The Novice guide to staying safe online

[+Warwagon MVC]

The novice guide to staying safe online.

I created this guide for my customers, to educate them on staying safe online. It’s written and geared toward the novice user. Feel free to distribute. A PDF is located at the bottom of the page.

Windows Updates

Every month on the 2nd Tuesday, Microsoft releases a handful of updates. They are usually security updates which fix security flaws in Windows. If you do not install the latest security updates, you can catch a virus just by stumbling onto the wrong website. You don't even have to click anything . All you have to do is access the website and BOOM you are infected. Sometimes you don't even have to be at a website. Your computer can just be sitting at the desktop (pretty picture) doing absolutely nothing and BOOM, you are infected. So it's pretty important that you install the updates immediately the moment they are released.

There is something called the 48 hour window. When security researchers find security vulnerabilities they go through the proper channels to let Microsoft aware about the problem so they can fix it/them. Doing so prevents the bad guys from knowing about them and using them to exploit people’s machines before Microsoft has a chance to fix them. 48 hours after the patch from Microsoft is released, the bad guys have usually already taken the patch apart and figured out what it was exactly that Microsoft fixed. It is at this point that they capitalize on what they’ve learned and they use it to infect websites. You should download the update(s) IMMEDIATELY after Microsoft issues them.

One more term you may hear thrown around is the term "Zero-day Exploit". This means that before the patch is even available to the public, websites are already taking advantage of the vulnerability and infecting machines. Scary, huh?

Routers

Let's talk about routers for a moment. A router is the hardware that lets you share your internet connection with more than one computer. Sometimes they are wired but most of the time they are wireless. But did you know that routers also act as a fantastic hardware firewall? That means it hides your computer from the outside world. Below will give you a better idea about how all this works, and why it's a good idea to have a router, even if you only have one computer.

In the most simplistic terms the internet works like this:

You ask for a website by typing it on the address bar

Website response- “I have that website you asked for”

Your Computer – “Ok thanks come on in”.

Your computer has all its updates installed and also has the Windows Firewall turned on:

Your Computer does not ask for the website.

Bad Computer – “I have that website you asked for”

Your Computer - "I didn't ask for a website… go away"

Your computer has all its updates installed but you are not using a router or the windows firewall:

Your Computer does not ask for the website.

Bad Computer - "I have that website you asked for".

Your computer – “...........” (no response)

The Bad Computer never gets a response from your computer, so it proceeds to scope out your computer looking for any holes he can use to break in. He never finds any. (you did your updates)

Your computer with a serious vulnerability (didn’t install your updates), no router, and no Windows Firewall.

Bad Computer "I have that website you wanted!" It then proceeds straight into your computer and spreads the virus/malware infection.

Your computer with the same vulnerability but this time you have a router.

Bad Computer "I have that website you asked for”

The Router "I didn't ask for a website, go away"

So you can see how just having a router can greatly improve your overall PC security. Now you are probably thinking, well I already have a firewall. I'm using Norton or McAfee. This is true. You are using a firewall. A software firewall like Norton and McAfee monitor outbound connections too (the information leaving your computer). The router only monitors inbound connections (things coming into your computer). I see two problems with monitoring outbound connections.

1) When anything on your computer wants to access the internet your Norton or McAfee will pop up and ask "Do you want to allow this"? This is good but most of the time it's pretty cryptic. It's not uncommon to see "Do you want to allow XYZ.exe (as an example) to access the internet"? You look at it and think, “uh ..... I have no idea”. Now one of two things happens. Either you say “No” every time it asks because you’re scared, (lots stuff on your computer that requires the internet now doesn't function properly) or you click “Yes” to everything and defeat the purpose having a software firewall in the first place.

2) Let's say you do understand all the xyz.exe stuff, and you actually saw something bad trying to leave your computer. At this point you are already in trouble. If something bad is already on the computer it has the power to turn the firewall off.

I always stick with using just an Antivirus (not the Internet Security package) and buying a router.

Links in Emails. Don't click ‘em!

You probably get emails from PayPal, eBay, your bank and other websites all the time. Problem is how do you know the people sending them are who they say they are? Most of those emails also include clickable links. If you click the link you may be taken to a “phishing” site. (Yes, it is pronounced like “fishing”). A phishing site is a website that tries to impersonate another site in hopes that you will be fooled and give them your personal data. A good majority of them try to contact you via email. They first start by spamming everybody. They know that out of 2 million + emails they send out, a number of those will have a PayPal account (for example). So they send out their 2 million e-mails and wait for victims to open the e-mails and start clicking the links. They will have built their webpage to look exactly like the one you are familiar with. When you enter your login credentials, they now have absconded with your identity. SO, it's a good rule of thumb not to click on links in e-mails. The only ones I would say you could click on are ones that you are expecting to arrive. For instance, if you forget your password and the site in question said they will be sending you an email. Then after a few seconds you receive an email about resetting your password. It’s probably safe to say you can trust those. If your bank sends you a notice that your statement is available online, don’t click the link. Use your browser and go to the bank website.

Do Not Open Unexpected Email Attachments.

This is one that gets a lot of people in trouble. You get an email from a friend, which includes a file that they want you to open. They received it from someone they knew. They think nothing of it and they make their first mistake. Now they’ve made their second mistake by sending it on to you.

Because you get an email from someone familiar, it doesn’t mean that the communication should be trusted. If the person you know happened to open a nasty attachment on their computer, the first thing it would do is email itself to everyone in their address book, you included. If you really want to open it, ask them if they sent it to you. Once again if you are expecting say, a picture from person A. Then 2 mins later you get a picture from person A. I'd trust it.

The one thing that scares me the most about Emails are forwards. It doesn’t take much for a person to unintentionally email a virus to their entire address book. A forward is just a bunch of people sending unknown files back and forth to each other via email.

3rd Party Applications

Windows isn't the only thing you have to keep updated. 3rd party applications are applications that don't come preinstalled with Windows (They might have come with your computer but they wouldn't normally be included on a clean install of Windows). They also have security vulnerabilities. What makes them dangerous as most people don't realize they have to keep them up to date. Some applications prompt the user to update them, but the user often ignores it. Let's take Flash for example. Flash is one thing on a website you never notice until it's not there. It's the software which makes websites flashy, with animations and such. Yes, “bad guys” can even take advantage of that. The bad part is flash automatically loads on most websites. Let’s say you have an older version of Flash, it has a security vulnerability, and you stumble onto a website that has a malicious Flash running on it. You would be infected on the spot. Even if you have all your Windows Updates installed.

There is an application available called Secunia. It is free for non-corporate users at http://secunia.com . It informs you when you have 3rd party applications on your computer which are a security risk. I use it and it works great.

Pop-up Ads

This is a really important security risk. This is the #1 way most people get their computers infected with malware. ‘Back in the old days’, popup ads would just try to annoy you. Now they try to trick you. While you are browsing the net a big popup will fill your screen and tell you that you are infected!! That it found X number of viruses and that you need to "Click here" to get rid of them. First… STOP! At this point you are not infected with anything. It is trying to make you think you are. Take a moment to think about what you are looking at. Does this "you are infected" message have anything to do with Norton, or whatever antivirus you are currently using? If you click the ad, it might bring up a box asking you if you want to run a file ending in .exe. This is an executable file that can run code on your machine. At this point, you are still not infected. NEVER run an executable file you did not ask for. Once you click run and the file installs on your computer, now you are really are infected.

Some people may say, “Well, shouldn't my antivirus protect me?” It should but that doesn't mean it can. No amount of security can protect a user from his/her own stupidity.

If you ever see "That" type of ad while browsing the internet do the following

1) Right Click on the taskbar (the bar on the bottom of the screen)

2) Left click on "Task Manager" (or Start task manger)

3) Left click on the "processes tab" on the top of the screen.

4) Click on the column "Image name" (by click I mean click on the actual name) doing so will alphabetize the names of running processes from A to Z or Z to A.

5) Located the name of the browser you were running. If you were currently inside Internet explorer look for ones called iexplore.exe. If you were currently in firefox look for one called Firefox.exe.

6) Once you've located them left click on them so they become highlighted

7) Left click on the end process button in the bottom right of the task manger. It will ask you if you are sure you want to end the process, choose end process.

At this point your web browser will be forced to shut down. As soon as you it shut down you can open it back up again like you normally do. I know these steps sounds like a hassle, but this is the only way to make SURE you don't becoming infected when coming in contact with that type of malicious advertisement.

Stay Safe.zip

[Jan Veteran]

Good guide!

[TemperingPick]

Awesome guide. Just one thing though, on the top where it says "I created this guide for my customers, to educate them on the importance of backing up. It?s written and geared toward the novice user. Feel free to distribute. A PDF is located at the bottom of the page." Should it not be something like "importance of staying safe online"?

[+Warwagon MVC]

Awesome guide. Just one thing though, on the top where it says "I created this guide for my customers, to educate them on the importance of backing up. It’s written and geared toward the novice user. Feel free to distribute. A PDF is located at the bottom of the page." Should it not be something like "importance of staying safe online"?

Good catch, I copied and pasted it from my other guide, forgot to change a few words. All fixed now :)