Today's mailbox question is from a reader who no longer trusts Windows to protect him when shopping and banking online:
A few months ago my PC somehow became infected with malware that managed to grab my bank login details as well as a number of usernames and passwords I use for online shopping. As a result of this I lost some $4,500. I got most of this back, but it was a tremendous hassle and I'm left feeling I can't trust Windows to protect me from hackers and malware. What do you suggest I do?
A big question, but I'm going to offer a couple of suggestions as to what you can do to protect yourself in the future.
Harden your Windows installation
How malware gets onto your system could be from not installing antivirus software on your system, or that it was out of date and not offering you protection from the latest malware.
My first suggestion is that you install security software. My preference is Microsoft Security Essentials, because it's free and will update in the background without ever nagging you to buy a license. It's also very good software.
I'd also take the time to run Windows Updates -- found in Control Panel -- and install any patches that you might have missed. These patches plug up vulnerabilities that can allow hackers to gain access to your system.
You should also check that all your programs are updated, especially applications such as web browsers and add-ons such as Adobe's Flash Player. To take the stress out of doing this I would suggest you download and run Secunia PSI. This will scan your system for out-of-date software, automatically update some of it for you, and tell you how to update the rest yourself.
Finally, you also need to be sensible. Be careful what you download and install onto your system; although your antivirus software should take care of most threats. Also, be careful about clicking on links that come to you via email, Twitter, Facebook and so on.
Create a Linux Live-CD
If you're still worried that Windows can't offer you enough protection, then you need to create for yourself an isolated operating system that you can use purely for banking and shopping.
What I wrote about nearly three years ago still applies today.
The best way to do this is to load a Linux distro onto a CD/DVD or USB flash drive and use that for banking and online shopping. I recommend using a CD/DVD because absolutely nothing can be written to the disc. It's not an ideal setup because it can be a hassle, but it will offer you a significant level of protection.
- Download a Linux ISO. Ubuntu remains popular, but Mint is nice too.
- Burn the ISO to CD or DVD using a disc-burning tool, such as ImgBurn.
- Pop the CD into your drive and boot up from the CD when you want to bank or shop.
If you don't have a CD/DVD burner then take a look at PenDriveLinux. Here you will find out how to boot and run Linux from a USB flash drive.
This method not only protects you from malware and Windows-based vulnerabilities, you're also protected from phishing attacks by not using the Live-CD for anything other than banking and shopping. Don't use it for email, or Facebook, or even Twitter for that matter. You boot into the Live-CD, which is completely isolated from your Windows installation, do what you went in to do, and when you're done you can boot back into Windows.
Simple, safe, and effective. I also recommend that you burn a new CD every six months or so just to keep you on top of new releases and updates.
What about passwords? Simple. Grab yourself a USB flash drive and a copy of an app such as TrueCrypt and encrypt a text file containing your passwords.
Bottom line: I don't think that there's any reason why you can't trust Windows for shopping and banking as long as you take a few sensible precautions. Millions of people do just that daily. However, if you're still concerned, you can always create a Linux Live-CD which you can boot up from and use that to do any activities you consider too risky for Windows. It's more of a hassle, but it is a far more secure option.