Computersight -

I feel that it is important to show users most of the security risks out their. There are so many now, people are unsure whether their computer is fully protected and most people are wasting money on useless security products that don’t deliver adequate protection. On-top of this also people are wasting money on getting their computer repaired when you can stay secure for free. There is an old saying “Nothing in this world is ever free” however in the computing world, this is further from the truth. There are hundreds of free software which are fantastic alternatives to paid versions. The way these companies get money is by offering paid upgrades (if the user wants to), gain revenue from advertising on their website and/or also by collecting donations. For example Microsoft Office, costs around £200. You can get a complete office suite called “Open Office” which is totally free and which is also compatible with Microsoft Office. It is fantastic because its open source, which means developers are constantly updating it and making different versions to suit different consumer needs. As for security the amount of free security suites out there is countless. This is because most security companies believe that everyone should have some level of security for free. The way they get money is by businesses buying the software since the free security suites are usually not allowed for commercial purposes and business use. In this article I have outlined the top security risks on the computer and also outlined how to protect, prevent and minimize the risk of falling victim to the threats that are out their. I have also given each of the threats a risk rating, to tell you how dangerous it is.

Malware, Viruses, and Worms – Very dangerous

Malware is normally confused with other threats, but basically means any type of malicious software with the intention to damage your computer so for example Viruses, Spyware, Trojans are all types of Malware. Malware is like the group name of the risks out their, however when some people say Malware when they mean Viruses because Malware seems to have now replaced the name of Viruses. Viruses are basically computer code, that when executed damages files on your computer or corrupts them. This means any files from personal to important system files.

There are many different types of viruses that do different things. Some do little or no damage yet some are extremely dangerous. Most common symptoms of viruses are that your computer runs very slow, your computer boots up slowly and simple tasks can’t be completed because your computer is slow. Most viruses, damage system files which in return makes your computer crash or even stop your computer from booting up. Most of them are very complex as they can replace themselves once they are deleted, and also add replicated versions of itself under different names. Some can download more viruses, and also are the cause of buffer overflows. Buffer overflow attacks are basically making a process or a software application work much harder that it can cope (the sufficient memory the programmer has allocated the software) and therefore causing the program to crash. They can attach themselves to files and therefore can be transferred from computer to computer by the old floppy disks, pen-drives or CD’s.

Worms however are very clever. They are normally confused with viruses because they are basically the same thing only worms can infect other computers by itself. Where as viruses people have to transfer them by memory devices, worms can infect networks and also find email addresses on the infected computer and then send out messages to them containing the virus or even infect other machines by the exploits in their security. One of the most famous worm is the Love Bug Virus or also called ILOVEYOU virus. Which sent out an email saying I love you, and contained an attachment. When the attachment was opened the virus infected the machine. Another worm which is recent was the Conficker (also a type of BotNet). This is a famous virus because not only did it infect hundreds of computers at home, but also infected hospitals, schools and even the military. Every security company was soon working together along with famous websites companies such as Microsoft and Download.com to spread the news. Everyone was watching this virus. It was believed also that come the 1st of April that the computer virus would do something destructive since it was April fools day, however nothing happened. Many people thought it might be because they owners may have been caught. Conficker however soon disappeared of the news as its last version of itself Conficker E removed (killed) itself on 3rd May. Leaving other versions on the system. Many security companies have now updated their programs to fight the infection.

Spyware…

(Adware, Keyloggers, Screen Captures, ParasiteWare) – Very dangerous

Spyware is very difficult to describe as it can be a term on its own, or a collection of all the types of programs listed below such as Adware etc.) Spyware can basically control your computer without your knowledge and see what the user is doing. It can control your mouse, control your keyboard, and look at your files. Its basically a hacker accessing your computer. This can lead to all-sorts such as identi-theft, and sensitive information such as bank details being sent across to thieves.

Adware basically sends advertisements to your computer. Now there are many pop-up windows that websites send out to their visitors but these advertisements happen when your computer is not even connected to the Internet and normally more than 3 pop-up at once. Also some contain unsuitable images, and contain porn.

Keyloggers are also dangerous as it records every key your pressed. It records your key strokes therefore they know passwords to sites, and can find out your bank details.

The most scariest of them all are screen captures. Basically they watch your movements on your computer, or take screen-shots of your screen; so they can see your letters and see your documents. They can also see you on web-cam. They can also turn your web-cam on, to watch you. They can listen to you by microphone. They can read your messages with ease. This can lead to them knowing when you are out of the house, and where you will be and therefore the hacker may come and visit you.

ParasiteWare is another term or Adware which normally track people coming in from affiliate links, so the hacker or site knows which site or person brought them visitors from the advertisements to them and therefore they can pay the hackers for the visits.

Spyware can however be used for good purposes. Many schools and libraries have safer versions of the spyware to monitor the use of a computer. They are normally referred to as computer surveillance programs. If the computer however is not meant to have such threats on the computers then they need to get rid of the spyware fast.

Spyware is normally bundled with free software applications (however please be aware that not all free applications have spyware in them. Www.download.complus a lot of other download sites have policies that forbid any program to contain viruses and spyware in them. The most famous software to bundled spyware is a peer-to-peer software application called “Kazaa”.

Trojans – Very dangerous

Trojans also referred to as trojan horses are very similar to viruses and spyware. The reason they are different is that they cannot self replicate. The name comes from the Greek Trojan Horse story. They can come in a form of an application which to the user looks to be useful but infact damages the pc or downloads more viruses or spyware.

Bot-Nets – Extremely dangerous

I like to refer to Bot-Nets as a gang that does crime and you cannot get out of it. Once your in, you can’t get out. This is further from the truth as you can get rid of bot-nets however it is unpleasant if you have one on your computer. They are basically a program that hooks your computer up to a network. This network is controlled by a hacker or controlled by the gang leaders. They damage your computer, and others across the network. They also can control your computer, and control everything you do. The name comes from the how the program is used. Bots are useless a list of commands to do a certain thing, and nets comes from a network. Bot-Nets were created for useful reasons and to help companies however hackers also make the concept dangerous. Normally when a computer is infected with a Bot-Net the computer then becomes a Zombie PC. Bot-nets usually makes the user do commands that can be crimes which benefit them such as sending out spam messages, viruses, or even carry out phishing attacks. Since your computer can be traced you could get the blame. It also can cause denial or service attacks. What these are is accessing a website, however making all these computers accessing the website at once. By accessing it at once it can crash the website. These normally occur on free web hosting websites, since they can get passwords for free to attack the web hosting company. If your struggling to understand basically when you connect to the Internet, your are basically connected to a network of computers. These computers are normally referred to as servers. Servers hold websites. When you access a website, your computer connects to that computer (server). Then the computer server downloads the information on the website to your computer. So basically websites are held on other computers also connected to the Internet. Now when you run many applications at once your system gets slower doesn’t it. Well this is what happens when your connect to a website. The more people you have on the website the slower it gets. If you run too many applications on your computer, you computer crashes. This is because the system can’t handle the stress and that basically what happens in a denial or service attack. There are that many people connecting to a website, that the system can’t handle the strain and therefore crashes the system. British Airways is a great example, when the flights were cancelled their website crashed due to so many people connecting to the website to find out if their flight has been cancelled too. This may be called a denial or service attack but basically it was not intended. Denial of service attacks are usually intended to crash the website, server system.

Bombs – Dangerous

Bombs are usually separated into two types. One bomb type uses the system time and date. When the time and date reaches a certain number then the bomb is activated (normally a virus). Another type of bomb sends out the same thing over and over again. So this could be anything from internet pages (loads up millions of web-pages which can cause your computer to crash) or downloads or activates millions of viruses to destroy your computer. Bombs can be dangerous and are a nuisance.

Macro Viruses – High Risk to Dangerous

Macro viruses are not really used that often any-more, since viruses are evolving and macro viruses cannot offer the virus developers much freedom to work with any-more. Macro viruses are very slow at executing and are not transferred easily either. Macro viruses infect programs that uses Macros such as Microsoft Word, Excel, Open Office etc. Macros are written in VB-Script / VB.NET since that is the programming language used in these programs. Macros are used to perform a simple task, such as add text on a word document for example. Say if you need the same document again and again, then by recording macro you can accomplish this task, however because you can edit macros they can be used to create viruses. They can damage your work and computer.

Scare-ware (Rogue Security Applications) – Very dangerous

These applications are very dangerous. They are nasty pieces of viruses, that installs on your computer forcefully. Scare-ware usually markets users to buy something forcefully. Most rogue security applications use scare-ware tactics. Usually they use pop-up stating that their security software application has detected viruses and spyware. The only way to stop all the pop-ups and to remove these threats is to pay for the software. Once you pay for the software, your threats will disappear and then the application damages your computer since its a virus. It doesn’t offer any adequate protection. Its basically a scam and can bully the user into thinking that their system is infected when it isn’t. Once they have your bank details depending on how you paid for the application they can take all the money out of your bank account. Usually they are downloaded by accessing an infected website. The website then says your system is infected and you must download the software. Even if you clicked on the red X button or the close button the software will still download the software forcing the user to install whether they like it or not. They do this by the use of flip buttons which doesn’t let the user have a choice in which button is pressed. Most of these have similar applications which are basically the same only under different names to infect a greater amount of machines. The most famous and common rogue is Win-Fixer, which normally is also known as WinAntiVirusPro, ErrorSafe, PcTurboPro, SysProtect, Ecsecure, SystemDoctor, FreePCSecure, StorageProtector, WinAntiSpyware, Avsystemcare, Performance Optimizer, and many more are all built by the same company Winsoftware which download the software without the users consent by a website that uses flip-buttons to force the user to install the software. It then comes back saying you have so many threats on your computer, to get rid of them you need to buy the software. Then it keeps popping up bullying the user to pay. In-fact itself is a virus which downloads over viruses. One of the viruses it downloads is called “Vundo” which is a tricky virus to get rid off on your system. Vundo stops users from accessing yahoo and google, and makes websites very sluggish. It also opens up websites that are not related to the website searched or typed. It also stops users from accessing trusted security company websites. There are also lots of other things Vundo does to your system. To make sure you don’t fall victim to any of the rogue’s this website gives you a massive list of rogue anti-virus and spyware programs that don’t protect your system: http://www.spywarewarrior.com/rogue_anti-spyware.htm.

Spam – Low risk to high risk

Spam is basically email messages that are considered as Junk. Spam is also known as junk mail and it is a message that is sent to hundreds of other people containing the same message. Most of them also try to sell you something, normally pills to enhance your sex life (You know what I mean). Most spam are at low risk, and nearly everyone will experience at least one spam message in their life. Someone also did an experiment by actually creating an email address and not doing anything with it. After about a year of not giving his email address away or signing up to anything he had received spam messages. Mainly spam is a nuisance rather than a threat, but they can also be used to carry out attacks such as browser hi-jacking, phishing attacks and also giving out viruses that are sent in attachments. Any messages of this nature must be reported. Also be very aware of all messages regarding PayPal and eBay, I have received phishing emails regarding these websites, I know they are phishing emails because I haven’t signed up to any of these services. Not all PayPal and eBay emails will be phishing emails, later in this article I will tell you how to find out if they are phishing attacks or not. Also do-not take any notice of “Spanish lottery winning’s” and “The bank of Nigeria has given you a million pounds”, they are all fake and want to rob your bank account. They use words to persuade you, often threatening terms such as The FBI will arrest you if you don’t claim within the next 48 hours. Why would the FBI arrest you for claiming lottery winnings? Also many of them contain spelling mistakes too, which is also a good sign they are not a professional company. Spam is illegal, however there are so many messages you cannot report them all. The ones you should report are the ones that contain viruses, or phishing emails. The way these people get your email address is by either guessing, finding your email address on message boards, or websites that you sign up to selling your email address on. Therefore you MUST read the agreements before signing up to any company you do not trust or know well. It is illegal for any company or person to sell your email address onto someone else. To report spam visit this website: http://www.ftc.gov/spam/ and that will tell you the steps to do so. This is the official spam reporting website. The two things you must never do is reply back to a spam message or click any links within the spam messages. If you do then they know the email address is active and therefore start sending you more spam messages.

Pop-ups – Low risk to high risk

Most pop-ups are a thing of the past. Not as many as they used to be, this is because pop-up blockers are built into web browsers and toolbars now. Plus many people find them a nuisance when accessing a website, slows down the website and also doesn’t help to sell items. Mostly now pop-ups are only seen on free hosting sites and also codes for social networking sites. Some pop-ups can easily by-passed pop-up blockers and can cause a nuisance but mainly it is a low risk. The high risk ones are the ones that say you have errors on your computer such as registry errors or even hundreds of spyware and viruses on your computer. These 99% of the time lead to rogue anti-virus websites trying to sell you their software.

There are many more which may comprise your computer however here are the main ones you should be aware about. In this next section we will be talking about the risks on the Internet and attacks that can happen.

Phishing Attacks – Very dangerous

Many of you are properly wondering by now, what on earth is Phishing, because it has been mentioned countless times and you are unsure what it is. Well I will tell you. Just a couple of questions before we start, when you go out shopping do you flash your bank card around? Or do you shout out how much money you have in your bank? Do you leave your wallet on a restaurant table when you go and order your meal? Do you tell everyone your pin number for your card? Of course you don’t. You would be stupid if you did wouldn’t you. Well that’s what people exactly do, they give out their information out to a person online for them to steal all their money. You may think well that’s just stupid, but there are so many people who fall victim to it because it can be easily be done without your knowledge. These attacks are very clever and therefore it’s unfair to judge someone who has given out this information online and don’t know that on the other end there are thieves that are ready to steal your money. The scam is basically identi-fraud and its just like someone stealing your car, wiping out your bank account, or someone stealing your wallet. Most of the times hackers use bank websites or websites such as PayPal, or eBay. They send out an email normally stating that there has been a security breach and therefore you have to sign into your account and change your password. Once they got your details then they can steal all your information plus all your money. They use very clever techniques, for example it is very easy to copy a popular website for example you can easily copy the code and then change a few things on a website to send the details to a hacker. However phishing is being tackled already. Most browsers now have phishing detectors (Internet Explorer 7 and above) which scan a website to see if it’s known to steal bank accounts and stops access to it. Also it makes the address bar turn red. However there are also signs to look out for to make sure it isn’t a phishing site. The name phishing comes from the how thieves and hackers fish for your information. They hunt down and look for your information and once they found something they start the attack. Below is some text found in a phishing email message. The bolded text shows you how you know its a phishing email:

Dear Customer, - If a bank was to contact you, they would use your real name. They would not say “dear customer”.

Your access to Online Services has been suspended. Due to a miss-match access code between your Security information. To enable you continue accessing your online account it will only take you a few minutes to verify your Identity. – Missing out some words which make the sentence not make sense. Banks are professional and not miss out words or contain spelling mistakes.

Follow the reference below and you will be guided to where you can gain an instant verification process.

https://online.woodforest.com/wnb – Be careful not to click the link straight away, they can easily mask the link to make it look official however if you hover your mouse over the link in the email, a yellow box appears showing you the real link. This may look nothing like your banks real address. For example could look like this: Http://01.89.78.90.woodforest1.net/onlinesignup.php

IMPORTANT – You are strictly advised to match your sensitive details correctly to avoid service denial. – Strong use of words to make it look important and a state of emergency.

Thank you for helping us to protect you.

Security Advisor,

Woodforest Bank

Online Banking Customer Services – No telephone contact or real name mentioned in the email. Normally companies use names in email addresses to show its the person at the head of department who has sent the email.

(Email Information found from the picture on the phishing warning from “Woodforest Bank”)

Also you need to ask yourself the questions

1. Do you actually own an account within this bank?

2. Have you heard of a security breach in the news?

3. Have you actually used any of the online services that your bank provide?

4. Have you given your email address out to your bank?

If you have answered “no” to any of the questions think twice before clicking that link. Also if you do receive any email message stating that they need to know your personal details, always ring them up before hand. They will tell you if they have sent out an email or not, and it also lets them know whether or not there is a phishing attack targeting customers of their banks. Normally companies would send out a letter in the post, or ring you up if there is a problem with your details. They would not normally send an email and certainly wouldn’t ask for your bank details or verification without meeting you in person. Just because the email address from the bank looks genuine doesn’t mean it is, as the email address can also be easily masked.

If you do click on the link, then there are warning signs to look out for. Most Phishing sites are not used on a secure socket layer on the TCP/IP protocol. What this means is it doesn’t send the information by encryption. Encryption scrambles your information so hackers and thieves can’t understand the information. Most shopping websites and bank uses encryption. To see if the website uses encryption there are three things to look out for. In your web browser web address bar it should say “https://” rather than “http://”. The “s” after the http means there is protection on the website, and also there is a lock icon which is either next to your web address bar or located at the bottom of your screen in older versions. If there isn’t a lock icon or the lock icon is unlocked, it means the site is not safe. In recent versions of Internet Explorer the web address bar turns green if the site is safe, and red if it isn’t. Also there is one more thing to look out for, (however the website may not contain these images) on the website their might be awards (normally found at the bottom of your page) these awards are by security companies that show that the site is secure. To make sure it is secure, if you click the picture it shows you the security report and the website address. You can check whether that site is secure with handling your information. Normally these awards are done by companies such as comodo, verisign and etrust. There are many more but these are the companies the most people use.

If you have been a victim of a phishing attack here are the steps you must take:

1. Close down or stop access to any of the accounts that have been phished. This easily can be done by ringing up your bank.

2. Tell your bank about the phishing attack, they need to know. They normally have procedures in place to tackle this.

3. Ring up the police and tell them what has happened.

4. Cancel all credit cards and stop any transactions from taking place.

Be sure you read these tips to stay safe from phishing attacks.

So how can I stay protected for FREE from all these threats.

Like I said earlier in this article, there are many free anti-virus and spyware programs out their. I have tested a lot of them, and I have written my top recommendations and views about each program. However it is up-to you to decide which one you should go for. I have also listed some software that you can also buy if you want to, to make your security even tighter however I recommend you go for the free ones as they are normally the best.

Anti-Virus (also contain anti-spyware detection engines too)

Avira AntiVir Personal – Free Antivirus (My Top Recommendation)

Is the second most download product on download.com plus second most download security product on download.com, and the top most download product on softpedia.com. This free anti-virus and spyware app is the one of the best this is because of its quick scans, and efficient engine detections. Not only is it one of the favourites for numerous developers and security analysis alike, but it always gets full stars for nearly everyone who reviews it. This is because is scans your hard drive quickly and also has what’s know as heuristic scanning, which basically means it scans files for “Virus behaviour” and if it detects virus behaviour then it flags it as a virus. This is very good feature because this means that without the software being updated you can still be protected by new threats that security companies haven’t even detected yet! Also it has many virus definitions in the definition database. There are a lot of other great features which I am not going to go into detail, but for a free anti-virus this is definatly at the top of my list. The only downside is that the update is sluggish and also contains a ad. If you are not bothered about the one ad when it updates then this is perfect tool for you! You can download this at www.download.com

AVG Anti-Virus Free Edition (My Second Recommendation)

AVG is much more famous than Avira, and its the most downloaded software on download.com for at least a year now if not longer. It is the most used free anti-virus software going. It is not recommended that you use two anti-virus along side each other because they can conflict against each other. This anti-virus has got a great GUI and is very easy to use. Its got not ads and scans very fast and updates fast. The only reason this is not my top recommendation is due to the fact that the free version is limited. For example it doesn’t have an anti-root-kit which can be a big problem and other free software provides. It also doesn’t have a web-shield or firewall. However this is used by hundreds of people have a great scanning engine and also has good amount of definitions this is basic protection for the average user. You can download this at www.download.com

Avast Home Edition (My Third Recommendation)

I used avast for one and a half years. It was my first free anti-virus that I have ever used and I loved using it. The thing that made me change was the fact that other suites offered more features and better definition files. Since I had swapped it has updated incredibly and still third on the most downloaded list on download.com. It has been on the most downloaded list on download.com for over 5 years now. What made me choose it over others was the anti-rootkit it offered in the free version. It is very slow at scanning, but fast updating and you can easily customize the scan. The GUI looks like a media player, and is very hard to navigate around for a new user, however skins can be downloaded to make it look much more stylish and better. It now offers anti-spyware along with the other free software I have also listed above and it is still a favourite among users. The only downside is that you have to babysit the software. When a virus is found you have to delete it or quarantine the file before it starts scanning again. However I like the warning sounds that the anti-virus produces when a virus has been found, it has to be the best I have heard and ever used! (“Warning! A virus has been detected.”) Another good anti-virus for you to consider. You can download this at www.download.com

Microsoft’s Security Essentials (My Last Recommendation)

Many people hate Microsoft’s software however this new anti-virus has had other companies above worried. It is actually quite good. At the moment it is in BETA version, however you can still download it is not very buggy. I have used it, and I must say I really do like it. Believe it or not, but its actually prevented a few viruses from downloading onto my system already, and this is with Avira’s Firewall and web-guard. It is very slick, easy to use, nice GUI and does what it is meant to do, delete viruses. It is much better than Windows Live One-Care and Windows Defender that Microsoft brought out. This software is going to be free for users, and it offers all the protection you need, which other companies have limited in their free versions of their anti-virus programs. Not much has been covered yet, since its still being tested. One it it out, security researches will stress and test it out to see if it is better than other security products out their already. Many people have reported though it is actually much more reliable than other anti-virus products on the market. The software is also going to be implemented in Windows 7, the new Operating System Microsoft is bringing out in October. You can download this at www.download.com

MalwareBytes Anti-Malware (An add-on must have to your system)

A very good free-ware and a must have as added protection for your system. The scans are very quick and the detection engine is very good. It finds Malware that most security programs miss. Also you can use it alongside your anti-virus, therefore it is a must in your security program. You can download this at www.download.com

Anti-Spyware

With an Anti-Virus is recommended that you only use one. With anti-spyware programs though it recommended you use two. Anti-Virus companies now offer anti-spyware however it’s not enough. You need programs that target spyware, and they are some fantastic companies and software that do this. Here are my recommendations.

Spybot Search and Destroy

Is a very good anti-spyware program, it is one of the most used spyware removers on the web. Unlike most anti-virus / spyware programs, Spybot is developed in Pascal which makes it more reliable and harder for viruses / spyware to break thus increasing a person’s security. The downside to this program is the very old unfriendly interface. It is still a well trusted at used program by web tech’s alike. You can download this program at: www.download.com

Ad-aware

Ad-aware was one of the first anti-spyware programs to come out and still one of the best. It has a quick detection system and quick update ultility. It has had many make-overs over the years and each interface just gets better and better. Its much more user friendly and much more better at detecting viruses. You can download this program at www.download.com

Phishing Detectors and Popup Blockers

If you download the latest version of Internet Explorer (Internet Explorer it has a very good built in phishing detector and Popup blocker. These will help you to stay protected from most threats. If you want a more robust phishing and Popup blockers there are many available on the web.

Spam Blockers

Most email programs now come with a spam guard or blocker built in. Contact the email client developer to find out how to set-up your spam blocker. Most spam blockers and guards can automatically delete any spam messages that it finds.

Firewalls

You need firewalls to prevent viruses from controling aspects of your computer without your permission and also to prevent viruses and spyware from installing on your computer in the first place. Please bear in mind if you have a firewall it is NOT a replacement for an anti-virus or anti-spyware. You can use two programs that are widely used and totally free. They are called Zone-alarm and Comodo. You can also find these programs on www.download.com