May 21, 2007

Internet Security Practices

When I was in IT line last time, I actually have quite a number of customers coming in asking for help in "virus-fighting". I even get question like "my P4 quite powerful mah, why still can infected by virus leh?". So the fact is that there are actually people who think that a computer with powerful processor will not get infected by computer virus, and believe me, there are still PC users out there who don't know what is computer virus.

No matter how powerful your PC is, it's extremely vulnerable if you don't practice Internet security, especially when countless of computer virus attacks, malwares, computer hoaxes, and phishing scams are reported almost everyday. So, how do we actually practice Internet security?

Below are some points taken from
  1. Use an Internet security solution that combines antivirus, firewall, intrusion detection, and vulnerability management for maximum protection against malicious code and other threats.
  2. Ensure that security patches are up-to-date and that they are applied to all vulnerable applications in a timely manner.
  3. Ensure that passwords are a mix of letters and numbers. Do not use dictionary words. Change passwords often.
  4. Never view, open, or execute any email attachment unless the attachment is expected and the purpose of the attachment is known.
  5. Keep virus definitions updated regularly. By deploying the latest virus definitions, consumers can protect their computers against the latest viruses known to be spreading “in the wild.”
  6. Check to see if your PC or Macintosh® system is vulnerable to threats by using Symantec Security Check at:
  7. All computer users need to know how to recognize computer hoaxes and phishing scams. Hoaxes typically include a bogus email warning to “send this to everyone you know” and/or improper technical jargon that is intended to frighten or mislead users. Phishing scams appear to come from a legitimate organization and entice users to enter credit card or other confidential information into forms on a Web site designed to look like that of the legitimate organization. You should never disclose confidential information without confirming that the request is legitimate.
  8. Both spyware and adware can be automatically installed on a computer along with file-sharing programs, free downloads, and freeware and shareware versions of software, or by clicking on links and/or attachments in email messages, or via instant messaging clients. Therefore, you should be informed and selective about what you install on your computer.
  9. Don’t just click those “Yes, I accept” buttons on end-user licensing agreements (EULAs). Some spyware and adware applications can be installed after you accept the EULA, or as a consequence of that acceptance. Read EULAs carefully to examine what they mean in terms of privacy. The agreement should clearly explain what the product is doing and provide a way to uninstall it.
  10. Beware of programs that flash ads in the user interface. Many spyware programs track how users respond to these ads, and their presence is a red flag. When you see ads in a program’s user interface, you may be looking at a piece of spyware. Don’t click on ads that appear unexpectedly in your browser window. Instead, close the window immediately.

No comments: