If you are running a Windows computer, you must install an array of security software to prevent an international collection of crooks, hackers, vandals and sleazy business people who aim to invade your PC through the Internet.
You need a good antivirus program, a strong firewall program, an effective antispam program, and a program that specializes in stopping spyware and adware. But the fastest-growing computer security problem isn’t viruses or other traditional malicious programs, and it can’t be entirely defeated by using security software. It’s called "social engineering", and it consists of tactics that try to fool users into giving up sensitive financial data that criminals can use to steal their money and even their identities.
Here are a few tips to help you avoid these schemes:
1. Don’t trust email from financial institutions. Email is so easily manipulated by crooks that you simply should never, ever consider any email from a financial institution as legitimate. The message may bear a bank’s or a broker’s logo, but you should never respond to such an email, and never click on any link it contains.
2. Never respond to unsolicited commercial email, or spam, or even click on a link in an unsolicited commercial email, In the old days, responding to spare just got you on more spam email lists. Today, it might also result in the secret installation of a key logger or other malicious software.
Besides, any company that has to resort to spam as a sales tool isn’t likely to have a very good product to offer. Do you really think that if someone had invented a pill that enlarged breasts, he would be selling it through spare He would have sold it to a big drug company for billions.
The only safe response to spam is to ignore it and delete it.
3. Don’t download or use free software unless you are sure it’s legitimate. Sites offering free cursors, for instance, can secretly install all sorts of bad stuff on your PC. This is especially true of free security software, which is sometimes just malicious software posing as a security program. If you suddenly see a security program pop up on your PC, don’t mast it.
There are many legitimate free programs, but check them out before downloading. Look them up on the CNET or PC Magazine websites, which review most software. If they are not covered there, assume they are not legitimate. You may pass up some free programs that are real, but it could save you from huge grief.
There are some new security programs aimed directly at social-engineering cheats. A new add-on for the firefox web browser, called Shazou, can tell you where a website’s server is located. If you think you are on the Bank of America website, but Shazou tells you the server is in Russia, that is a clue that you are being cheated. And Symantec plans a new product called Norton Confidential that will tell you if a website appears to be a fake.
The best defense against social engineering, however, is to be smart and careful. We learn from the passage that