These are the rules for being safe using a Windows computer in 2013.
The bad guys are getting smarter and more devious – their spelling and grammar has improved and they have gotten better at creating messages that are indistinguishable from real messages from your bank, the IRS, UPS, Microsoft, or, well, anyone.
Pass this article on to your friends, like it on Facebook, send it to your parents, post it on telephone poles! Let’s stay safe this year.
If a web site brings something up on your screen that might be malware, turn your computer off with the power button. Get your hands off the mouse and do not click on “OK,” “Cancel,” or the X in the upper right corner! Anything that you click might lower the defenses on the computer and install malware.
Antivirus software will not protect you against malware if you click OK at the wrong time. Use your common sense. Read and think before you click OK.
Don’t click on links to web sites unless you know exactly where you’re going. Almost all malware starts from a link to a poisoned web site.
- Follow links to and from legitimate sites, but don’t click on links that arrive in spam e-mail, instant messages, or that start from an untrustworthy web site.
- Don’t click on links in email messages unless you deeply trust the judgment of the person who sent the message.
- Hover over links to make sure they lead where they appear.
- Don’t click on links in forwarded messages.
- Shortened links are frequently used in Twitter, Facebook, blogs, and social networking sites. You can’t tell where they lead by looking at them. Don’t follow them unless you trust the person who created the link.
- Just because something is listed in a Google search doesn’t mean it’s safe. Make a judgment about where you’re going before you click.
Choose passwords carefully. Your passwords are your defense against identity theft, financial loss, compromised computers, and breaches of confidentiality and privilege. If you use a weak password, or if you use the same password over and over every time something calls for one, you are jeopardizing yourself and your business.
- The best way to manage passwords: use LastPass to create and manage your online passwords. If you’re not already using LastPass, install it only if you are willing to spend time learning about the program and how it works.
- If you are a LastPass user, periodically run its Security Check and update any weak and duplicate passwords.
Install updates from Microsoft promptly. Look in the lower right corner for the update icon (Win8/Win7/Vista) or gold shield (WinXP).
Install updates to Acrobat, Adobe Reader, Flash, Java, and Quicktime promptly. Each will alert you from the lower right corner. Most malware in 2012 was installed by poisoned web sites exploiting an out-of-date version of one of these programs.
- The best way to keep up with updates: sign up for the Bruceb Remote Management service.
Uninstall Java. It’s under intense attack by the bad guys. If you need it to run some other program, be particularly careful to keep it up to date until this wave of attacks has run its course.
Install security software and keep it up to date. Home users and small businesses should use Microsoft Security Essentials. Windows 8 users can rely on the built-in security protection, Windows Defender.
Know the name of your security software. If you get a “security warning” that does not display the exact name of your security software, it is phony; if you click on anything, you will probably install malware.
Never, never, never open email attachments unless you know with 100% certainty that the attachment is something you expected and want to receive.
Back up your computers. Choose a backup strategy, understand how it works, and keep your backups up to date. Windows 8 users can use File History. Windows 7 users can use the built-in backup program to back up data on an external hard drive. Anyone can use an online backup program.
- The best way to be safely backed up: sign up for managed online backups with the Bruceb Cloud Backup service.
Keep your mobile devices secure. Smartphones and tablets are easily misplaced or stolen. Do not keep confidential or privileged information on a mobile device in an unprotected app.
Be careful out there!