Posted by Nikoletta Ventseslavova

Read if: you are tired of spam emails, viruses, Trojans and spyware and you definitely need a strategy to defend yourself from hackers’ and marketers’ attacks

Gain: useful know-how for secure browsing

The Web connects computers, tablets and smart phones. The Internet creates a parallel virtual world, where we share and receive information. With the proliferation of social networks like Facebook, Google and Twitter people make their personal details accessible to strangers and while they are obsessed with sharing data across portals, they don’t realize how harmful this may be. In fact, everything we do online – searching, browsing, shopping, e-mailing and video-watching – is as public as anything we do on Main Street in midday. For every click or keyboard entry there is a chance that our output to the webpage is logged by a keyboard logger. Every time we are downloading, there is a chance there is a keyboard logger installed secretly on our computer.

The most prevalent threats in the Web:

Viruses and Worms:  man-made programs that infect our files or programs. Viruses spread themselves by infecting other programs on the same computer. Worms spread automatically to other computers via email, over a network or via chats. Both of them can:

• Disable the infected device or computer
• Modify and delete files
• Reformat the hard disk
• Steal information from our computer and send virus-infected emails to all our contacts

Trojan Horses: one of the sneakiest internet risks. They are often downloaded on the back of a free program, game or music file. Trojans allow computers to be entered by any remote user that has the access code. Then the remote thief enters the infected computer undetected and can access or destroy any stored information. In addition Trojans can send any information from our computers to the invader, for example:

• Business data and customer information;
• Credit card details
• Passwords for web services (ISP, online bank accounts, etc.)
• Personal information (photos, information for family members, documents, etc.)
• Contacts, which may be used for spamming

Scareware: In the past two years scareware became a multi-million dollar scam business, also known as “fraudware”. Its purpose is to frighten people into purchasing and installing a deception software. The tactic is to display frightening screens of users’ computers being attacked and then the scareware claiming to be the solution for them. Scareware criminals access our credit cards, then they invade our computers to record our keystrokes and personal inforamation and sometimes they even take remote control of computers and use them as spam robot machines. The scareware products we should watch for are:

• SpySheriff
• Total Secure 2009
• XP Antivirus 2009
• Total Secure 2009
• AdwarePunisher
• SystemSoftware (Microsoft Blue Screen of Death)

Spyware: Statistics show that 90% of all computers have been infiltrated by spyware. This software is installed on our hard drives in order to transmit information about us via internet connection to a third party. There are two types: surveillance (monitoring spyware) and adware (advertising spyware). Spyware is often hidden in freeware, peer-to-peer or shareware programs and then it invisibly installs itself. It accesses sensitive personal  information ( like credit card information, passwords, emails,etc.); it also scans our browsing history and monitors our internet activity and transmits everything to the invader.

Rootkits: They enter our computers through spam attachments being opened, or are planted by crackers who have broken our computer defenses. Rootkits conceal the presence of malicious programs (viruses, spyware, Trojans and worms) and help the invaders access our system and control it without being detected.

Spam is not just unsolicited e-mail. Spammers obtain our email address and bombard us with promotions of pornography materials, sexual aids, diet pills or get-rich-quick schemes. Much of this spam has a malware code incorporated into it, which is triggered when we open the email. Spam is used to steal identities and for financial fraud.

Web Bugs are small image files, usually 1×1 pixel, hidden on a web page or in an HTML e-mail. This kind of malware is hidden from us and tells spammers when an e-mail has been opened; it informs marketers what advertisements and web pages we are interested in; bugs also transmit the IP addresses of the readers of a particular e-mail. Bugs also can discover key details about our system. Hackers like using them to gather information.

Pop-up and banner ads appear as separate windows on the top of webpages we are visiting and can be animated or stationary. Many of us would find them annoying, but do we know that they can be a serious threat as well? They can carry Trojans and spyware, which we activate by clicking on the ad. The malware is installed on our computer and a process known as “drive-by -download” starts. PcMag’s reviewers explain that this process: “reports information back to the vendor, drive-by downloads are deployed by exploiting flaws in the browser and operating system code. Of course, Internet Explorer and Windows are the primary targets.”

Cookies:  help websites collect information when a user visits them. The web server of the site we are visiting sends a cookie to our web browser, which is stored on our computer hard drive. Cookies represent small text files with information for each user. When we are browsing from one website to another, cookies track us. Usually they are used by advertisers to track our browsing and buying habits and to create profiles of clients for targeted marketing. Our privacy is threatened, because the information from one cookie can be shared and transmitted from multiple sites, without the knowledge of the user.

The top Internet scams, listed by the National Consumers League’s Fraud Center are:

Online Auctions: Misrepresented or undelivered goods

Fake Check Scams: Consumers used fake checks to pay for sold items, and asked to have the money wired back

Nigerian Money Offers: Deceptive promises of large sums of money, if consumers agreed to pay the transfer fee [ed: I love this site which scams the scammers http://www.419eater.com/ ...it's hilarious]

Website Cloning: Duplication of websites for criminal use; often cloned websites take the form of known chat rooms or trade sites so that people give them personal information or make fake purchases of products that do not actually exist.

Identity Thefts: Criminals get information through users’ computers and then set up fake bank accounts or take out loans in their name.

Cyber Stalking: criminals use the web to harass people just like detectives do in the real world.

Lotteries: Asking winners to pay before claiming their non-existent prize

Advance Fee Loans: Request a fee from consumers in exchange of promised personal loans

Phishing: Emails pretending to represent a credible source, ask consumers for their personal information (e.g. credit card number)

Prizes/Sweepstakes: Request a payment from consumers in order for them to claim their non-existent prize

Internet Access Services: Misrepresentation of the cost of Internet access and other services, which are often not provided

Investments: False promises of gains on investments

What are the rules we have to follow if we want to protect our privacy online?

Share your personal information only with trusted sites. The EEF (Electronic Frontier Foundation), an organization working to defend online privacy advises us to hide our personal details in suspicious websites and to use pseudonyms instead of real names. Also it is good to configure our browser’s settings from “Setup”, “Options” or “Preferences” menus and determine how much  information we share.

Turn on cookie notices in your Web browser, or use cookie management software: There are browsers that allow users control over cookies. For instance, Google Chrome gives us the opportunity to delete, block or allow cookies by default; or customize exceptions for cookies from specific websites or domains. Usually, the victims of online thieves are those who browse via Internet Explorer (because it is the most popular  browser). Thus,  a good idea here is to switch to browsers with additional security features and better cookie management like: Mozilla Firefox (Windows, Mac, Linux), Opera (Windows, Mac, Linux), and iCab (Mac). Read the article: The best browsers for PC for detailed information.

In addition, you can use cookie management software and services like :

• Internet Junkbuster Proxy:  http://www.junkbusters.com/ht/en/ijb.html ( it blocks cookies and banner ads)
• InterMute : http://www.intermute.com/ (blocks pop-ups, cookies and banner ads)
• GuideScope http://www.guidescope.com/home/ (works likewise for Linux, Solaris and Windows)

Create a temporary email address: When mailing to unknown, or suspicious parties, or posting to public spaces on the Web it is better to do it from an alternate email address (which does not include your real name and personal characteristics) to avoid the possibility of junk mailers who collect emails and add them to their list of targets.

Keep your cards close to your chest when communicating with strangers: Be wary of giving personal information to a person who is thousand miles away because we don’t know his/her real intentions.  Needless to say, information like: place of employment, phone number, address and full name should not be put on personal home pages and shared with everyone. A good tactic here is to maintain two personal home pages – a work-related one and an informal one. Be aware of the fact that in the business world there is a common online espionage (“social engineering”) which consists in befriending people online long enough to get insider information about companies.

Don’t reply to spam emails. Don’t take the sender up on whatever offer you receive;also, don’t follow any unsubscribe instructions given and don’t follow up links. Otherwise, you will confirm that you are a real person and your address will appear in no time on dozens more spammers’ lists. It is good to check your outgoing mail queue and make sure that the automatic “return receipt” setting is turned off. Also, you can contact your internet service provider (ISP) and ask the administrators to route a complaint to the ISP of the spammer.

There are also anti-spam services available like:

• Spam Hater:  http://www.cix.co.uk/~net-services/spam/spam_hater.htm for Windows users;
• BrightMail :  http://www.brightmail.com/ for ISPs;
• SpamCop : http://spamcop.net/ for anyone;

Use encryption: Spammers and scammers are looking for vulnerable systems, that’s why we have to defend our data against espionage, identity thefts and system crackers with encryption codes that are difficult or impossible to crack. Easy-to-use encryption software, which runs on almost all computers and integrates with most major e-mail software is Pretty Good Privacy: http://www.pgpi.org/;

Another option is to run all connections through “encrypted tunnels” with products like:

• FSecure SSH http://www.fsecure.com/products/ssh/
• SecureCRT http://www.vandyke.com/products/securecrt/

Mask your computer IP address: this allows you to browse anonymously through the Web. There are many proxy servers available for this purpose.

Install, update and regularly run security software (anti-virus, anti-malware and anti-spam)  and firewall software on your personal computer. Also, install software or applications on your mobile devices to track theft and protect yourself from viruses and malware. In order to help you decide which antivirus program to use, take a look at the PCMag test results for antivirus programs:

Finally, when you are on social networking sites like Facebook, be careful with the privacy settings and make it clear that you do not wish your information to be disclosed to any third party. Use different passwords for the different websites you visit and make them stronger by combining numbers and letters. Bear in mind that recently Facebook launched a new service, which allows members to monitor each other by sharing information about places in which they are in the course of movement. Isn’t this a massive attack on our personal space?

Read also:

Hard disk crashes – prevention and cure

Time to switch? Google+ vs. Facebook

Cloud computers products review

The best browser for our computer

What to choose a Tablet or a Laptop