The never ending battle for control of your PC continues. Yes, your PC. In recent weeks, I’ve had half a dozen people contact me for help in ridding their PC of fake antivirus software. The number of fraudulent “phishing” emails being sent to people continues to increase. How widespread is the problem? Authorities in Spain recently arrested a small group of men who had amassed control of a network of more than 12 million personal computers. It’s an all out war. The cybercriminals who want control of your PC are persistent and unscrupulous.
Here are a few tips to help minimize the threat:
1) Think before you act on emails. The email titled “Just got this funny joke,” or “Forward this to everyone you know,” is often not from someone you know, regardless of the sender’s address. It can just as easily be from a malicious computer program that infected the computer of someone you know. And it is trying to infect your computer. Attachment? Forget it. Don’t open it. Link? Click at your peril. Best to just delete the email. Encourage your friends to send you personal messages, and politely ask them to leave you off chain email lists for jokes and other mass mailings.
2) Phishing emails: A bank sends you an anonymous notice (“Dear Account Holder”), notifying you of an important upgrade or change to your account. The email instructs you to click a link to log into your account. If you click on the link, you’ll be taken to a page that looks like the bank’s account login page, including a web address that is surprisingly similar to that of the bank’s real web site. If you try to log in, there’s a good chance you’ve just handed someone your bank account number and password, which they can use to log into your actual bank account at the real bank web site. This is not unique to banking. Phishing emails made to look like the came from eBay and Paypal are very common.
Reputable companies don’t send anonymous emails with direct links to account login pages. The delete button is your friend. Use it. Be naturally suspicious of these types of emails.
3) Keep your PC and software up to date with the patches offered by software publishers. Yes, it’s a pain, but new vulnerabilities are frequently discovered in Windows, Internet Explorer, Firefox, and many other programs. If you’ve had bad experiences with patches that cause your PC to malfunction, at least consider applying vendor service packs. For example, as of this writing, Windows XP is up to Service Pack 3, and Windows Vista is at Service Pack 2. These can be downloaded directly from Microsoft at Microsoft.com.
4) Use strong passwords for all of your online accounts. One of the most common cyber attacks I see is known as the “brute force” password attack. The bad guys try to gain access to online accounts by literally trying every word in the dictionary, common first names, and short sequences of numbers. The most effective way to defeat this type of cyber attack is to use a password that mixes letters, punctuation and numbers.
You don’t need to be paranoid about cyber-criminals, but you do need to be aware the threat exists. A little common sense and a small amount of effort keeping your PC up to date and your passwords secure will go a long way toward keeping you from becoming a victim of a cyber-crime.