Don’t click links in email. That link could lead you to a phishing site, or the link may lead you to install malicious software. Copy and paste links into your browser, or type them in by hand instead. Another reason to disable HTML email - the HTML hides the real destination of that seemingly innocuous link.

    3. Don’t download files from places you aren’t absolutely sure are safe. Stick with the well known sites. Teeneagers who use filesharing software like BitTorrent, Azureus, Kazaa, Morpheus, Grokster, and Limewire, often unwittingly download spyware and trojans. If you must, quarantine all downloads then scan them a few days later with an updated anti-virus.

    4. Update your OS regularly! Turn on automatic updates in OS X and Windows. Apply all critical updates immediately. Criminals often create hacks within 24 hours of Microsoft’s patches (these are called zero day exploits), so you need to protect yourself the day the patches appear.

    5. Use a firewall. The best firewall is a hardware router - the kind you use to share an internet connection. Even if they’re not billed as firewalls, they are, and they’re quite effective. I also recommend turning on your operating system’s firewall - even if you have a router - but I don’t recommend third-party software firewalls. They cause more problems than they solve.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/595107

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice