Tech Talk
October 28, 2005

Protecting yourself and your computer while online

Last weekend I received an early morning call of panic from a friend who was afraid that she had been a victim of credit card fraud while surfing the Internet.

While online, a pop-up box appeared asking her if she wanted to have her computer scanned for spy ware for free. She agreed, then a graphic appeared indicating that her computer was being scanned. After a few minutes, she was told that spy ware and ad ware had been found on her computer. She was advised that she should purchase anti-spy ware software to remove them. She agreed and a form appeared prompting her to enter her credit card number and expiry date, which she did. {{more}}

It wasn’t until she was asked to enter the three digit number on the back of her card that a mental alert sounded. She immediately disconnected from the internet and shut down. She is now fearful that she had fallen prey to the one of many internet hoaxes designed to allow unscrupulous individuals to obtain your personal information so that it may be used for their own benefit.

While the company offering the anti-spyware software may have been a legitimate one, my friend violated some of the cardinal rules governing behaviour while online. As a reminder to her and to others I recommend the following:

1. Choose long and memorable passwords for your internet accounts. A password is like a toothbrush: choose a good one, don’t share it with anyone, and change it at the first sign of problem. A password should be longer than 6 characters, and should be a mixture of letters, numbers and symbols. You should come up with something that’s easy for you to remember but impossible for someone to figure out. Try to use different passwords for different accounts so that if one account is violated, the others would be safe.

2. Be suspicious. Anyone, anywhere in the world, can register for an Internet Service Provider (ISP) account, and Internet email protocols allow anyone to send a message that appears to be from any other person. Don’t assume an email from “Mom” or “Uncle Dave” was actually sent from someone you know, and don’t assume that an unsolicited message from was really sent by that account.

3. Scams abound. Scams are a popular way of getting your personal information. The most common scams are fake login pages and forged emails that ask for your password, credit card number, or other sensitive information. Ignore or report anything you see that strikes you as questionable or suspicious.

4. Know your software. Malicious software (e.g., viruses, worms, Trojan horses, and spyware) often masquerades as legitimate and even useful software. Think carefully before installing or running new software, especially anything unsolicited.

5. Use anti-virus software. This can detect many, but not all, forms of malicious software before they have a chance to affect your computer. Ensure that you update your anti-virus software regularly so that it maintains its effectiveness.

6. Keep your software up to date. You can prevent many problems by regularly checking for and installing updates for your operating system, browser, messaging software, and other programs.

7. Clean up after using shared computers. If you share a computer, whether it’s in a public or private setting, make sure to sign out when not using your account. You should also learn how to “clear the cache,” if you use the computer to browse the Internet. Remember that using a shared computer is always riskier than using a computer to which you are the only person with access.

Next month we will discuss what are Viruses, Worms, Trojan Horses, spy ware and ad ware and the differences among them.

• Tips adapted from 10 Essential Security Tips published by Yahoo security center