trojanSeveral people have asked me about the most recent variations on old, old themes. Email warnings about dangerous messages, like the one on the right. Newspaper articles about the latest virus.

Nothing is new. The latest threats are the same as the old threats. Let’s go through the basics of PC security in 2009.

  • Install updates from Microsoft promptly. (Look for the gold shield in the lower right corner. If you use Windows Live OneCare, keep the icon green.)
  • Install antivirus software and keep it up to date.
    • If you’re running Vista, you have adware/spyware protection.
    • If ypu’re running Windows XP, make sure your security software includes adware/spyware protection, or install Windows Defender.
  • Antivirus software will not always protect you against malware if you click OK at the wrong time. Read and think before you click OK.
  • Don’t click on links to web sites unless you know exactly where you’re going.
    • Follow links with carefree abandon to and from legitimate sites, but don’t click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site.
    • Don’t click on links in email messages unless you deeply trust the judgment of the person who sent the message.
    • Don’t click on links in forwarded messages.
  • Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.
  • The bad guys are liars. They will say anything to get past your defenses, without conscience or remorse.

The most prevalent malware does not arrive as an email attachment. Instead, it’s a link to a malicious web site – it’s the web site that attempts to install the malware or tries to fool you into installing it. The email about “Obama acceptance speech” doesn’t have an attachment, it has a link to a malicious web site that puts up a phony windows about installing an “update to Flash.” A few months ago, it was phony CNN headlines. Next month it will be something else.

And one more thing if you’re considering a new computer. Vista users are far more secure than Windows XP users; the security improvements are built deep in the operating system and go far beyond what XP can provide. I can understand the desire to stick with Windows XP, hoping for a familiar and unchanging place to work. Unfortunately, it’s not possible to obtain that. There is no stable, unchanging place in computing, no matter how much you try – not on a PC, not on a Mac. It’s unfortunate, it’s upsetting, it’s frustrating, but security has to take precedence over just about everything else when we use a computer.

Be careful out there!