Staying safe in the holiday season

The Holiday Season Computer Security Manual

The shopping season is arriving quickly and many people are getting more and more of their Christmas presents online. These are some good tips from our partner Virusbuster on how to stay safe online.

How to achieve a secure computer environment?

First of all, use an antivirus program! Viruses have become an unavoidable part of everyday computing. In order to combat them effectively, it's essential to have an antivirus program. But this is not enough. Every day, 20,000 to 30,000 new viruses pop up around the world. In order to remain protected, you should always use the latest version of your antivirus program, and keep its virus database updated.

Apply the following simple security rules to improve the effectiveness of your antivirus system, and to reduce the risk of infection!

• Boot virus infections can basically be avoided by changing the boot sequence in your CMOS settings so as not to boot from a floppy disk primarily. In this way, booting will also be faster. Whenever you need to boot from a floppy disk, you can always reset the settings.
• Before putting your floppy disks in an alien computer, make them write protected. If you have to write on them, check them with an antivirus program before using them on your machine.
• Avoid the exchange of Word documents and Excel worksheets. Most macro viruses are stored in these files, and spread through their exchange. If you have to send a document electronically, try to avoid using the DOC or XLS formats. Convert your files into a format, which macro viruses cannot take advantage of, such as RTF for Word or CSV for Excel. If it is only text information that you need to pass on, TXT format can be the safest choice.
• Enable macro virus protection in Microsoft Office 97 and 2000, and disable all macros, with notification in Office 2007's Data protection center. In this way, you will get a warning whenever the document you are trying to open contains macros. In Office 2000, set the level of protection to the highest in order to enable macros from reliable source only.
• Never open e-mail attachments without scanning them! Save attachments first and open them only if virus scanning finds them clean. No matter how harmless an attachment may seem, and how close its sender is, do not trust it!
• Infections by script viruses can be avoided by disabling the Windows Scripting Host. This script running component has been integrated into and is installed with the operating system since the release of Windows 98.
• Set the security level in Internet Explorer at least to medium. This will block the running of dangerous scripts or ActiveX components.

Although they don't serve antivirus protection directly, the tips listed below will also help to keep your machine clean, and to maintain an efficient wok environment.

• Hoaxes in e-mail spread almost as frequently as viruses. Most of them come from users with good intentions, who put all their contacts on the address line. However, in this way they generate nearly as much e-mail traffic as an e-mailing worm. In order to eliminate this mail volume, an organization should appoint one individual, or a small number of people as the only authentic source(s) of virus alerts. Of course only individuals knowledgeable in the field should be selected. They must be able to decide whether an alert is real or not. Whenever members of the organization receive a fake or real alert, they have to forward it to the appointed individual(s), who will then decide whether to pass it on to the whole organization.
• Make backups of your valuable data regularly. Some viruses are designed to destroy data, while others may cause data loss due to programming errors or unexpected side effects. If you have copies of your data, the most that a disaster can take from you is the work you have done since the last backup.
• Disable the Windows feature which hides known file extensions. This feature is abused by many e-mail worms, which spread using double extension file names. For example, Loveletter uses a .TXT.VBS extension, from which the system would hide the known VBS extension, making the worm appear to be a simple TXT file.