Beat the seven security sins

jjones | Guides | 13/07/2008 12:45pm
6 Comments

While computer viruses rarely make the headlines any more, the volume of PC malware is at an all-time high and growing at a frightening rate. Security is no longer about fighting one big virus which threatens every few months, it’s about adapting to the thousands of new threats that appear every day, resulting in millions of pounds of lost money and irretrievable lost data.

To kick off our Security Sins campaign, we launched a survey of our readers to find out their PC security habits. We had hundreds of respondents who told us all about their computer set-up and their experiences with viruses, spyware, fraud, identity theft and spam. From these results we discovered the seven most common – and serious – security sins:

“I don’t need anti-virus”

While viruses have taken a back seat recently to the money-spinning spyware industry, they can still have devastating effects. A massive 20 per cent of the respondents in our survey had lost important data such as documents and precious family photos.

Many people who use free anti-virus programs are still putting themselves at risk from viruses. The way these programs are written, and the low priority of updates, means that viruses are given windows of opportunity before definitions are updated, in which time your PC may have already been attacked.

“I don’t run a firewall”

A firewall is your computer’s first line of defence against incoming malware, and a good firewall can help keep your PC safe. But in our survey two-thirds
of people said they don’t regularly check their firewall’s permissions list, meaning they have no way of knowing which programs are allowed and which are not.

Setting up your firewall properly is key to stopping attacks, but many gamers and users of network devices turn off their firewalls because they can cause issues with connecting.

One problem with firewalls is the need to allow through data, which may not be safe. One reader who preferred not to be named told us: “I’m not confident they’re secure. My 13-year-old daughter uses MSN and Windows Live Messenger a lot and her laptop has been affected by viruses recently. We’ve also been the victims of credit card fraud – only 51p, but that was through an online transaction.”

“Emails from my bank can always be trusted”

One of the biggest scams hitting the internet today is phishing, where criminals send out emails professing to be from your bank, asking you to confirm your log-in details. When unsuspecting people enter their passwords, these are then captured and used by criminals to steal money from the account. The result has been millions of pounds lost every year in Britain alone, and this is costing both banks and their customers, in cash
and time and effort.

Over the past few years phishing attacks have increased in number and sophistication, and it’s now very difficult to distinguish legitimate banking
correspondence from phishing attempts.

In our reader survey, 27 per cent of respondents admitted to opening a spam email, and more worryingly, more than 1 in 10 readers have clicked on a fake bank link. These statistics show how easy it is to be duped by phishing attempts and the risk posed by this type of threat. You musn’t underestimate the importance of protecting your PC with good anti-spam
and anti-phishing tools to stop fraudulent emails getting to your PC in the first place, and to provide a second line of defence.

“Criminals can’t steal my identity from my PC”

One of the most common crimes now taking place on the internet is fraud, a
practice which costs credit card companies billions of pounds every year – and costs consumers as well, in both lost money and the time and effort required to sort it out. Our research found that a shocking 1 in 25 of our readers had been a victim of identity theft, and 1 in 10 had been a victim of fraud.

These statistics show how malware has grown from a random or malicious act of vandalism to a crime-wave, which the internet security industry claims funds organised gangsters and even terrorists.

One reader, Alan Jacques, told us: “I purchased something online to make
sure that the card worked OK. When I checked my statement I noticed three entries for software I had apparently purchased totalling £90. My two main bank accounts had similar amounts of money deducted over the same three days. In total I had about £270 taken.”

“I get great deals in my email”

Spam is another major issue affecting computer users, and in 2005 the number of ‘phishing emails’ – messages which purport to be from banks and buildings societies – increased 1,000 per cent.

According to our survey, over a quarter of our readers have opened a spam email, thinking that what was on offer was a good deal, when in reality, spam often harbours fraudsters looking for a willing victim. More worryingly, 20 per cent have clicked on a spam link, and one in ten have been fooled by a banking phishing scam, entering their account details and passwords into fraudulent web sites and putting their bank accounts and financial security at risk.

Spam email often harbours malicious code which can make PCs part of a botnet, where the machine is used to distribute more spam unbeknown to the owner.

“I scan for viruses so my PC isn’t infected with spyware”

Aside from running spyware protec
tion, scanning for spyware is an important part of keeping your computer secure. Whether used as a standalone program or as part of a package, anti-spyware is very important. However, a third of our survey respondents simply left their spyware software to maintain itself.

Sergei from PC Tools stressed the importance of using specialist spyware software, rather than using anti-virus tools to identify threats.

“Spyware can be very insidious in the way it hooks itself into a computer, so anti-virus programs sometimes only find some of the spyware program and may not restore all parts of the system that have been compromised,” he said.

“When I send things to the Recycle Bin they’re gone”

One of the most common sins is sending personal information to the Recycle Bin. Many people think data deleted in this way has gone forever, but this isn’t the case. Files are still retrievable from the Recycle Bin, and aren’t fully removed until they are written over on the hard drive.

If a PC is stolen or accessed by a wouldbe criminal, your deleted data can be a source of prized information. This is an especially important point for laptop owners who carry their PCs around with them, as these devices are most vulnerable to thieves – something that has been highlighted recently by the theft of government laptops carrying sensitive information that were left on trains. To be secure, files should be wiped from your hard drive using special data-shredding software. Our research shows that over half our readers don’t securely delete data, and one in ten have been victims of fraud – highlighting the importance of deleting your data securely.

We need you!

If you have ever been a victim of viruses, spyware, identity theft or spam then we want to hear from you. We need readers for case studies, and to personally help out as part of our series, so email us at windowsvista@futurenet.co.uk.

This entry was posted on Sunday, July 13th, 2008 at 12:45 pm and is filed under Guides. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a comment, or trackback from your own site.