If fear of computer viruses, hackers and identity thieves are standing in the way of your decision to sign up for a high-speed Internet connection, you're not alone.
Farm Industry News readers responding to a recent survey listed security fears as the third most important reason for not having a high-speed Internet connection, right behind cost and availability.
Without a doubt, there are solid reasons for these fears. Internet access — whether high-speed or dial-up — opens up computers to security risks, if they are not protected. But with a modest five-step investment in time and low-cost technology, you can dramatically improve protection of your computer against nefarious viruses, bugs, hackers and thieves.
For a guide to making Internet-connected computers more secure, we consulted Deputy of Internal Affairs Ron Gabrielson with the Geek Squad (www.geeksquad.com). The Geek Squad offers computer support services through more than 700 Best Buy stores across the U.S., as well as through separate Geek Squad locations. In addition to in-store repair services, the Geek Squad specializes in in-home computer repair and networking support at fixed rates, depending on the service required.
Like all Geek Squad “special agents,” as support personnel are called, Gabrielson wears a uniform consisting of a short-sleeve white shirt, clip-on “breakaway” black tie, black slacks, white socks and black shoes. When making in-home calls, agents drive an official Geekmobile, a black-and-white Volkswagen New Beetle, and carry a numbered Special Agent Badge. (Gabrielson is Special Agent 97.)
While this Geek Squad getup is designed to be humorous, Gabrielson's advice is serious. “Whether you have your computer on the Internet all the time or just part of the time, or whether you have a high-speed or dial-up connection, your computer is open to threats,” he warns.
To reduce these threats, he recommends that you protect all your Internet-connected computers by following these five steps.
Step 1. Buy a hardware-based firewall. The cost of this basic security software should be $100 or less.
As the name suggests, a firewall is designed to build a wall between your computer and the Internet to help prevent unauthorized users from accessing your computer. The Windows XP operating system has a rudimentary built-in software-based firewall, but Gabrielson recommends a more robust hardware-based solution as well.
“A hardware firewall hides your computer from the rest of the Internet,” he says. “Most of the general-level hackers will not be able see your computer. It is a good primary defense.”
Without firewall protection, you face the possibility that a hacker will gain access to your computer's hard drive, with some potentially dire results. Typically, hackers will “cruise around the computer to see if there is anything of interest,” Gabrielson says. “It is like they have a remote connection to your computer. They might come across your financial documents. Suddenly they have access to your bank accounts. If they find your Social Security number, they can steal your identity. Or they could delete the data on your hard drive.”
If you are planning to network two or more computers in your home or office, a wireless router, which often includes a firewall, is among the options to consider. A separate, dedicated firewall is another alternative. The firewall capabilities of wireless routers often are noted in the fine print.
“When in doubt, go the manufacturer's Web site to determine whether it has a firewall built in,” Gabrielson advises.
Step 2. Use antivirus software and update it regularly. You can expect to pay $30 to $50 annually for ongoing computer virus protection.
Antivirus software is subscription based. So if you haven't re-subscribed to the software that came with your computer, or you neglected to pay the most recent annual fee, your computer isn't protected from new computer viruses.
Antivirus software checks individual e-mail messages and attachments for viruses, but without frequent updates, it can't check for the latest viruses. “There are new viruses hitting the Internet every day,” Gabrielson says.
He suggests setting the software to automatically check for updates at least every few days. It's also a good practice to use the software to scan the hard drive once a week.
Step 3. Invest in anti-spyware software. This subscription-based protection will cost $30 to $50 each year.
Spyware is software that tracks and reports on the Web sites you visit. The goal of spyware, in its most benign form, is to generate data for targeting Internet advertising based on your interests. Frequently, the computer user unknowingly gives permission for the spyware to be installed when signing what appears to be a standard legal agreement to gain access to some Web sites. That's when the trouble begins.
“Many people don't understand the nature of spyware,” Gabrielson says. “It is a close cousin of a virus. Once you get it on your computer, it runs in a phantom mode and can sometimes invite other spyware onto your computer. I have seen computers with tens of thousands of spyware programs. They can slow the system down to a crawl.”
He advises extra caution when purchasing anti-spyware software, because some spyware masquerades as anti-spyware software.
Among the bona-fide anti-spyware products are Windows Live OneCare (www.windowsonecare.com) and SpySweeper (www.webroot.com), at a cost of $30 to $50 for an annual subscription. The fee includes ongoing updates to protect against new spyware after it is introduced. The major antivirus software companies also offer anti-spyware programs at reduced package prices.
Gabrielson suggests that, to help reduce the chance of infecting your computer with spyware, avoid clicking on pop-up windows. These pop-up windows, which can show up after clicking on a segment of a Web site, sometimes are linked to spyware, which downloads onto your computer automatically after you click on the pop-up. To close a pop-up window, click on the “X,” not a special “Close” button. You guessed it: Clicking on the “Close” button can often activate the spyware.
Step 4. Update your computer's system and Web-browsing software regularly. If your system already is updated, the only cost to you is a one-time investment of a few of minutes to tell your computer to automatically check for updates.
There are lots of reasons to keep your software up to date, including improved functionality and internal bug fixes. But updates frequently include critical fixes for security flaws in Windows and Internet Explorer software that have been discovered by computer hackers, Gabrielson says.
“Hackers are always looking for security holes that they can take advantage of,” he explains. “Every month there are multiple updates. I strongly recommend setting the computer to automatically check for updates.”
If you haven't updated your system software lately, be prepared to invest several hours even with a high-speed connection. To update the system, go to the Windows software update feature in Internet Explorer's Tools drop-down menu. Instruct the browser to check for updates. Many updates require other updates to be installed first, so they will have to be installed in steps. You will have to restart your computer after each set of critical updates. After each restart, check again for updates until Explorer doesn't find a new update. At that point, assuming you have set your computer to automatically check for updates, the most painful part of the process should be over.
Step 5. Arm yourself with knowledge about “spoofs” and “phishes.” The only “software” involved in avoiding these security risks is the no-cost commonsense kind between your ears.
A spoof or a phish is an unsolicited e-mail or pop-up message whose goal is to defraud the recipient by tricking him or her into providing personal information, such as bank, credit card or Social Security numbers.
Here is typical language used in phish e-mails:
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information.”
These phony e-mails may claim to be from a business or government agency that you may deal with, or possibly your Internet Service Provider. The message may ask you to update, validate or confirm your account information and may threaten dire consequences if you don't respond.
“These Web sites are set up to capture your personal information,” Gabrielson says. “If you give them your bank accounts, they can access your money. If you give them your Social Security number, they can steal your identity.”
Here is Gabrielson's advice: Don't click on the links and under no circumstances should you provide the information that is requested. Instead, delete these e-mails from your computer. You also may want to report the incident to the entity that allegedly sent the e-mail.
“An official organization is not going to ask you for your personal identification information through an e-mail,” Gabrielson says. “They are not going to ask you for a credit card, bank or social security number. If you are in doubt, I recommend contacting the company directly — and not using the telephone number in the e-mail.”
The Federal Trade Commission has additional details on avoiding phish frauds and reducing other computer security risks at www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.htm.