368 High St. W., Moose Jaw. Phone: 306.692.8322

Safe Surfing Part 2: 10 Commandments of Web Surfing

Posted Fri, 01/15/2010 - 10:00 by Technician

By now I hope our readers are beginning to understand that while professional security products do a respectable job of keeping our systems safe, there is no single, perfect solution to keeping your computer clean. The best way to keep yourself safe is to practice safe computing habits. So bookmark this page as these 10 Commandments of Web Surfing will save you from a lot of heartache some day.

  1. Don’t download software from unknown or untrusted companies or websites. If you haven’t heard of them or they don’t come recommended by a trusted IT professional, don’t install it. Also, if you don’t need it, don’t install it. No one needs hundreds of custom smilies for their MSN.
  2. NEVER NEVER NEVER click on a link in an email. I can’t emphasize this enough. I don’t care if it came from your lovely mother (I love my mother too!!), DO NOT do it. Email links can be formatted to hide very sinister things – it’s best to avoid the issue altogether. My refusal to click in links in emails has kept my home network safe while others get infected.
  3. Use secure passwords for your online accounts.
  4. Disable Java Scripting in your browser. This is a tough one for most people because many websites – including Facebook – use java scripting to run their fancy new look. If you use Firefox, install a plugin called “NoScript” (website) – it allows you to enable Java on a per site basis, leaving you in control of who runs code on your machine.
  5. Avoid giving out personal information when possible. If you want access to a website that requires registration, use fake information. For sites that require an account that you're only interested in visiting once, use 10 Minute Mail.com, a free ten minute email service that works great.
  6. Don't save your passwords using cookies or in your browser! A while back I got a call from a family member who sent her laptop in for repairs. She called to ask if she should be concerned about the fact that her online banking information was stored on her system. I told her that it all depends on who has access to that information and that since we can't trust that it'll remain safe, it’s probably prudent for her to change her account password right away. At least her old password no longer works.
  7. Don't Bank or participate in eCommerce on sites that lack a trusted site cerificate. A site cerificate is a "digital stamp" intended to verify that the website you're connecting to is indeed owned and operated by who they claim to be. Stay tuned as I'll be writing a more detailed post on site certificates in the weeks ahead.
  8. Turn on Automatic Updates on your computer. The second Tuesday of every month is Mircosoft’s “Patch Tuesday” – when they release security updates for issues discovered over the last month. At the risk of sounding rude… not keeping up to date with Windows update is asking to get infected. Read this article to learn more.
  9. Use your browser's plug-in system and install an ad blocking solution. For example, Firefox users should install Adblock Plus, a free ad blocking solution that's saved me from having to look at more garbage than I'll ever know!
  10. Finally, submit suspicious files (such as those email attachments we shouldn't be opening) to Virus Total.com. Virus Total is a free service provided by Hispasec Sistemas that allows users to upload files for inspection by over 40 modern, up-to-date antivirus products. If even one of the antivirus products show an infection it's highly reccomended that you rethink openning the file in question.

If in the course of surfing the Net you clicked "yes" to something you shouldn’t have and it installed something bad – it’s not the fault of your antivirus product! Think about what you're saying "yes" to before committing to a mouse click. Take the time to learn these habits, those who have can tell you... they are infected far less often and less seriously.

Sven Thomas
Network Specialist
E-Z-TECH Computers Inc.