Personal Computer Security: Using Uncommon Sense

There's a lot of people out there that want your personal and financial information for unethical reasons. Learn how to protect yourself.
Written by Scott Raymond, Inactive

The internet is an unsafe place. Your data is at risk. Your right to privacy is being violated. Your identity is going to be stolen, your credit ruined, your career destroyed, your house burned down, your fields will be defiled and your women will be pillaged. Dogs and cats, living together! Mass hysteria!

The net has become a bleak place for people that do not practice safe computing methods. Cybercrime is big business these days--it's no longer the domain of a surly miscreant in a basement writing viruses that infect floppy disks. Now the bad guys are organized, smart, and running their operations like a big business.

Most people are aware of the dangers, but not how to protect themselves. The truth is, if a hacker wants to get into your system, usually the only way to prevent that access is to completely cut the system off from the internet. Even then, there's still a remote possibility that access can be gained. Just recently, the US Department of Defense reported that a successful network intrusion had been accomplished through the use of a rogue USB flash drive.

On a smaller scale, cyber thieves are interested in capturing information about you: your credit cards, social security number, banking information. The intent is obvious, of course. The worst part is that many security attacks can come from known friends whose own systems have already been compromised.

While it is true that some computer operating systems are more secure than others--Microsoft Windows being the most vulnerable by virtue of its ubuquity and therefore interest to criminals--no one system is 100% safe. The majority of security violations can be pinned squarely on the shoulders of human error, through inattention, ignorance and even apathy.

There are a number of precautions a computer user can take in order to start securing their data. Anti-virus and anti-malware applications are a good start. If you run a Windows system, Avira AntiVir Personal is a decent, free option. Microsoft has also released a good, free antivirus package called Microsoft Security Essentials. I would also recommend using Malwarebytes' Anti-Malware to scan your system on a regular basis. It has been known to catch things other applications miss.

While Linux and Mac users are fairly safe from virus infection, they can still run Windows in a virtual machine, and can pass along infected files. The open source ClamAV is available in both Linux and Mac versions.

Good security practices involve multiple layers of protection. If you have a hardware firewall, use it. Block any inbound ports that are not in use. Use network address translation (NAT) so that the network address of your computer is masked from the outside world. Unless you run a server at home, you won't need to have the firewall forward ports back to your computer from the outside.

If you don't have a hardware firewall, use the one built-in to your operating system. All modern versions of Windows, OSX and Linux have firewall options.

That's just scratching the surface. There's so much on the internet today designed to trap the unwary cyber traveler. Junk email is filled with lottery and inheritance scams, fake file attachments with trojans that can take over your computer, links to websites infested with malware and code that attacks your web browser. Most email providers already filter out the worst of these, or provide you with tools to do the same. Modern email clients usually block infected file attachments.

The motto of "better safe than sorry" really does apply here. If you don't know who it's from, delete it. Don't open file attachments unless you are sure of their origin. Don't accept instant message chat from strangers. Stay off of unsavory websites--porn and software piracy websites are notorious for being havens for malware.

It's recommended that if you have no alternative to visiting unknown websites, use an ad blocker like Ad Muncher which works with all browsers, or free options like Adblock Plus for Firefox and Chrome. Please keep in mind, however, that many legitimate websites are paid for through the use of ad revenue--so as a courtesy to them, disable the ad blocking while visiting those sites.

As I mentioned earlier, one of the biggest issues with computer security is the human element. Hackers use social engineering to crack security. Notorious hacker Kevin Mitnick has said that it's quite easy to simply call up a random low-level person in a company, tell them you're from the IT department and ask for their username and password. Many people will just hand over this information without even thinking twice about it.

Your passwords are supposed to be kept private, just like your ATM PIN that you use to get cash at the bank. Never give your password to anyone. Never make it easy to guess, like your own name or a pet's name. Don't put it on a Post-It note and stick it to your monitor. And if anyone ever asks for it, don't give it to them.

A common scam is called phishing, where someone sends a legitimate-looking email that appears to come from your bank, asking you to provide your account number, your ATM pin, your username and password. Or sometimes they provide a fake website link that appears to go to the banking website, but is actually one made to appear like your bank website but is only there to siphon your credentials so they can empty out your account. Do not respond to these emails, and do not click on the links in them.

Another trap to avoid are the TV commercials promoting a faster computer free of viruses and spyware. These are actually ransomware scams where the program doesn't actually clean anything, but keeps demanding money to keep your computer safe. The parent company also theatens anyone that reviews them in a negative light, which is why I have not named them directly in this article. Not surprising, considering their reputation. There are many malware programs pretending to protect your security; research them first before using any of them.

Let's face it, with computers come risk. If you have information on them that others would find valuable, inevitably someone will try to take it from you. The alternative is to completely cut yourself off from all network and computer access and never put any personal information on one. The only problem with that is there are many companies out there with your personal info, and the news has seen plenty of stories over the past 20 years where customer information was leaked or stolen.

The threat of data and identity theft will always exist. The best thing to do is to be safe, be careful, and be smart.

Editorial standards