Operating safely in the online world

Anyone who ventures onto the world wide web, and the internet in general, is at risk from online predators.  Most people understand that they need to protect their credit card number from being stolen, but there are other, much more important things that can be stolen by theives.

Ignoring credit card fraud for the moment, the most important thing you can protect online is your identity.  In this age of global networks, it is very easy for thieves to steal and use who you are.  My American readers will understand about protecting their social security number, and in Australia the key piece of information is your drivers license number, but things like your mother's maiden name, your address, previous addresses, phone numbers, and even where you work can all be used to build up a fake profile, and allow the thieves to pretend to be you in order to gain access to things like credit cards and loans, and leave you with a bill for things that you've never purchased.

In order to protect yourself from everything from "script kiddies" (that is, generally young people who buy or use scripts written by others to wreak havoc) to sophisticated crime syndicates operating multi-million dollar fraud schemes, all it takes is a few simple tools, and a little knowledge, when providing your information online.

Anti-virus and anti-spyware software

There are many companies that sell or give away anti-virus and anti-spyware software, and all of the big brands - like Trend, Norton, Kaspersky, McAfee, Symantec - are as good as each other.  When purchasing software designed to detect and eliminate viruses and spyware, it is best to deal with reputable companies, rather than pop-up ads that promise to "clean your computer of unwanted software quickly".  In general, these pop-up ads will lead to your computer having a keystroke logger installed, sending everything you do to one of the crime syndicates, or script kiddies, including your bank account login and password, if you bank online.

As new viruses and spyware is created, and detected, everyday, it is essential to maintain the pattern definitions.  These are the lists of virii and spyware that the software will detect and eliminate for you.  Most good software packages will do this for you automatically, depending on the schedule that you set up.

Firewall

Much like the firewall in your car, a computer firewall will protect you from what's outside it (the engine in your car, and the "hackers", "crackers" and "script kiddies" online).  A computer firewall prevents unauthorised access to your computer from the internet, and is an essential tool in protecting yourself when you "surf the 'net".  A firewall operated by closing off the network ports, or access points, on your computer.  An example of port is port 80, which is used for web servers (such as where you're reading this article).  Home computers can also have these ports open, unless you act to ensure they're closed off.  For example, in Windows XP, port 123 is open by default.  This allows the computer to receive updates from network time servers, and so keep your clock synchronised.  If, for example, a computer software expert found out that there was a bug in the network time server in Windows XP, which could be used to update your password remotely, a firewall would protect you from this by not allowing connections to this port on your computer.

A common misunderstanding is that only people with broadband (DSL, cable, satellite, etc) connection requires a firewall.  This is not true.  While a broadband connection is always connected to the Internet,. dial up users are also at risk online, and so require a firewall.

Many of the companies that produce anti-virus and anti-spyware software also produce firewalls.  It is common to buy a product suite (a collection of software) that contains all three components.  It is not absolutely necessary to buy a piece of firewall software though, as most operating systems (Windows XP, Vista, Apple OSX, Linux, etc) come with a built in firewall, and for those connected to broadband, a good quality router will also include firewall software.

Operating System Upgrades and Updates

As previously mentioned, there are software experts, referred to as hackers, that work on exploiting potential bugs in commonly used operating systems.  In order to avoid this, it is necessary to keep your operating system update by installing all of the patches that are provided via the official channel (for example Windows Update).  The companies that make the operating systems (Microsoft, Apple, etc) have a very large reputation, and stock prices, to protect, and so they employ software experts that are as good as most of the hackers to fight the battle against them on your behalf.  In the end, the exploits, bugs and these "battles" mean little to you, as long as you install the patches or service packs when they come.

Secure Sites

To protect your credit card, or personal information, when entering it online, make sure that you're operating on a secure site.  This means that the website has a secure certificate and encrypts all of the information that is passed between you and the server.  You can think of the certificate as a signature on a document to ensure that it's who it says it is.  Your web browser has certificates that are provided by the "authority" (that is, the company that signs the certificate) and uses these to encrypt the data before it's sent to the website.  There are two ways of telling if the website is secure.  First of all, the address will contain the word https (rather than http).  There will also be an yellow lock icon either on the bottom or the top of the browser window (depending on the type and version of your browser).

Your Password

Keeping your password secure, and changing it often will ensure an extra level of security for yourself.  Do not use the same password on multiple high security sites, as there is a greater chance that if it is detected, the thieves will be at your bank account.  Never write down your password and stick it to your monitor.  A highly secure password will consist of numbers, upper and lower case letters and punctuation marks, and will not be based on a dictionary word in ANY language.  All too often people will use silly passwords, like their pets name, their childrens name, or their date of birth.  You must use a password that can never be guessed.  The best sort of password is a random concoction that means absolutely nothing to anyone but you.  Also note that common "leet" speak methods, changing an o into a zero or an i into a 1 are also easily guessed.  There are many websites around that will generate a list of random passwords for you to pick one.

If you use a lot of different passwords, then it's recommended to enter them into a password safe, which is then locked with another highly secure password.  In order to find a password safe, search on Google.

Following these tips will ensure that your experience online is pleasant, and not one where you are robbed of your money or your very identity.  While they're not foolproof, they will help to keep you secure.