[AI] malware

vishnu ramchandani vishnuhappy at yahoo.com
Thu Mar 27 07:53:12 EDT 2008


Protect your PC and personal data from hackers and
malware

By
Vineet Kumar 

You do it almost everyday. You login into your
computer, send e-mails, open attachments from friends
and strangers, shop online, transfer money using your
banks secured payment gateway, chat with friends and
upload personal information on social networking
sites.

But have you ever given a thought to someone who is
keeping a close watch on all your online activities.
Someone, somewhere in some corner of this planet
trying to get inside your computer and filch one of
the most important resources of information age:
personal data.

Data that can be abused to make purchases online, send
malicious programmes to all those on your contact list
and many such things to harm you. Welcome to the age
of hackers (these are people who try to gain access to
your computer using various hacking tools and misuse
your personal data) and spies lurking on the vast
Internet highway.

But don't worry. There are ways in which you can beat
the hackers. However, when it comes to security
nothing is 100 per cent secure. Loads of exploits are
developed everyday. Updating the knowledgebase should
be a regular process. Following could be few of the
many measures that could be taken to protect your
computer and all things that you do online:

~ Install the latest antivirus software (I recommend
Kaspersky, Eset Nod32, Quickheal, F-Secure) on the
computer and never ever disable or turn it off.
Install a personal firewall ( www.sygate.com and
www.zonelabs.com
offer free versions) and Spyware Checker (I recommend
Spybot Search & Destroy).

 ~ Keep updating antivirus/anti spywares at least
every 15 days. Use separate Trojan removers like anti
Trojan shield if possible. Full system scan with your
anti virus at least once in a week or better set it to
scan periodically and give a small interval say every
Friday (the day may vary according to your choice).

 ~ There are a few free online scanners available at
http://housecall.trendmicro.com
 
 or
 
http://www.kaspersky.com/kos/eng/partner/us/kavwebscan.html,
 and
http://support.f-secure.com/enu/home/ols.shtml.

~ Get System's health checked regularly at
 http://www.pcpitstop.com/.
The site checks the overall system health, tunes up
the system and finds out the vulnerabilities. It's a
free service. ~ Don't ever download or open
attachments whose source you are not certain about.
Even if the source is trusted, see if the content is
relevant. Even non-executable files like *.Doc files
can contain macro viruses and Trojans. There are some
special sort of programmes called worms, which don't
need human interaction. You just open a mail or visit
any website and that's it. So always stay alert. Avoid
opening e-mail attachments that contain '.vbs',
'.scr', '.exe', or '.pif' file extensions. Files that
end in these extensions are most likely to contain
some sort of virus.

 ~ Web browsers like Fire Fox, IE 7 & Opera offer good
security features. Test your Web Browser for
Vulnerability at
 http://bcheck.scanit.be/bcheck/.

~ Never download any files specially executables over
P2P (peer-to-peer)
 sharing networks, because you cannot be absolutely
certain what they are.
 P2P file sharing programmes can lead to the
installation of a lot of adware and spyware. Try
downloading executables from authentic and well-known
sites; don't just download files from anywhere.

 ~ Try not to visit porn sites, Warez, sites of cracks
and serials because most of them have hell lot of
latest spywares, Trojans and viruses . One visit and
you are gone if your virus definitions are not up to
date.

 ~ Be familiar with the installed programmes on your
computer. If you notice a new programme installed,
which you didn't in the first place, possibilities are
that it might be something malicious.

 ~ Read the installation agreements carefully when you
download something from the Internet. Pay attention to
the terms and conditions or EULA (end-user
 license agreements) of the program being installed.
Reference to third party installation should be given
more attention. Some EULA's tell you that, if you
install the program, you have also agreed to install
some spyware with
 the software. Do check the independent sources as
some EULA's do not mention about the Spywares.

 ~ Back up your computer data on a regular basis, at
least weekly. Copy
 your important documents and files onto a floppy
disk, removable drives, CD or a DVD for safekeeping.
Don't wait for the disaster to happen, take the
precaution before hand. Create system restore points
periodically

 ~ Use e-mail encryption like PGP to send important
information via emails. Don't send important
information in plain text.

 ~ Never respond to unsolicited e-mail. To those who
send spam, one response or 'hit' from thousands of
e-mails is enough to justify the practice.
Additionally, it validates your email address as
active, which makes it more valuable, and therefore
opens the door to more spam.

~ Beware of phishing attacks. Sites like
www.antiphishing.org
offer latest updates on phishing along with good
security tips

~Don't chat with strangers just for fun. Don't ever
accept any file, especially executables from an
unknown person on chat. Don't click on any links given
by someone you don't know.

~ Do not accept links or downloads from strangers even
if it is tempting. There have been cases where
spywares like Trojans, keyloggers etc. have been
hidden in simple picture files with '.jpg' extensions.
You never really know what is contained inside a file
which looks attractive.

 Today people use binders to club two different files
and send you the mixture. Once you click on the file
both file gets executed.

~ Be cautious while displaying your profile,
especially your personal details, photographs, videos
and contacts on social networking sites. Your profiles
and contacts may be misused by other people.

~ Install parental control softwares like netnanny
that helps you choose what the kids see on the
Internet and monitor the activities of children. For
more details visit
 http://www.microsoft.com/athome/security/children

Wireless security

 ~ If you have a wireless network, turn on the
security features: Use MAC filtering, turn off SSID
broadcast, and even use WEP/WPA/WPA2 with the biggest
key you can get.

Online shopping safety tips

~ While purchasing online, look for signs that online
purchases are secure (SSL secured sites or 128 bit
encryption) like Ebay.co.in. At the point that you are
providing your payment information a golden coloured
lock appears (for SSL secured sites) or the beginning
of the Web site address should change from http to
shttp or https, indicating that the information is
being encrypted -- turned into code that can only be
read by the seller.

Your browser may also signal that the information is
secure with a symbol, such as a broken key that
becomes whole or a padlock that closes.

~ Carefully use credit card and online banking for
online shopping. Check your credit card and bank
statements at regular intervals. Notify the bank
immediately if there are unauthorised charges or
debits. Avoid using credit card details and online
banking on public computers and in cyber cafes. It is
very unsafe because most of them are infected with
viruses, Trojans and key stroke loggers.

Banks such as HDFC [ Get Quote] have launched their
services like Net Safe to create temporary credit
cards with a limited value to transact online. This
way, in the worst case scenario, your damages are
limited.

Password security

~ Use two different passwords. One for mail, work and
other important access and other for routine purposes
like subscribing to websites or public viewing. But
remember to switch between them when you start doing
transactions after mere browsing. Create another
e-mail ID providing false information and crazy
usernames like 'whitecat_4u', 'kkk320' etc. which you
use exclusively for subscription to sites. That will
prevent spam from coming to your main ID.

~ Create a difficult-to-guess password by taking the
first alphabet from each word of a phrase. What is a
good password? It is a password which is at least 8
characters long, not easily guessable, contains
mixture of uppercase and lowercase letters as well as
numbers, and preferably contains special characters
like $, *, %, !, * etc. Some examples of a good
password are: &(^.1234*cRack&.^).

~ Always use alphanumeric passwordwith special
characters and try to
 
adopt phrasing technique to construct passwords which
are easy to remember, hard to guess and impossible to
crack. Create a unique acronym. Never use a dictionary
based password like guest, home etc. It takes little
time for a good cracker to crack the password.

Vineet Kumar is the founder and CEO of National
anti-Hacking Group.


      Forgot the famous last words? Access your message archive online at http://in.messenger.yahoo.com/webmessengerpromo.php




More information about the AccessIndia mailing list