According to the Webopedia, a virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. All computer viruses are created by people and most can replicate themselves. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring your system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. To protect yourself from viruses on the Internet, don’t download files from sources that may not be safe. Viruses are usually hidden in programs and activated when the programs run. They also can be attached to certain other types of executable files, such as special-action Web files and video files. Generally, when you’re about to download a type of file that could contain a virus, your browser will display a warning and ask whether you want to open the file or save it to disk. If you’re confident that the file comes from a trustworthy source, you may want to save it. If you’re not sure, you may want to cancel your download. However, rather than practicing “download abstinence”, you might continue and have a protected transaction by using an antivirus program which automatically scans all incoming (and usually outgoing) files for known viruses. Most schools and other organizations typically work very hard to make certain that you have anti-virus software running on your computer. The reason for this is that any one person in an organization can put the entire group’s network, and computers attached to that network, at risk with just one virus.
If you don’t have antivirus software loaded on your computer either at work or at home, you should get it right away. You might check out and use one of the following as starters:
Similar to adware or spyware, installing antivirus software alone is not enough. You need to make sure that the software updates itself at least once per day if not more. Without the latest virus definitions, you could be infected by a new virus not yet recognized by your antivirus software. At work, I use McAfee which is provided by my employer. At home, I use AVG antivirus since it works well and is free of charge. Both of these program (as do the others I mention above) have automatic update features.
Macro Viruses
According to Whatis.com, a macro virus is a computer virus that "infects" a Microsoft Word™ or similar application and causes a sequence of actions to be performed automatically when the application is started or something else triggers it. Macro viruses tend to be surprising but relatively harmless. A typical effect is the undesired insertion of some comic text at certain points when writing a line. A macro virus is often spread as an e-mail virus. A well-known example in March, 1999 was the Melissa virus. Current versions of Microsoft Word™ and Excel warn you about embedded macros as you first open a file. If you are sure that an embedded macro is benevolent, enable them. If not, click “disable macros.”
Trojan Horses
(By the way ... I know, I know, there is a difference among a virus, worm, and a trojan horse .... although, why complicate things, they are all our virtual enemies).
A Trojan Horse program, like the legendary wooden creature after which it is named, offers you some apparent benefit (such as a pretty screen saver), encouraging you to install it and run it. After it gains your trust, it then has access to your machine to do whatever else it likes in the background. As an example, in December, 1997, two students wrote a software product that allowed users to customize their Internet software. It appeared to work as advertised, but also secretly e-mailed the user’s password to the students. This action went undetected until March of 1998, when the students themselves revealed it to the press to demonstrate the security risks faced by Internet users. Trojan horses are another good reason to invest in an effective antivirus program.
Unfortunately, antivirus programs alone are insufficient for reducing your risk of becoming victim to a trojan horse program. One SchoolCounselor.com eNewsletter reader, Erik Dial, M.S. a counselor from Milwaukee, Wisconsin, turned me on to a program that protects against trojans and more called Ewido Security Suite. I now run it along with my other security software, seems to work very well (Click here to read an extensive review of this program). This setup of contains the free as well as the plus-version ($29.95) of the ewido security suite. After the installation, a free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times. The purchased license code of the plus version can be entered at any time. The free version does not provide the realtime protection or automatic updates although you can certainly update manually and conduct periodic scans with the remaining free version.
Cookies
A cookie is a small amount of information stored on your computer by a Web site that you have visited. The cookie typically includes information that your Web browser sends back to the site whenever you visit it again such as your password for the site or a customized view of the site that you have chosen. The reason that cookies are designed and planted on your computer is so that your browsing experience is more personal and simplified. For instance, cookies will help you bypass a site’s password logon procedures because your password is simply entered from within your cookie. Then, you might receive a hearty and personalized welcome message. More intricate cookies keep track of the type of links you follow within a site, how much time you spend there, and what you do there (e.g., download a file) so that the site owners may begin to develop a profile for you that allows them to target new information that your profile indicates would probably be of interest to you.
Some less-than-reputable sites use cookies to determine your originating e-mail address which they will use to send you unsolicited e-mails in the form of advertisements. Such online behavior is usually experienced as a violation and is an example of the dark side of cookie use. Consequently, cookies are the focus of debate among those who view them as a service or “the cost of doing business” and those who passionately protect their privacy and civil liberties.
In general though, cookies are common and usually harmless. They can’t be used to take information about you or your computer that you have not provided (again, another reason to be very careful what you kind of information you give up at a site). But they can be used by certain services to create a profile of your interests based on the sites you visit. Then information on participating sites can be customized for you which can certainly be a time-saver.
Browsers such as Firefox or Internet Explorer (IE) can help you better control cookies by alerting you whenever a server tries to give you a cookie. In Internet Explorer:
1. Choose Tools, then
2. Internet Options.
3. Click the Privacy tab,
4. Default setting is medium. Move the slider to determine which setting you prefer.
5. You can also click on Advanced for specialized cookie treatment.
If you use Firefox, click here to learn more about the cookie manager. To delete cookies from your system, simply find them on your computer, usually in a folder called “Cookies” and delete them. Or, in IE, click on [Tools], then [Internet Options], then [Delete Cookies]. At least a couple of drawbacks exist to denying or deleting cookies, however. One problem is that cookies are so prevalent that you may be constantly dealing with cookie alerts which will seriously inhibit you from timely and enjoyable web surfing. Also, a site may not allow you to download valuable and free utilities and updates without first accepting their cookie. For instance, if you want to download some utilities from Microsoft, and you have set up your browser to not accept cookies, the company’s site will detect this and stop you from continuing. A message will appear on your screen that alerts you to this situation and instructs you to turn cookies back on if you still want to pursue your download.
ActiveX
Even if you do not intentionally download software from a Web site, elements of a site may download, run on your computer, and pose a potential security risk such as by unleashing a virus onto your system. For example, ActiveX technologies allow software to be distributed over the Internet. You’ll encounter ActiveX in the form of controls, usually graphic items such as scrolling marquees, on Web sites. Think of them as small programs within the site that run on your computer. An ActiveX control is like a plug-in, but worse. It doesn’t require any installation (so users will use them without thinking twice), leaves no trace afterwards, and gives the illusion of extra security. A famous example of a malicious ActiveX control occurred in early 1997 when a group of computer experts demonstrated to the German press how to use the personal financial software product Quicken to transfer money from your bank account to theirs while innocently browsing their Web site. Similar to ActiveX are VB or Visual Basic files (ending in .vb).
You should not allow ActiveX objects to run in IE when you are browsing the web. The default settings for Internet Explorer are set up to prompt or alert you when an ActiveX script is trying to install itself. You can double check this by clicking on the 'Tools' menu, click 'Internet Options', and select the 'Security' tab. Select 'Internet' zone and click the 'Custom Level' button. Disable every ActiveX-related setting (unless you have a good reason to leave one enabled). 'OK' your changes.
Other Things You Can Do to Reduce Your Risk ...
If you don’t have antivirus software loaded on your computer either at work or at home, you should get it right away. You might check out and use one of the following as starters:
Similar to adware or spyware, installing antivirus software alone is not enough. You need to make sure that the software updates itself at least once per day if not more. Without the latest virus definitions, you could be infected by a new virus not yet recognized by your antivirus software. At work, I use McAfee which is provided by my employer. At home, I use AVG antivirus since it works well and is free of charge. Both of these program (as do the others I mention above) have automatic update features.
Macro Viruses
According to Whatis.com, a macro virus is a computer virus that "infects" a Microsoft Word™ or similar application and causes a sequence of actions to be performed automatically when the application is started or something else triggers it. Macro viruses tend to be surprising but relatively harmless. A typical effect is the undesired insertion of some comic text at certain points when writing a line. A macro virus is often spread as an e-mail virus. A well-known example in March, 1999 was the Melissa virus. Current versions of Microsoft Word™ and Excel warn you about embedded macros as you first open a file. If you are sure that an embedded macro is benevolent, enable them. If not, click “disable macros.”
Trojan Horses
(By the way ... I know, I know, there is a difference among a virus, worm, and a trojan horse .... although, why complicate things, they are all our virtual enemies).
A Trojan Horse program, like the legendary wooden creature after which it is named, offers you some apparent benefit (such as a pretty screen saver), encouraging you to install it and run it. After it gains your trust, it then has access to your machine to do whatever else it likes in the background. As an example, in December, 1997, two students wrote a software product that allowed users to customize their Internet software. It appeared to work as advertised, but also secretly e-mailed the user’s password to the students. This action went undetected until March of 1998, when the students themselves revealed it to the press to demonstrate the security risks faced by Internet users. Trojan horses are another good reason to invest in an effective antivirus program.
Unfortunately, antivirus programs alone are insufficient for reducing your risk of becoming victim to a trojan horse program. One SchoolCounselor.com eNewsletter reader, Erik Dial, M.S. a counselor from Milwaukee, Wisconsin, turned me on to a program that protects against trojans and more called Ewido Security Suite. I now run it along with my other security software, seems to work very well (Click here to read an extensive review of this program). This setup of contains the free as well as the plus-version ($29.95) of the ewido security suite. After the installation, a free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times. The purchased license code of the plus version can be entered at any time. The free version does not provide the realtime protection or automatic updates although you can certainly update manually and conduct periodic scans with the remaining free version.
Cookies
A cookie is a small amount of information stored on your computer by a Web site that you have visited. The cookie typically includes information that your Web browser sends back to the site whenever you visit it again such as your password for the site or a customized view of the site that you have chosen. The reason that cookies are designed and planted on your computer is so that your browsing experience is more personal and simplified. For instance, cookies will help you bypass a site’s password logon procedures because your password is simply entered from within your cookie. Then, you might receive a hearty and personalized welcome message. More intricate cookies keep track of the type of links you follow within a site, how much time you spend there, and what you do there (e.g., download a file) so that the site owners may begin to develop a profile for you that allows them to target new information that your profile indicates would probably be of interest to you.
Some less-than-reputable sites use cookies to determine your originating e-mail address which they will use to send you unsolicited e-mails in the form of advertisements. Such online behavior is usually experienced as a violation and is an example of the dark side of cookie use. Consequently, cookies are the focus of debate among those who view them as a service or “the cost of doing business” and those who passionately protect their privacy and civil liberties.
In general though, cookies are common and usually harmless. They can’t be used to take information about you or your computer that you have not provided (again, another reason to be very careful what you kind of information you give up at a site). But they can be used by certain services to create a profile of your interests based on the sites you visit. Then information on participating sites can be customized for you which can certainly be a time-saver.
Browsers such as Firefox or Internet Explorer (IE) can help you better control cookies by alerting you whenever a server tries to give you a cookie. In Internet Explorer:
1. Choose Tools, then
2. Internet Options.
3. Click the Privacy tab,
4. Default setting is medium. Move the slider to determine which setting you prefer.
5. You can also click on Advanced for specialized cookie treatment.
If you use Firefox, click here to learn more about the cookie manager. To delete cookies from your system, simply find them on your computer, usually in a folder called “Cookies” and delete them. Or, in IE, click on [Tools], then [Internet Options], then [Delete Cookies]. At least a couple of drawbacks exist to denying or deleting cookies, however. One problem is that cookies are so prevalent that you may be constantly dealing with cookie alerts which will seriously inhibit you from timely and enjoyable web surfing. Also, a site may not allow you to download valuable and free utilities and updates without first accepting their cookie. For instance, if you want to download some utilities from Microsoft, and you have set up your browser to not accept cookies, the company’s site will detect this and stop you from continuing. A message will appear on your screen that alerts you to this situation and instructs you to turn cookies back on if you still want to pursue your download.
ActiveX
Even if you do not intentionally download software from a Web site, elements of a site may download, run on your computer, and pose a potential security risk such as by unleashing a virus onto your system. For example, ActiveX technologies allow software to be distributed over the Internet. You’ll encounter ActiveX in the form of controls, usually graphic items such as scrolling marquees, on Web sites. Think of them as small programs within the site that run on your computer. An ActiveX control is like a plug-in, but worse. It doesn’t require any installation (so users will use them without thinking twice), leaves no trace afterwards, and gives the illusion of extra security. A famous example of a malicious ActiveX control occurred in early 1997 when a group of computer experts demonstrated to the German press how to use the personal financial software product Quicken to transfer money from your bank account to theirs while innocently browsing their Web site. Similar to ActiveX are VB or Visual Basic files (ending in .vb).
You should not allow ActiveX objects to run in IE when you are browsing the web. The default settings for Internet Explorer are set up to prompt or alert you when an ActiveX script is trying to install itself. You can double check this by clicking on the 'Tools' menu, click 'Internet Options', and select the 'Security' tab. Select 'Internet' zone and click the 'Custom Level' button. Disable every ActiveX-related setting (unless you have a good reason to leave one enabled). 'OK' your changes.
Other Things You Can Do to Reduce Your Risk ...
1. Don't fall victim to virus hoaxes. These hoaxes spread needless alarm and may even tell you to delete perfectly legitimate files. Visit the Hoax Encyclopedia before forwarding on those dire sounding emails warning of non-existent viruses. To get the true scoop on other falsehoods traveling via e-mail, make Urban Legends and Folklore a regular Internet pit stop.
2. E-mail attachments. Don’t open any e-mail attachments that you are not sure about, even if it looks like it came from a friend. Your friend could have a virus that sends e-mail from her account to everyone in her address book. If you have any doubts about the attachment, delete the e-mail and check with your friend. Also, take a very close look at the name of the attached file, especially the last three characters (known as the file extension). If the file extension is one of the following, it usually means that clicking on the file will run a program file, which is what viruses are:
.exe
.bat
.pif
.vbs
.scr
.com
.bat
.pif
.vbs
.scr
.com
Another interesting clue is to see if there are two file extensions, such as this example of a Microsoft Word™ File that has been changed into a virus file (note the two periods and two file extensions): AnnualReport.doc.pif
3. Watch out for IM viruses. Like e-mail viruses, instant message viruses are malicious or annoying programs that are designed to travel through IM. In most cases these viruses are spread when a person opens an infected file that was sent in an instant message that appeared to come from a friend. Click here to learn more.
4. Update your Windows software. Visit Microsoft Update to scan your computer and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them. For more information, visit the Protect Your PC site.
5. Check out RoadRunner’s security page for lots more, and download this free checklist.
0 comments:
Post a Comment