Staying Safe Online: How to Avoid Internet Viruses

The Internet is a wonderful tool. Many people who have grown up in or after my generation think of the Internet as an actual place. In the beginning it was an "E-den" that has now been subverted by intrusion and profiteering to the formidable jungle of tangle and tooth that we see today. The paths are overgrown with creepers and things best left unsaid are prowling just out of sight waiting for the opportunity to "pop up."

There are simple guidelines that can be applied by the novice and expert navigator alike to guide one safely through the Net. Rule number one, never let your system run inefficiently and laggy. This may not make sense at first but allow me to explain. One simple telltale sign of a possible compromise in your system is unusual and persistent performance loss. There are programs called "bots" that if installed will run in the background out of site and can perform all manner of tasks. Some are harmless and annoying but the majority are malicious, subversive or destructive. By starting with a clean fresh install after removing all data from aka "wiping" the hard drive you have the very best chance of avoiding "sleeper" apps and trojan horses that might carry over to the new installation.

The easiest way to do this is with your system restore disk. NEVER wipe a drive without first understanding how the system restore works. Certain machines such as the Acer Aspire Net book have their restore information secreted away in a second partition on the hard drive. Performing an Fdisk on the drive or using any application to delete the partitions could destroy your reinstall data making system recovery excruciating. So your first step would be to locate the directions for reinstalling your particular computer. manufacturer websites and some retailers may be able to help. Periodic wiping of a machine is actually a good idea anyway since there are no programs capable of guaranteeing that they will always catch everything and remove all useless E-debris from every section of your drive. Not one. Just make sure you save all of your data to an external USB hard disk and you will most likely never lose any of your files. The more backups the better of course. I have a physically small USB drive with 160 GB capacity that is attached to the lid of my laptop on the back side with self adhesive Velcro strips. I store ISO images of all my installation CD's, executable setup programs and all my photo's along with other personal files. This makes a complete wipe and reinstall fast and easy.

For my system I would simply insert my Gateway restore disk and restart. The system boots from the CD and then it wipes the entire drive for me and reinstalls windows. After it finishes I remove the bundled tool bars and apps I deem useless. Then I go to my external archives drive and run the Virtual Clone Drive setup. This installs a driver that lets me access ISO CD images as if they were a real CD. I then go through all my install CD images on my USB hard drive and do a fresh install of each. This lets me keep my real CD's boxed up and safe in case I need them. I then update any drivers that are out of date from my drivers folder and in less than an hour I have a pristine serpent swift machine that gives me no troubles at all. I do this anytime I stumble on a website that displays aberrant behavior and/or my machine starts acting up. That doesn't happen too often.

This brings us to rule number two, websites. Always check the URL for suspicious content. If you are wondering how or even why a URL matters read on. The URL or address of a website will be displayed in the address bar at the top of the web page. A URL will look something like "http://www.hypotheticalexamplewebsiteaddress.com/exampledocument"
the words are all run together with no spaces so it can look daunting at first glance. but reading a URL is actually very easy.

For the casual web novice just ignore the first part "http://" that just tells the browser to use "Hyper Text Transfer Protocol" which is a method of delivering files. For the next part I'll use an easy URL. Say you go to the all pervasive google.com. well the address is actually read right to left and not left to right as you would expect. "com" is actually the name of the corporate website index server. When you are reading a website looking for treachery locate the ".com",".net" or ".org" and start there.

For www.google.com you would see the .com and look left and see google. Google is a large corporation that has very little to gain from screwing up your computer so is most likely trustworthy. To the left again is the sub domain, such as "WWW" or "WWW2". sometimes it is another word like publish or view, these usually indicate the pages main function in some way. Now if it keeps going a ways before you get back to the "http://" it's ok as long as there are NO "\". I'll explain the "\" problem further.

Here is an example of a potentially threatening URL that may be fraudulent. This is only an example. "Http://jl2f.tv/www.google.com" This may or may not seem confusing to you but if you look closely you will see that between "http://" and the first "/" by itself is a domain name. this first domain name is the name of the server you are connected to. Anything after the "/" is all folder names, filenames and script commands that are used to tell that server what to do to you. So in the above example I have presented the hypothetical domain jl2f.tv is very likely trying to confuse people into believing that it is the reputable website google.com.

This is actually a very common method of convincing people to trust fraudulent sites. Many times they are primarily linked through emails. The site operators set up false website and try to make the URL look legitimate. They set the pages up to look similar or identical to the official site. They then try to trick you into entering your account information so that they can steal it and log into your accounts. So remember to always look at the URL between "http://" and the first "/". If you don't believe that it is the URL of the company you are trying to talk to then exit the page and contact the company by phone or check your manual or some official form of documentation for the companies website. There are many different index servers. The most common are Com, Net and Org those are the big three that have been around the longest and are the most used.

There are also gov sites like nasa.gov that I personally view as being as safe and reputable as the government itself. Gov sites belong to government organizations. There are also extensions such as tv, uk, du and others. Some are newer and less used and quite a few indicate the server is located outside of the United States. An example of a legitimate foreign company that I would count as trustworthy is "http://www.bbc.co.uk/". This is the website of the BBC, a news organization in the United Kingdom.

So, once you have restored your computer to factory condition and removed unused software so that it runs without lag you would then install a small amount of protection software from reputable websites or preferably from retail CD's who's origins are easily tracked and verified. Examples of protection software are applications like AVG or McAffee Anti virus. Browse retail products first in a store if possible to get an idea of what is established and most likely safe. Whatever you do, don't buy of the discount rack when it comes to firewall and anti virus software. They were discounted for a reason. Most likely because they weren't well supported and so became unpopular or have been surpassed in efficacy. ipso exacto: outdated crap.

With all the ridiculous tool bars that no one should ever use removed and a sleek fast machine you should have no trouble running a simple firewall and anti virus application. It also doesn't hurt to have a tech savvy family member or friend to get help from. Personally I am rather annoyed at having even seven icons in the notification area of my start bar. I begrudgingly accept them because they are things I have to use or part of the system. Fewer is better when it comes to background applications, hands down.

So we have a fast machine, firewall and are anti virus protected. We know to check addresses for fraudulent redirecting. Is there more you can do though? You can also be smart and never open emails from people you don't know. Your email box is very like having a physical mailbox at a rest stop on the Ohio turnpike. Would you trust a plain brown package left in it by a bored teenager you don't know? I wouldn't. When creating an email address you should balance ease of use with safety. If you are a quadracentanarian that has a large family that sends you emails but you don't use it for anything else you might want to consider a serialized address that might look something like "08211609agk$^@mesopilgrim.com" that's a birth date then initials and then two of the special characters above the number keys. It would be easy enough to remember by those close to you and insanely difficult to guess or formulate by con-men and mass mailers. If you are a business professional and are constrained by policy to easy email addresses you may be stuck with sorting a lot of junk mail with filters.

You may also want to take a slightly more active role in encouraging your pen pals and loved ones to practice safe "Net". Having the most diabolical and annoying of email addresses does no good if you are in someones address book and they are caught with their trousers down by a spy bot that steals contacts. Next thing you know you are on the six o'clock news on the wanted list for sending bizarre enlargement emails to Senator Clinton when you were out having brunch with the girls. Seriously, that's a bit of an exaggeration but it's very disconcerting to get threatening emails from strangers complaining about the emails you purportedly sent them.

Rule number uh, next. For maximum protection, never click any links in any emails from anyone. If the email was "spoofed" and the address falsified that letter from your sister that says check out my cam might be a very uncomfortable click rather than a very very uncomfortable click. It may also be the reason your uncle Ted sent you a letter claiming to be an Ethiopian prince that needs money. If you don't mind a moderate level of risk and trust your contacts to be reasonably safe then just avoid mails from strangers. I admit I click just about everything my family sends me because it's usually old family photos or funny as hell. Sometimes it's both.

Another safety practice, collect your resources offline. Only trust website addresses that are provided by a brick and mortar institution you trust to be smart about sites they endorse. And example of which would be retailers like Staples, Walmart, Meijer, Pigglywiggly, Microsoft, Intel, Dell, Charlie's bar and Grill or Speedway. In these examples there is somewhere you can go in the physical B&M world(brick and mortar) and look at a flyer, box, manual or other official verifiable hard copy and gather the URL for your records. If you receive the URL off the Internet, double check it offline.

When it comes to private information, keep it that way. As long as there is one weirdo left in the world it is a good idea to not give out information that could lead back to who you are and or where you live. In profiles never give out your location any closer than your country to avoid risk of being located. A partial last name and a state is enough to start a search for you.

any information such as schools attended and hobbies or clubs can provided information for narrowing the search down. Giving out the company you work for is insane. Despite the laws governing privacy that is one of the easiest ways to track someone down. Remember, normal people don't hunt you down on a few scraps of information, weirdos with an agenda do. To be fair, missing family members might, that is a different story though. When it comes to locating lost family members, giving out information is a necessary evil.

If you are searching for a missing person it is best to not just post it on every billboard and give out all the info hoping they will find you. Keep it short, give a few clues and if possible run it through search agencies. A good agency will have a robust set of policy and regulation to protect you from harm if things get messy. An example of an acceptable set of clues, I think, would be a birth month and year, a rough description of landmark info such as childhood memories of people, places or events. Such as I was two when my father made me the blue wheel barrow with he mismatched shovel handles for my birthday and mom said I wouldn't get out of it to eat my cake. That's not going to cause me too much trouble as long as that's not something I tell everyone I meet. Were my father looking for me that might be enough to get a contact from him. As it is my family will most likely go O.o when they read that and say "HEY! I know who wrote this article." but that's about where it will end.

When it comes to accounts and passwords, many people make the mistake of being recyclers. Bad idea. Never reuse a user name and password because you can't be sure you can trust everyone at the organization where your account is held. If you shop at Amazon and have your email address on file with them and use the same user name and password, some disgruntled Amazonian could steal your email address. Or worse, a disgruntled mail provider employee could read your mail and see you have an Amazon account. Then they may abuse the knowledge by trying your user name and password at Amazon and potentially be able to make purchases in your name. This holds true for any site. If you are in a flower lovers chat group, it could be possible for someone to hack the unsuspecting service provider and then set up a bot to check all banking and financial sites, Ebay and many other places to see if your user name and password combo work at any of them. they don't have to do anything but let a bot run on some computer somewhere trying all the user names and passwords that they stole from a poorly protected chat server. Automation software is not new nor is it difficult to create and tailor.

Passwords and user names can be daunting to remember so writing them down is also a potential necessary evil. If you are just too busy and overloaded to remember them properly you may be forced to have them written down. It is a wholly bad idea to keep electronic text files with your user names and passwords written in them. If your system is compromised or your portable storage device lost or stolen you may have just handed an identity thief your entire on line life. If a list of websites passwords and user names is required use a small blank journal and keep it locked in a safe. Even better would be to keep each user name and password in a different location but all of them locked behind strong metal. Change your passwords often in case your password becomes compromised and the thief just hasn't got to your account yet.

I hope these tips help and I hope everyone remains safe in their on line explorations. Remember, keep your computer clean, check and verify addresses, keep your privacy intact by not handing out too much information.
Never use the same user name and password for more than one account anywhere.

Do not keep a list of user names and passwords in an electronic form in case of a system breach and do not carry hard copy lists of user names and passwords away from your desk. If you must have them written down then keep them in something as secure as a fire safe at the very least. Happy surfing!