Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Online Shopping — Basic Security Tips*

I think it is a pretty safe bet that quite a few of you are doing some last minute holiday shopping.. and that some of you are going to use the Internet to do some of that shopping.

I would like to remind you that there is a healthy, active, and well-financed underworld of cyber-criminals who are well-aware of the fact that the next few days are prime credit card and “identity” theft opportunities, and are going to be particularly active in trying to GET YOU.

You will see an increase in spam, and bogus pop-opens that tell you you are infected when you’re not. (Note: The phraudulent Skype alert is active again, too. see Skype — “Windows Requires Immediate Attention”.. Not! )

I am posting the following Basic Internet Shopping Tips in the hopes that Tech–for Everyone readers will not join the 9 million Americans who had their identities stolen last year.

  • Download Software Updates — Regularly!
  • Use Complex Passwords (include numerals and @#$%^&*[])
  • Use Onetime Credit Cards
  • Verify Secure Connections See that little padlock symbol at the bottom of your screen, and in the URL address bar?
  • Check Your Credit
  • Enter Your Shopping Site’s Web Address Manually (embedded links=no!)
  • Shop From Your Own computer (not a public ‘hotspot’)
  • Enable your browser’s phishing filter, or install a add-on. (such as the super-easy WOT toolbar)
  • Don’t Send Credit Card Information Over E-mail. Even if you think it’s secure. Don’t send it over IM either. If you feel uncomfortable about sending personal information online, call up the business.

I would like to direct your attention to the first bulletpoint. The programs on your computer need to be fully “patched” with the latest updates, as exploiting weaknesses is one of the primary method hackers use to infect your machines. (You visit a website that they’ve ‘poisoned’, and if you have an unpatched ‘hole’, bingo – you’re infected.)

How do you know if you have the latest updates? For all your installed programs? Do you think you are patched? Don’t guess. Be sure!

Today’s free download: Secunia offers a tool that I highly recommend. The online scanner (which you should bookmark, btw) will scan your machine for roughly 100 programs and tell you if there is a patch/update you need. If you go this route, you will need to visit once or twice a week.)
Better yet, they offer a download, a Personal Edition, which will scan your system against a database of over 7,000 programs.
Even better yet, it includes direct download links to the missing patches it finds.

I just ran it and it found an old ActiveX plug in, and told me that my Java Runtime Environment was out of date.. and I didn’t think I had installed JRE on this machine!
vulnerabilities1

Tip of the day: Beware of “rogue” anti-spyware programs (aka “scareware”). There is so much money to be made off of stealing corporate data, identities, and sending spam that the malware writers (hackers) have created spyware that claims to prevent spyware. You think you’re installing a spyware remover, but you’re not. You are actually installing their malware.
Some claim to give you an anti-spyware scan for free, and they “discover” a critical infection (again bogus) which, if you buy the “Professional” version, they’ll clean up for you. Please, Dear Reader, never fall for this.

There are, literally, hundreds of these  rogues, and they’re designed to appear as legit products in every way.They have websites, and “user reviews”, etc. The quality anti-spyware programs are well-known and are routinely rated and compared by reputable sources like PC World and PC Magazine and C/Net.
[Note: there is an excellent list of know rogue anti-spyware apps posted on Spyware Warrior.]

*** If a window pops open telling you some nasty-sounding trojan has “been detected on your machine” — do NOT click on any thing!

Instead, launch the Task Manager (Ctrl+Alt+Del) and “End task” all instances of your Web browser. ***

Copyright 2007-9 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

December 11, 2009 Posted by | computers, Internet, security | , , , , , , , , | 4 Comments