03 secure the computer

Editor's Notes

• #2: Welcome! This lesson will highlight the common mistake and misconception on how we secure our computer against potential attackers from malicious attackers. Most of us feel that we are in state of security due to we have password and antivirus software. However, we are not secure as we think. Actually we are so vulnerable to be compromised by malicious attackers. By completing this lesson, we will be equipped with the defensive techniques to secure our computer. It is expected to get ready with the following requirement before commencing the lesson: Turn on the computer and ensure internet access is available Identify the operating system (OS type, version, service pack) e.g. Windows XP SP3 make sure the antivirus is turn on Now, let secure the computer!
• #3: In the digital world era, we ought to have some degree of engagement in the digital world. Inevitably we have digital identity, digital data and online accounts that need to be secured from online dangers. Sad but true, not everyone is serious about security. The notion of ‘no one wants to hack us’ is completely untrue in the midst of cyber criminals monetize their malicious activities in multibillion dollars underground economy. Username and password of online account, personal details and banking information can be sold in underground market. Believe it or not. Let us think likes hackers in order to understand the common security vulnerabilities in our computers. Think likes hackers and not like typical computers users. Hackers target the vulnerable computers and they do not bother who we are – high social status, top position or highly educated. The threats are real! To kick start our brains, it is recommended to have quick glance on what is operating system and Microsoft Operating System products. To know about operating system, please check the following website List of Operating System - http://en.wikipedia.org/wiki/List_of_operating_systems Operating System - http://en.wikipedia.org/wiki/Operating_system Windows Operating System - http://en.wikipedia.org/wiki/Windows To look out Microsoft Windows products, please check the following website Windows XP - http://windows.microsoft.com/en-US/windows/products/windows-xp Windows Vista - http://windows.microsoft.com/en-US/windows-vista/products/home Windows 7 - http://windows.microsoft.com/en-US/windows7/products/home
• #4: Once we completed this lesson, we will be able to understand the common threat vectors from the hackers’ perspective to configure the computer safely from the users’ perspective Remember that there are two perspectives towards computer security stance Users’ Perspective Most users are more focused on how to use computer to do their daily tasks but not so much about their security Hackers’ Perspective Hackers are constantly finding for the weakness of each components to ensure the success of malicious attack
• #5: In this lesson, we will learn 10 basic step for protecting our computers from possible attacks by malicious attackers as well as our common mistakes and perception about computer security i.e. configuring user account at Windows Logon setting the strong password ensuring up to date signature update in Antivirus Software securing Operating System patching up the Application managing Patches Update managing secure Internet Access handling Networking Devices (wireless keyboard, web cam) handling External Devices (USB thumb drive, CD/DVD, external HD) ensuring safe Online Surfing By following these 10 basic steps for protecting our computers, we minimize our risks to be potential target of malicious attackers.
• #6: Secure the Computer #1 - Windows Logon The first and foremost in protecting our computers, we need to configure three important settings in our operating system i.e. logon screen screen saver user management To setting up this windows logon, please refer to this control panel menu user account menu - Control Panel\User Accounts select the submenu - Change your account picture - Add or remove user accounts - Change your Windows password
• #7: The importance of logon screen at Windows start up is very critical! We can categorize the computer users into administrator - this user account allows super-user privilege i.e. install, remove, delete, modify owner - this user account only read, write but not super-user privilege guest - this user account has limited privilege compared to owner and administrator Bear in mind that we do not guest user to access our data except only us to have that privilege on our computer allow unauthorized installation, uninstallation or delete from our computer unauthorised access to our computer with our permission
• #8: In the event of unattended computer, we do not want other people can easily access our computer without our permission. Therefore it is recommended to have password-protected screen saver. We can leave our computer with peace of mind. Commonly we have two main reasons to do this settings to protect our data from theft, tampering no malicious software being installed by someone who access our computer with permission Remember just press Ctrl, Alt and Delete buttons simultaneously to lock the screen.
• #9: If our computers do not have password protected at windows logon and screen saver, malicious attackers can easily access our computer. Our precious data inside the computer has potential value from the eye of malicious attackers. It can be categorized into work related information personal related information Do secure our data!
• #10: Let assume that malicious attacker access our computer, he/she will able to install software keylogger to logs all our keystroke on the keyboard. The Keylogger allows you to secretly track all activities from all computer users and automatically receive logs to a desire e-mail. Keylogger can be categorized into software-based keylogger hardware-based keylogger For further information, please refer to this link Keylogging - http://en.wikipedia.org/wiki/Keystroke_logging Hardware keylogger - http://en.wikipedia.org/wiki/Hardware_keylogger
• #11: To manage user accounts that have been created, please refer to control panel menu user account menu - Control Panel\User Accounts select the submenu - Change your account picture (personalization preferences) - Add or remove user accounts (to add or remove different users) - Change your Windows password (to create different password for each account) Refresher note administrator - this user account allows super-user privilege i.e. install, remove, delete, modify owner - this user account only read, write but not super-user privilege guest - this user account has limited privilege compared to owner and administrator
• #12: Secure the Computer #2 - Password Now we continue with second defensive technique i.e. managing our passwords. Generally there are two kinds of password protection operating system-based password e.g. windows logon based on user account file-based password - password-protected PDF document online account password - Gmail account It is vital for us to know on how we manage these types of passwords in order to secure our accounts and personal data. Questions: 1) How many accounts that we have at the moment? 2) Do we know how strong our password’ strength? 3) Do we manage our account properly? In general, we, sometime, believe that we already secured since we have a password. Think again!
• #13: Let examine our password’s strength. The strength of a password depends on the different types of characters that we use, the overall length of the password, and whether the password can be found in a dictionary. It should be 8 or more characters long. To check our password’s strength, please open up this website Microsoft’ s Password Checker - https://www.microsoft.com/security/pc-security/password-checker.aspx This password checker does not collect, store, or transmit information. The security of the passwords typed into this password checker is similar to the security of the password we enter when we log on to Windows. The password we enter is checked and validated on our computer. It is not sent over the Internet. For further references about managing password, please refer to these websites Create Strong Password - http://www.microsoft.com/security/online-privacy/passwords-create.aspx Change Your Windows Password - http://windows.microsoft.com/en-US/windows7/Change-your-Windows-password
• #14: IMPORTANT MESSAGE – Do not use the same username and password for all accounts! Why? The malicious attackers are always use three types of password attacks: password guessing - to guess the password based on common password, target info password cracking - to use password hacking tool to crack the algorithm based on system specs pass-the-hash - to use OS hashing information to crack the algorithm In this case, if one of our account has been compromised (e.g. Gmail account), malicious attacker would probably to guess other popular account by using the same username and password. It’s very dangerous indeed.
• #15: There are many information on the internet on how to secure our password Google - https://accounts.google.com/PasswordHelp Facebook - http://www.facebook.com/pages/Password-strength/110289669021489 LifeHacker - http://lifehacker.com/5445101/your-passwords-arent-as-secure-as-you-think-heres-how-to-fix-that Do read them!
• #16: If we do not care about our password, there is always someone do care i.e. malicious attackers! Avoid the same mistake. To learn more on hackable password, please refer to this infographic- http://dailyinfographic.com/top-hackable-passwords-infographic
• #17: Secure the Computer #3 - Antivirus Software It is BIG mistake to assume that we are secure because of we have antivirus software installed in our computer. Are we sure? Lets examine these three scenarios: our antivirus software has outdated virus signature our antivirus software has been corrupted by smart malware to turn of f antivirus software from running properly our antivirus software has limited security protection coverage to secure from other source of potential attacks It is recommended to change our mindset and perception about antivirus. For further references about antivirus, please refer to these websites Antivirus Software - http://en.wikipedia.org/wiki/Antivirus_software List of Antivirus Software - http://en.wikipedia.org/wiki/List_of_antivirus_software List of Computer Viruses - http://en.wikipedia.org/wiki/List_of_computer_viruses
• #18: In general, there are three types of antivirus software free edition antivirus software - limited protection coverage and basically trial use but no time limits or expiry date on this free edition antivirus. commercial edition antivirus software - to scan, remove and protect with comprehensive coverage and usually with extra functionality compared to free edition antivirus software online scanner edition - to scan the computers from remote server and no virus removal Another note, do not assume that the virus attack only happen in Windows platform! There is virus attacks on other platforms such as Linux, Mac OS X as well as mobile phones.
• #19: To choose the right antivirus software, we need to consider which antivirus would suit for our needs and not because of it is free! The following consideration factors might help us to choose the right antivirus software: operating system - Windows. Mac OS X, Linux or mobile OS antivirus protection - file antivirus, web antivirus, email antivirus, social network antivirus etc memory use - how much antivirus memory use utilization to perform its functions computer performance – does antivirus affect overall performance? To know more about antivirus comparison, please visit these websites: Antivirus Ranking - http://anti-virus-software-review.toptenreviews.com/ Best Antivirus for 2012 - http://www.pcmag.com/article2/0,2817,2372364,00.asp Antivirus Performance Tests - http://www.antivirusware.com/testing/performance/ Choose wisely!
• #20: It is advisable to scan our computer by using third party antivirus and not antivirus that we installed inside our computer. Why? Maybe our antivirus have been ‘malfunctioned’ due to outdated virus signature or corrupted by newest antivirus . Therefore when we scan our computer, the result shows 0 infections. Lets try these online scanners to double check on virus infection inside our computer. There are numbers of online scanners on the internet: BitDefender - http://www.bitdefender.com/scanner/online/free.html ESET - http://www.eset.com/us/online-scanner/ Kaspersky Lab - http://www.kaspersky.com/virusscanner TrendMicro - http://housecall.trendmicro.com/ F-Secure - http://www.f-secure.com/en/web/labs_global/removal/online-scanner Avast - http://onlinescan.avast.com/
• #21: Windows operating system (Windows XP, Vista and Windows 7) provides the security dashboard in order to ensure the our computer is in the state of good security protection. Windows Security Center indicates four different security setting need to be alerted by computer users Firewall - choose Windows Firewall or antivirus firewall Automatic Updating - to update newest patches from Microsoft Update Malware Protection - to update newest virus signatures Other Security Settings - to configure internet security settings and user account control To open Windows Security Center, click Windows Start > Control Panel > Security > Check this computer’s security status Make sure that it’s all green in all settings (Firewall, Automatic Updating, Malware Protection and Other Settings).
• #22: It is important for us to ensure our virus signature to be updated. Every new virus creation, the antivirus developer need to identify these viruses by creating virus signature. These virus signatures need to be updated in local database of our antivirus software so that we can be protected against these newest viruses . No point having antivirus with outdated virus signature. Please update virus signature, now!
• #23: Secure the Computer #4 - Operating System Most of Windows users has one of these three major Windows operating system i.e. Windows XP - http://en.wikipedia.org/wiki/Windows_XP Windows Vista - http://en.wikipedia.org/wiki/Windows_vista Windows 7 - http://en.wikipedia.org/wiki/Windows_7 Depending on these operating system, we need to secure our operating system in term of service pack installation validate genuine product for Windows operation system and Microsoft Office searching out Microsoft support for technical security and operational references To learn more about Windows operating systems Windows XP - http://windows.microsoft.com/en-MY/windows/help/windows-xp Windows Vista - http://windows.microsoft.com/en-MY/windows-vista/help Windows 7 - http://windows.microsoft.com/en-MY/windows7/help
• #24: Service Pack Center includes three major release of Windows operating systems i.e. Windows XP (has three service packs i.e. SP1, SP2 and SP3) Windows XP Service Pack 3 (SP3) is an important update that includes previously released security, performance, and stability updates for Windows XP. Windows Vista (has two service packs i.e. SP1 and SP2) Windows Vista Service Pack 2 (SP2) includes support for new types of hardware and emerging hardware standards and includes all of the updates that have been released since SP1. Windows 7 (has only one service pack i.e. SP1) Windows 7 Service Pack 1 (SP1) is an important update that includes previously released security, performance, and stability updates for Windows 7. Installing SP1 helps keep Windows 7 up to date. To know more about Windows service center, please refer to these websites Service Pack Center - http://windows.microsoft.com/en-MY/windows/downloads/service-packs Windows XP (SP3) - http://windows.microsoft.com/en-MY/windows/help/learn-how-to-install-windows-xp-service-pack-3-sp3 Windows Vista (SP2) - http://windows.microsoft.com/en-MY/windows-vista/Learn-how-to-install-Windows-Vista-Service-Pack-2-SP2 Windows 7 (SP1) - http://windows.microsoft.com/en-MY/windows7/learn-how-to-install-windows-7-service-pack-1-sp1
• #25: Genuine Windows is published by Microsoft, properly licensed, and supported. With genuine Windows you get access to support, updates, and downloads to help to get the most from our PC. Whereas, Genuine Microsoft Office provides unique value, ongoing updates, and enhancements from Microsoft that counterfeit versions of Office do not. To start validation of Genuine Windows and Office, please visit this website - http://www.microsoft.com/genuine/validate/ To learn more about Microsoft genuine products, please visit these websites: Genuine Windows - http://windows.microsoft.com/en-us/windows/genuine Genuine Office - http://office.microsoft.com/en-us/products/benefits-of-genuine-office-HA010205597.aspx Windows Genuine Advantage - http://en.wikipedia.org/wiki/Windows_Genuine_Advantage What to look for - http://www.microsoft.com/en-us/howtotell/Software.aspx#Packaging How to report - https://www.microsoft.com/en-us/howtotell/cfr/Report.aspx
• #26: Microsoft Fixit Center Automatically diagnose and repair common software problems in Windows, Internet Explorer or other Microsoft products with Microsoft Fix it solutions. Microsoft Fix it Center makes getting support easier than ever because automatic troubleshooters solve the issues we have now and prevent new ones. To diagnose and repair by using Microsoft Fixit, please visit this website - (http://support.microsoft.com/fixit/)
• #27: Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it's no longer supported or sold. Knowing key dates in this lifecycle helps us make informed decisions about when to upgrade or make other changes to our software. End of sales refers to the date when a particular version of Windows is no longer shipped to retailers or Original Equipment Manufacturers (OEMs). Examples of OEMS are Dell and Toshiba - PC manufacturers who often preinstall Windows software. When a version of Windows reaches its end of sales date, it's a good time to think about upgrading. (Windows XP - June 30, 2008 , Windows Vista - October 22, 2010 , Windows 7 - To be determined ) End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance. Without Microsoft support, we will no longer receive security updates that can help protect our PC from harmful viruses, spyware, and other malicious software that can steal our personal information. (Windows XP - April 14, 2009, Windows Vista - April 10, 2012 , Windows 7 - To be determined ) To explore about Microsoft Support and Lifecycle Information, please visit these website Microsoft Support - http://support.microsoft.com/ Microsoft Lifecycle Information - http://support.microsoft.com/gp/lifeselect
• #28: Secure the Computer #5 - Application In order to perform specific functions such as word processing, spreadsheet or other tasks, we need to install the appropriate application software based on operating systems. For instance, if we need to develop presentation slide, we need to install Microsoft PowerPoint (Windows OS) or Keynote (Mac OS X). These applications are not just office-related tasks but it also include utility software, gaming, social networking application as well. These application could be purchased from retail store or online store. However some of us would prefer to use illegal application software in order to use these application. Morally, it’s wrong and unethical to do such behaviour. To learn about application software, please visit these websites Computer Software - http://en.wikipedia.org/wiki/Computer_software Application Software - http://en.wikipedia.org/wiki/Application_software Utility Software - http://en.wikipedia.org/wiki/Utility_software
• #29: To purchase the application software, there are many online store on the internet that sells these application. The lists are as follows: Microsoft Store Online - http://www.microsoftstore.com/store/msstore/en_US/home Mac App Store - http://www.apple.com/mac/app-store/ Android Market - https://market.android.com/ Chrome Web Store - https://chrome.google.com/webstore/category/home Windows Phone Market Place - http://www.windowsphone.com/en-US/marketplace Blackberry App World - http://us.blackberry.com/apps-software/appworld/ Buy the original application software to get continuous support and other updates from software developer.
• #30: Software cracking is the modification of application software to remove or disable features which are considered undesirable by the computer user cracking the software, usually related to copyright protection, trial/demo version, serial number, hardware key, date checks. Therefore the computer users will enjoy the full benefit as if they purchased the software application. However most of cracked software applications are bundled with malicious code in the installation files. Watch out!
• #31: The rogue security software may then attempt to entice the user into purchasing a service or additional software by: Alerting the user with the fake or simulated detection of malware Displaying an animation simulating a system crash and reboot Prevent anti-malware programs from running, disable automatic updates and block access websites of anti-malware vendors. To learn more about rogue antivirus, please refer to these websites; Rogue antispyware - http://en.wikipedia.org/wiki/Rogue_AntiSpyware Rogue Security Software - http://en.wikipedia.org/wiki/Rogue_security_software Microsoft Rogue Security Software & Fake Virus Alert - http://www.microsoft.com/security/pc-security/antivirus-rogue.aspx
• #32: Potentially Unwanted Application (PUA) is a term used to describe applications that, while not malicious, are generally considered unsuitable for business networks. The major PUA classifications are: adware - http://en.wikipedia.org/wiki/Adware dialer - http://en.wikipedia.org/wiki/Dialer non-malicious spyware - http://en.wikipedia.org/wiki/Spyware remote administration tools hacking tools Important advice: Potentially Unwanted Program may be bundled with other free software during installation file. Be caution when installing free software and please read before do any click when installing the software.
• #33: Secure the Computer #6 - Patches Updates A patch is a piece of software designed to fix problems with, or update a application software or its supporting data. This includes fixing security flaws and other bugs and improving the usability and performance. There are three types of patch updates operating system (service packs and patch updates) Microsoft products (windows update) Non Microsoft products (third party update) Let examine on how to update these patches on our computer.
• #34: Microsoft Download Center is one stop center to download all Microsoft products ranging from computer and games to mobile phone. These downloads can be categorized into compatibility and converters service packs security updated and tools clip arts and templates drivers extension IT professional resources developer resources Take time to explore the Microsoft Download Center.
• #35: Let check our computer. Open Windows Update windows - Control Panel\Security\Windows Update and update any updates if available To learn more about Windows updates, please refer to these websites: Windows Updates - http://en.wikipedia.org/wiki/Windows_Update
• #36: Bear in mind that Microsoft updates their products only by using Windows Update. In our computers, there are also third-party application software which is non Microsoft products. Therefore, we leave non Microsoft products in unpatched status. Therefore, it is recommended to install Secunia Personal Software Inspector (Secunia PSI). The Secunia PSI program allows users to view any out of date programs installed on a user's computer. It also allows the user to quickly and easily upgrade to new and secure versions of applications installed on a computer. To download Secunia PSI, please refer to this website http://secunia.com/vulnerability_scanning/personal/ Have a time to scan unpatched application software and update them.
• #37: Secure the Computer #7 - Internet Access Previously we’ve learnt on how to protect our computers by applying these security configurations activating Windows Firewall installing antivirus software with up-to-date virus signature updating service packs, patches updates managing user accounts with strong passwords The next lesson, we will learn on how to surf the internet by knowing the safe location for access internet whether wired network, wireless network or other people’s computer.
• #38: If we access the internet via wired network such as office network by using our computer, the odds to be compromised are relatively low due to office networks are well-maintained with network security defensive devices implemented within network perimeter managed by IT professional and security professional Therefore we are not susceptible to possible attacks from the internet such as web application attacks, virus and malware and remote code execution.
• #39: If we access internet via wireless network (public hotspots or any organisation hotspots), the odds to be compromised are relatively high due to wireless networks suffer from many flaws such as no encryption & weak encryption being used to encrypt wireless data spoofed wireless access points employed by wireless attacker to trick the wireless users It is recommended that we do not login any online accounts while using wireless networks do not perform any financial transaction Watch out when we at wireless hotspots!
• #40: Secure the Computer #8 - Networking Devices Another potential threats are wireless keyboard and webcam devices. These devices could be hacked by malicious attackers. To illustrate the security impacts on these devices when we type using wireless keyboard, every keystroke will be send wirelessly to the computer and these wireless data can be intercepted by malicious attackers. Consequently, our data can be reconstructed by using packet analyzer. Just imagine if we log on the online account, the malicious attacker will obtain our account credentials. malicious attacker could turn on our webcam remotely without our permission or consent and it’s just we have been exposed to internet visually. OMG! Question: Do we have wireless keyboard or webcam?
• #41: The team of Dreamlab Technologies has hacked two wireless keyboards from Microsoft. Dreamlab warns that it is possible to “sniff” the keyboard strokes that are made. What this means is that it is possible to capture and decrypt keystrokes, meaning that user names, passwords, bank details or confidential correspondence can be very easily copied. To know more about wireless Microsoft keyboard, please visit this website - https://www.dreamlab.net/files/articles/27_Mhz_keyboard_insecurities.pdf
• #42: An antivirus company, Sophos has warned computer users about a worm that has the capability to use webcams to spy on them in their home or workplace. The W32/Rbot-GR worm (also known as the "Peeping Tom" worm) spreads via network shares, exploiting a number of Microsoft security vulnerabilities, installing a backdoor Trojan horse as it travels. Once installed on an infected computer remote malicious attacker can easily gain access to the information on the PC's hard drive and steal passwords, as well as turn on webcam to spy on them. Dangerous, hah?
• #43: Secure the Computer #9 - External Devices Malicious software including virus can spread through external devices i.e. thumb drives, external hardisk and CD/DVD. Most of us are do not scan these devices when we plug in to our computers. Depending on our antivirus features, we ought to scan these devices before using them. Please ensure that antivirus software’s virus signature is up-to-date!
• #44: The main purpose of Autorun is to provide a software response to hardware actions that we start on a computer. During AutoPlay, the Autorun.inf file from the media is parsed. This file specifies which commands the system runs. If we enable the settings to disable AutoPlay, we can disable AutoPlay on a CD drive, on removable media drives, on all drives.  Because malicious code may be executed without our knowledge or consent, we may want to disable this feature for security concerns.
• #45: Secure the Computer #10 - Online Surfing To secure our online surfing experience, we need to ensure the following steps securing our web browser by updating the newest version web browser do not visiting at malicious website beware of phishing website Please open Windows Security Center, click Windows Start > Control Panel > Security > Check this computer’s security status - make sure all green! Refresher: Windows Security Center indicates four different security setting need to be alerted by computer users Firewall - choose Windows Firewall or antivirus firewall Automatic Updating - to update newest patches from Microsoft Update Malware Protection - to update newest virus signatures Other Security Settings - to configure internet security settings and user account control
• #46: Browser is our main interface to locate, retrieve and also display content on the world wide web (WWW) including web pages, images, video and other files. The browser is the client application run on a computer that contacts the Web server and requests information. The web server sends the information back to the Web browser which displays the results on the computer or other Internet-enabled device that supports a browser. It is recommended to update our browser to the newest version of browser in order to mitigate the web browser attacks by the malicious attacker. Please check the following website: Internet Explorer - http://windows.microsoft.com/en-MY/internet-explorer/products/ie/home Mozilla Firefox - http://www.mozilla.org/en-US/firefox/new/ Apple Safari - http://www.apple.com/safari/ Google Chrome - https://www.google.com/chrome Note: Some of web browsers have automatic update features. For sake of our own security, please verify our web browser is up-to-date version. For information about web browser, please refer to these websites What Browser? - http://www.whatbrowser.org/en/ Web Browser - http://en.wikipedia.org/wiki/Web_browser
• #47: To set preferences i.e. never save password no Autofill features open Preferences (Personal Stuff ) Menu - chrome://settings/personal choose ‘Never save password’ never choose ‘Enable Autofill to fill out web forms in a single click’
• #48: To clear all browsing history, download history, cache, cookies and Autofill, open Clear Browsing Data Menu - chrome://settings/clearBrowserData choose all items press ‘Clear Browsing Data’
• #49: Be aware that malicious software is often installed without our knowledge or permission when we visit these sites, and can include programs that delete data on our computer, steal personal information such as passwords and credit card numbers, or alter our search results. Two types of warning messages provided by Google Search Engine and Mozilla Firefox Google Warning Message The following warning message appears beneath the title of search results Google identified as sites that may install malicious software on our computer: "This site may harm your computer.“ If we click the title of the result, we'll be shown a page with the following warning message at the top rather than being taken immediately to the webpage in question:"Warning - visiting this web site may harm your computer!" Mozilla Firefox Warning Message Firefox 3 or later contains built-in Phishing and Malware Protection to help keep us safe online. These features will warn us when a page we visit has been reported as a Web Forgery of a legitimate site (sometimes called “phishing” pages) or as an Attack Site designed to harm your computer (otherwise known as malware). For more information on these types of sites, please visit this website - http://www.stopbadware.org/home/badware
• #50: Web Forgery (also known as “Phishing”) is a form of identity theft that occurs when a malicious Web site impersonates a legitimate one in order to trick us into giving up sensitive information such as passwords, account details, or credit card numbers. Phishing attacks usually come from email messages that attempt to lure us into updating our personal information on fake, but very real looking, Web sites. To know more about phishing, please visit these websites Phishing - http://en.wikipedia.org/wiki/Phishing Anti Phishing Working Group - http://www.antiphishing.org/
• #51: Get free security software against fast-moving, invisible threats, and hacked web sites. Download free AVG LinkScanner and get additional layer of security. AVG LinkScanner has two key features that protect us: Surf-Shield scans pages behind their links before we click on them. It does the same thing every time we enter a web address into your browser. If the page is infected, it simply prevents us from opening it. Search-Shield scans your Google, Yahoo! and Bing search results and places a safety rating next to each link, letting we know which sites can be trusted and which are to be avoided. To download AVG LinkScanner, please visit this website - http://linkscanner.avg.com/
• #52: In summary, we’ve learnt 10 basic step for protecting our computers from possible attacks by malicious attackers as well as our common mistakes and perception about computer security i.e. Windows Logon to set username and password for three types of users i.e. administrator account (super user) our account and guest account Password to verify the password’s strength and set the strong password based on the recommendation Antivirus Software to install the comprehensive protection antivirus and update virus signature Operating System to verify the genuine operating system software and office suite application, update service pack Application to identify the original application, cracked application, rogue application and potential unwanted application Patches Update to update Microsoft product and other application patches Internet Access to identify threats while accessing the internet in three scenarios (wired network, wireless network and other computer) Networking Devices to identify threats of networking devices: wireless keyboard, web cam External Devices to identify threats of external devices: USB thumb drive, CD/DVD, external HD Online Surfing to identify threats in web browser and malicious website Act Now! Secure the computer.
• #53: To learn and not to do is time-wasting effort! Please ensure the security state of computers i.e. netbook, laptop and desktop are in the good shape by following ten basic steps of protection our computers that we have learnt in this lessons. Action Items (Security Checklist) Windows Logon Password Antivirus Software Operating System Application Patches Update Internet Access Networking Devices External Devices Online Surfing