Monday, June 15, 2009

Safe Surfing Tips

Recently I visited my sister Juanita. She had purchased a popular antivirus program and installed it on her computer and our dad’s computer. It worked fine on Juanita’s computer but it caused serious problems on Dad’s. I uninstalled it and installed a free antivirus program called Avast! in its place.

Juanita was upset that she’d spent the money for the expensive program and now felt the money had been wasted. I suggested she try to get a refund and switch to the free antivirus program from Avast! on her computer as well. I also made a number of suggestions for safer use of a computer on the Internet. I've realized that other people might find these suggestions useful.

Excerpted from my email to Juanita:

Here are links to two popular antivirus programs:


I mentioned that I have been reading newsletters related to computers and computer security. Go here:


Then click on the Newsletters link near the top of the page, just below the Search box. You will get a page where you can sign up for a number of newsletters. I am currently getting Tech Update Today, ZDNet Announcements, and ZDNet Must-Read News Alerts. These often contain security alerts and other security-related information.

However, don't panic. At first I found some of the postings rather scary, but after a while I realized that not every alert applies to me and my computers - and often the threat is not as dire as the articles make it sound. I've also helped a number of friends with their computers, and through this I've come across some fairly badly infected machines. Almost always, the infected machines have been running without a current antivirus program installed, and I also suspect that the owners are prone to surfing to dangerous sites.

Over time, I've evolved the following rules of thumb:

1. Always keep Windows updated. By default this happens automatically. Every other Tuesday (known as Patch Tuesday) Microsoft prepares a group of updates. Your computer should check for these updates and download them automatically. You can check on the status of these updates by clicking Start -> All Programs -> Windows Update (or Microsoft Update). You can also check to make sure the updates are set up to happen automatically (or at least ask you before it downloads and/or installs them).

2. Always keep your antivirus program updated. Avast does this automatically whenever you connect to the internet. I believe AVG does too. This is important because new viruses are constantly being released, and your antivirus program has to get new signatures and fixes from the web site of the company that wrote the antivirus program. An antivirus program that is out of date is ineffectual.

3. Do an antivirus scan periodically. Unlike antivirus progams you pay for, Avast Free edition doesn't do this automatically; you have to do it manually. It's a good idea to do this every week or two, especially if the computer is spending a lot of time online.

4. Make sure you have XP Service Pack 2 or 3 installed and make sure that Windows Firewall is turned on. This is especially important for machines that connect directly to the internet, without a NAT router, such as your dialup connection.

5. Consider installing antispyware. I use Ad-Aware Free (get it from or and nowhere else!) and Spybot (from or These both require manual updates and Ad-Aware requires you to run it manually from time to time. Spybot, if I recall correctly, can be set up to run continuously in the background, but it has considerable overhead so this might not be optimal on older, slower machines. If necessary you can run manual scans instead.

Here are some safe practices tips:

1. Avoid potentially toxic sites. The ones I think are most dangerous are ones you and your kids probably won't be going to: porn sites and warez sites (illegally "cracked" software). Also, file sharing networks, especially Limewire, tend to contain a lot of viruses. Avoid those too (I'm sure you do). Update: I’ve also found sites purporting to list free proxy servers to be dangerous.

2. If you ever get a popup offering to update your Flash Player, don't accept it! Close the popup. Don't play a movie if you get such a message when you open it. Close the movie and, if you've downloaded it, delete it. Then go to Adobe and check to see what the latest version of Flash Player is. If your version of Flash is earlier than that, download and install the new version from the Adobe site.

Note: When I download a new version of the Flash Player installer or other software, I append the version number of the software to the program name and save the installer in a folder where I can find it later. You can also hover the mouse cursor over the installer and it should give you a popup which shows the version number. If in doubt, download and install the new version.

3. Be suspicious of any popups offering updates; right now Flash is the one being spoofed, but there could be others in the future.

4. Avoid Microsoft's internet browser, Internet Explorer, and their mail programs (Exchange, Outlook Express, and Outlook).The open source programs from Mozilla, namely Firefox for web browsing and Thunderbird for email, are much more secure. From what I've seen these two Microsoft programs are malware's biggest routes into Windows systems.

Update: Aggressive malware development has significantly reduced Firefox’s safety advantage. However, if you install the Noscript add-on into Firefox, and use it wisely, this combination becomes by far the most secure browser combination available.

5. Never click on a program or script which arrives in an email that looks in the least suspicious. Scan any files you're not sure of with your antivirus program.

6. Be suspicious of any emails that attempt to get any personal information from you, especially passwords but also name, address, DOB, SSN, etc. Banks and other reputable companies never send emails asking for info like this, but spammers often send emails telling you that you must "update your account" or some other nonsense and give you a link to a bogus site which will steal your password.

Get in the habit of looking at the URL for a web site before you click on it, especially in any email from a supposed bank or whatever. (This is usually displayed in the status bar at the bottom of your browser or email program if you hover the mouse cursor over the link.) Also look at the actual email address of the sender; often it will have a legitimate-sounding name (e.g. Citicorp Bank Information Services) but the actual address will be clearly someone else (something like This is a dead giveway. Junk the email immediately.

7. Consider switching to gmail. You can set up gmail to retrieve email from your other addresses so it will all arrive in one place. You can also set up alternate identities so outgoing mail will have the same from address that the incoming mail was originally directed to. I have found that gmail seems to be very good at filtering out spam.

8. Never download anything, especially anti-spyware or antivirus software, from any site you're not sure of. Generally,, and other major sites run safe servers and you can be fairly confident that things you download from them are free of malware. If in doubt, scan the downloaded file with your antivirus program (just right-click on the downloaded file and select "Scan ...") to be sure.

If you ever get into a situation where you think your computer has been infected with a virus, scan memory and your entire hard drive with your antivirus program or, better yet, with an online scanner. Several major antivirus providers have free scanners. (look for Housecall) and are two that I use. You can also set up Avast to do a boot-time scan, which is more thorough and reliable than doing a scan from within Windows.

This takes a while but it's worth it to ensure your machine is clean.

If in doubt, check online forums or call someone you trust.

No comments: