There are always rules to follow no matter who you are: school rule, business rule, game rule, etc. Same thing applies to computer usage. If you want to minimize the risk of intrusion and virus infection, there are 10 golden rules that you should follow whenever you are using your computer or browsing the web. Believe it or not, I have practiced these rules for almost 10 years and my laptops and desktops have never been infected by virus.
Rule #1: Security software – install, use, update
This is a no-brainer. Doesn’t matter if you can’t afford to buy a security software, as there are plenty of excellent and free security solutions. An antivirus program is a must, and I highly recommend you to install a third-party firewall and an anti-spyware. Here are my recommendations for free security software:
If you wish to invest on a security suite which includes an antivirus, a firewall, and some extra features such as backup tool and file encryption, go for it. You can’t go wrong with anyone of these:
Have your security software installed? Make sure it is set to update automatically. For on demand scanner such as SuperAntiSpyware and Malwarebytes Anti-Malware Free, you should schedule an update and quick scan at least once a week, which normally takes less than 10 minutes.
Now you have built a protection layer between you and potential threats, but this is not all. Follow the next 9 rules to maximize your computer security.
Rule #2: Emails – be careful of hoaxes and attachments
ONLY download email attachments from someone that you know and you are expecting to receive the attachments. If you aren’t expecting an email attachment from someone that you know, ask and confirm with the sender.
To identify hoaxes, lookup for the email address of the sender. Normally, you can see the details of the sender at the top of the email. This is how a legitimate email looks like:
As you can see, the domain part of the email address is google.com, which is an legitimate email from Google. Here is how spam or hoax emails normally looks like:
- firstname.lastname@example.org <email@example.com>
- Bank of America <firstname.lastname@example.org>
Do you notice the differences? The first email is from security.info, which is definitely not an email from Bank of America. Also, it tries to show email@example.com as the contact name, to confuse receivers who thought that the email address is legitimate.
For the second email, the sender originates from bankofamerika.com, which is a commonly misspelled word, to trick the receivers.
In short, always ensure the sender details is 100% correct with proper display name and legitimate email address.
Besides that, you should know that bank and credit card companies will NEVER email and ask for your confidential information such as account number and password. Instead, they will call you and talk to you personally on any important issues regarding your account status. Emails from financial institutions are usually about company news, updates, offers, and promotions only.
Rule #3: Browse the Internet safely
Here are some common and important web surfing tips:
- Turn off sharing when you are connecting to public WiFi. For Windows users, simply select “Public network” when choosing a network location.
- When you are performing a transaction or providing sensitive information, make sure the website URL has “HTTPS” in it, so that the communication is encrypted.
- Make sure you have entered the right website URL before browsing.
- Only install top-rated browser plug-ins that receive tons of positive ratings and reviews.
- If you are suspicious about a site’s validity, search for reviews or any fraud cases about the website.
- Before clicking on a link, hover over the link to check its true destination, which is shown at the bottom left corner of your browser.
- Always download software from official sites or reputable download sites like Download.com and Brothersoft.
- Ignore and close any suspicious ads or pop-ups immediately.
- This may be hard for you – stop browsing any porn sites, torrent sites, pirated software download sites, hacking sites, etc.
Rule #4: Create strong and unique passwords
You probably have countless number of accounts and most (or all?) of them share the same password. Change them. I know it is impossible to create a strong and unique password for each of your accounts, but you should at least create unique passwords for important accounts such as online banking, email, Facebook, etc. Here are some basic requirements of a strong password:
- at least 8 characters long.
- includes uppercase and lowercase letters, punctuation, numbers and special characters.
- avoid common phrase and dictionary words.
How to create a strong password that can be remember easily? Here is a method that I like to use:
You may refer to my post with complete details and tips on generating a strong and memorable password in minutes.
Also, you should change passwords for communication-type sites such as email and corporate account, at least once every 6 months. Here’s an article that explains how often you should changes your passwords.
Rule #5: Keep your OS and application software up-to-date
Why do you need to keep your system and software up-to-date? Software updates protect your PC against new attacks, by downloading the latest security patches and fixing bugs/loopholes.
By default, Windows install updates on your system automatically, and I don’t recommend you to change it to manual update. You should also update your application software immediately once you receive update notifications.
Rule #6: Do not use pirated or cracked software
Everybody loves free stuff, including me. However, pirated or cracked software often contain viruses even though they appear to function normally. Here are 2 solutions for you: get a free and safe alternative like open-source software or work hard to get what you want!
Rule #7: Protect your PC from removable media
Pen drive and external hard disk make your life easier, but they also make transmitting viruses easier. Imagine you have a USB flash drive and you always share it with your friends and family. If your pen drive is infected, it will become a virus transmitter that spreads virus on any connected computers.
Panda USB Vaccine is a free USB anti-malware tool that disables the Autorun.inf file in your USB flash drive, as most viruses are spread by executing Autorun.inf automatically when a removable media is inserted into a PC. If you accidentally plug in an infected USB drive, Panda USB Vaccine prevents malicious files from auto-executing.
After connecting a removable media, most antivirus program will automatically scan the connected media. If you have disabled this feature or your security product doesn’t autoscan, you should always conduct a full scan on the removable drive before accessing its files.
Rule #8: Avoid installing additional software during installation
Check out the screenshots below:
Are you familiar with these annoying software suggestions? Most people will just click “Next” until the installation begins and remain unaware of these additional software options, which are normally enabled by default.
While some of these toolbars and programs are safe, few of them include malware like keylogger and browser hijacker.
Therefore, always go through each of the installation screen carefully and disable any extra installations.
Rule #9: Backup, backup, and backup
Always prepare for the worst case scenario. Backup whatever is important to you regularly. If the file sizes are small, simply copy the files to a USB flash drive or upload them to online backup service like Dropbox. If you want to perform full system backups, maybe you can try some backup software such as Acronis True Image. For office and business users, you should always back up emails and contacts of your important email account(s). If you are a Microsoft Outlook user, here are some Outlook backup software that you should really check out.
It really depends on your needs and preference!
Rule #10: Be smart and stay alert
Use your instincts and common sense while shopping online, browsing sites, downloading software, etc. Keep yourself updated with the latest online scams, hacking news and computer tips. Always do some research on forums, tech sites, and reviews sites if you are suspecting the authority and validity of a website or brand.
In short, don’t act like a computer and Internet newbie!
Some Optional Tips
- create a separate standard user account and use it for daily tasks. Login to your admin account only when necessary.
- clean up your PC at least once a month to remove temporary files, cookies, browsing history, caches, etc. CCleaner is an excellent tool for PC cleaning.
- prepare a system rescue disk to troubleshoot and recover your PC when it’s infected. Check out Hiren’s BootCD, a popular and free bootable CD.
- schedule full system scan weekly or monthly.