How to Keep Your PC Safe and Secure11 Mar 2013
For almost 20 years I tend to have been the go-to guy when people run in to software problems with their PC. Along that journey I have fixed a number of computers and helped bring them back up to speed and make them safe and secure.
The purpose of this post is to share with you the tools that I regularly use as well as the best practices that I have found relating to being secure when online.
This post is not a step-by-step way to clean an already infected and slow machine. Instead, these ideas are presented to help you be secure so that you avoid being infected by a virus or be the victim of a phishing scam.
OpenDNS is a free service that is designed to protect your home network. There is no software to install for OpenDNS. Instead, you make a small configuration change on your router which means that any device connected to it wired or wirelessly will be protected from various websites which includes adult themed as well as sites aimed to steal information from you or install a virus on your PC.
There are two free options when signing up for OpenDNS. The first is OpenDNS Home which aims to make browsing the web faster, give parental controls to parents for children and provide phishing protection and identity theft protection. The second option is called OpenDNS Family Shield which does all that the Home service does but adds in blocks to adult websites.
Lets take a look at what OpenDNS does in more detail. Note that there may be other similar services. I just happen to like OpenDNS because it’s free and works well. If you know of another DNS service aimed to protect a PC then feel free to post a mini review in the comments below.
Blocking Websites and Phishing/ID Theft Attempts
The biggest risk you have when being connected to the internet are emails that you receive which appear to be from banks, Paypal, popular shopping sites like eBay, Amazon and even friends as well as websites that you visit that carry a virus or malware. OpenDNS attempts to tackle both these problems by keeping a 24/7 updated list of problem sites. With you installing OpenDNS on a router, the service automatically intercepts any call to a webpage that might be bad and serves you a warning page instead. This alone is a great way to stop malware or a virus from attacking your PC.
One of the services included for free with OpenDNS is Phishing Protection. Phishing is the term used where someone sends you a fake email from your bank and entices you to click through to a fake website and log in to your bank. Essentially, because the email is fake and it has sent you to an identical (but fake) website, you are not logging in to an online bank but instead are simply providing your username and password to someone else so that they can log in and have full access to your bank account. The same applies for PayPal, Amazon, eBay and many other services that are connected to your bank card. Although accessing your account just to steal money is mentioned above, it isn’t the only reason. Some fake bank emails just want you to visit a webpage so that your PC is infected with malware which can then use your PC to launch an attack on another system or steel files and all your keystrokes so they can get a lot more information from you.
The built in phishing service attempts to block these sorts of websites. It is backed by a company called PhishTank who collect real time information about scams and phishing attempts and add the bad websites to a block list. OpenDNS utilises this block list and if you click on a link, you should be lucky and see a warning telling you to go back. This service also blocks other forms of identity theft.
One bit of extra advice I’ll give here is that if your bank emails and gives you a link to log in and read something or check an option, do not use the link. Instead just go to the web browser and load up the webpage by typing in the URL (or using a book mark). If the message is important enough then after logging in, it will be presented to you. Do not click links in emails to Paypal, Amazon or your online bank unless you know for sure that it came from one of those organisations.
Windows Updates – Keeping your PC Patched
Moving on, the next subject is Windows Updates. One thing I regularly see when fixing friends PCs is the amount of Windows Updates that need to be installed. I’ve seen some cases where none were installed other than perhaps SP1 which came with the operating system. Windows Updates are easy to install on whatever Windows operating system you use. Assuming you have XP or above because Windows 2000/ME and older no longer qualify for security updates.
Make sure that you go to the control panel and Windows Updates and set them to be automatically installed when available. After doing that, run the Windows Update from the Start menu to make sure you are current with your updates. Installing updates will ensure that you are patched from all the known vulnerabilities. When I say updates, I mean all critical updates such as service packs and other individual updates.
As well as Windows Updates, it is worth also checking updates for all of your software. The majority of software has a link, usually within the Help menu, that allows you to check for updates. Office occasionally gets updated to fix vulnerabilities in Outlook as well as other software. Keeping your software current helps prevent malicious attacks from hitting your PC.
I mentioned software updates here. With that, always make sure you are running one of the latest supported web browser. I recommend Chrome or Firefox and then when you are notified an update is available, install it. Using an out of date browser is a high risk as a number of scripting type attacks can be done which will allow unwanted software to be installed. By using the latest versions of your browser, you help prevent malicious websites from installing software you don’t want. That is of course if OpenDNS hasn’t already prevented this from happening. Either way, it’s still best to use the latest software and even more so when it comes down to the web browser.
Installing a virus scanner is usually mandatory for most people. I know a few who don’t use virus scanners as they are experienced in noticing and quickly fixing issues, but for the 99.9% of the rest of PC users, this is pretty much a given. Luckily there are some free options out there from the likes of AVG which will provide some decent protection to your PC. Although you can prevent a large amount of attacks coming to you by implementing OpenDNS and running the latest software, there’s still a risk there. If AVG is updated regularly by the user, it provides another protective barrier and can prevent the virus being installed, thus saving paying out money for someone to help fix your PC.
Although you might not want to run a virus and a malware scanner on your PC, I always like to have a few around which includes MalwareBytes and Spybot. If I suspect visiting a bad site, then I’ll run a scan to see if anything was installed and then use the software to remove the malware.
Keeping your PC clean can be achieved by the few simple steps above and with being a bit more observant. In summary, I’d like to remind you of the following:
- Use OpenDNS – It’s free and can help block phishing and id theft.
- Use Windows Update and set it to automatically run.
- Update all your software, most importantly Outlook (if you use it) and your web browser(s).
- Be careful when you open emails. Even though they might come from a friend, if the URL (link within) looks suspicious then don’t open it. If you do then hopefully OpenDNS blocks it or your virus scanner stops the effect. Ask yourself, why would my friend send me this email with little to no detail?
- If your bank or an online store emails you then be cautious. If you do think a link is genuine (which it likely isn’t) then make sure it takes you to the correct website. If Amazon it will be something like https://www.amazon.com and not https://www.myamazon.com or www.amazons.com.
- Install a virus scanner and have Malware scanners installed just in case.
- I’ll throw in this one as a bonus… use two-step authentication where available. Google uses this, Dropbox does and more and more services are transitioning over. Banks often use devices like the PINSentry from Barclays to make up a new password each time you log in.