Computer attacks can come through e-mail, external disks or drives, or directly through your Internet connection.
If you use e-mail, you almost surely receive spam. Spam is another name for unsolicited commercial e-mail. One way to avoid spam is to use a long e-mail name that is not based on your name. Also, avoid using your e-mail address on any Web site or in any news group. If you would rather include your e-mail address, then modify it by adding spaces or text such as "NOSPAM." You may also want to write out "at" and "dot" so that programs that scan for e-mail addresses are less likely to detect that you are concealing one.
If these approaches are not convenient or don't work, you may want to consider an anti-spam program. Consumer Reports regularly reviews such programs. A recent review article is in its September 2007 issue [1]. That article covers content filters, which are programs that look for patterns that are characteristic of spam. As explained in the response to a letter, other types of spam filters are less convenient [2]. A "good listing" or white-list filter only allows messages from senders on a list. Another approach is a challenge-response filter. That filter sends a message to every new sender. Human senders are expected to fill in a form, analyze a picture or do something else that computers don't handle well. Although, such filters cut down on spam, they also delay receipt of legitimate messages and may annoy senders.
One problem with content spam filters is that they may trap legitimate messages. It is a good idea to look through trapped messages every so often to see if there is one that shouldn't be sidelined.
When you receive e-mail, avoid clicking on a link in it. Although there are occasions when it is safe to do so, if the message is unexpected, clicking on a link in it may lead to problems such as viruses and identity theft. If you do click on a link and are asked to log in, enter a wrong password first. A legitimate site would refuse that password while a deceptive site would accept it. If your wrong password is refused, then it should be safe to enter your correct one. Also, avoid unsubscribing to spam. Doing so may confirm that the sender reached a working e-mail address. However, if you receive spam from the same source over multiple days, they already know that your e-mail address is valid and you may decide to risk unsubscribing.
One purpose of spam is to sell products or services. You can reduce the incentive to send commercial spam by not buying anything advertised in that way, no matter how good the item is. Even though spam is defined to be unsolicited commercial e-mail, it is also used to spread viruses and take over computers. Once a spam sender has a large number of controlled computers, he can send spam from multiple sources, overwhelm server computers or sell access to these computers to people with these or similar motives.
To prevent your Windows computer from being controlled or harmed, you need to install and maintain an anti-virus program. Mac computers have fewer such problems due to various safeguards and their being less tempting targets as a result of a smaller market share.
Viruses, or similar threats such as "worms," can arrive through any of the means mentioned above. To maintain an anti-virus program, you need to connect to the Internet regularly and download virus definitions and program updates. This requires a current subscription and patience if you have a slow connection. To protect against worms, which are programs that can enter directly through an Internet connection, you need to run a firewall program. This type of program may be included with an anti-virus program or a protection suite. It is generally not worthwhile to run two firewall programs since, unlike physical firewalls, being breached does not destroy them.
The primary way viruses enter through e-mail is as attachments. You should configure Windows Explorer to show file extensions. Doing so may help in detecting suspicious attachments. Common extensions for executable files include EXE, COM, SCR, PIF and BAT. If you receive e-mail with an attachment that does not have an adequate explanation of the attachment, write back or call for more information. Do not open the attachment until you are satisfied that it is legitimate. It would be helpful if there were a one-button way to create a message to ask for more information. Pressing this button should also move the suspicious message to a holding area where it will wait until you are satisfied and retrieve it. Once you decide to accept an attachment, you may want to download it, locate it in Windows Explorer, right click on its name and select the option to scan for viruses.
E-mails could also contain text that attempts to trick you into revealing personal or financial information. These tricks are called phising attacks. This name is a play on the word "fishing." Legitimate financial institutions will not send you e-mail asking you to log in through an included link. They will also not ask you to call a phone number that is included in a message. If a message concerns you, look up the Web address or phone number and then contact the company that purportedly sent you the message. There aren't programs that detect such attacks. However, there are browser toolbars or features that identify Web sites that are on a list of those used for malicious purposes.
Another type of threat is called spyware. These are programs that track your computer use and send that information to other computers. They may also redirect your browser to Web sites of their choosing. To guard against them, install and maintain an anti-spyware program. Such programs may be included with anti-virus programs. On occasion, it may be necessary to use two such programs to remove a spyware attack.
In addition to maintaining your anti-virus, anti-spam and anti-spyware programs, you need to maintain your computer's operating system. This consists of downloading updates through Windows Update or a similar feature. When there is a big update such as a Service Release, it may be possible to order the update on a CD-ROM.
For more information, see the "Net Threats" article in Consumer Reports [3]. If you connect to the Internet through a WiFi connection, see "How to protect yourself at wireless hot spots" in Computerworld for advice on this topic [4].
[1] "Security Software," Consumer Reports, Sept. 2007, p. 35.
[2] "Your Letters," Consumer Reports, Nov. 2007, p. 10.
[3] "Net Threats," Consumer Reports, Sept. 2007, p. 28.
[4] Gralla, Preston, "How to protect yourself at wireless hot spots," Computerworld, Jan. 5, 2007, http://www.computerworld.com/action/article.do? command=viewArticleBasic&articleId=9007142.
File Jockey at Compu Serve dot com
(In the above line, change "at" and "dot" to
their symbols and remove the spaces to produce my e-mail address.)
Return to main page
Last updated: 9-April-2008
