Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Protect Better

Install

Install an Antivirus program and ensure that it is always up-to date.

Install a firewall – either hardware or software – to deny access to your network/computer from locations outside of your gateway. Most operating systems offer a built-in software firewall; ensure that it's turned on and stays on. 

Updates

Keep everything updated - make sure that your entire computing environment is fully patched:

  • Operating system
  • Applications such as Adobe Acrobat and Reader
  • Browsers
  • Browser plugins such as Adobe Flash, etc.
  • Other applications that access the web
Most applications can periodically check for updates automatically; ensure that this feature is enabled.
Administrator

If you normally run your Windows machine with an account that has administrative privileges, it also means that malicious activity on your session can use those same privileges – letting an attacker do anything they want to your system. Therefore, it is strongly recommended to create an account that does not have admin privileges enabled, and use that for day-to-day operations.

For more details, see
Passphrase

Use passphrases, not passwords – in other words, don't use just alphabetic characters. Use a combination of upper and lower case characters, numbers, and special symbols. Take a look at how long it would take for a single desktop PC to crack different kinds of passwords:

Password Contents Length=8 Length=10
lower case characters 13 minutes 6 days
lower and upper case characters 2 days 18 years
lower and upper case characters
plus numbers 
10 days 106 years
all of the above plus special symbols 57 days 928 years

Password Padding - Many people use their favorite pet's name as a password – that's a terrible idea! However, by padding that name with easily-remembered numbers and symbols, the password can be transformed to become extremely hard to crack. Let's start with the name "Sophie" (upper case S, lower case "ophie") and build on that:

Password Time to crack
Sophie less than one second
Sophie*1 57 days
-Sophie*1- 928 years
--Sophie*1-- Five million years
---Sophie*1--- 32 billion years

You can see that by padding a name with easily remembered numbers and repeated special characters, the password's strength can be improved tremendously.

EMail Stop and think before you click on links or open attachments in emails. Don’t open suspicious emails attachments directly – save them and then have your antivirus tool scan them . Don’t click on links in emails requesting your personal details. Always sign out when you've finished reading your email. You should treat all emails as suspicious – even an email from a friend may be infected.
Guest Turnoff/Rename/Password protect the Guest account if your operating system comes with one, as is the case with most versions of Windows.
USB Turn off auto-play and auto-run - these are off by default in more recent versions of Windows, but you should still check to verify that they're still disabled.
Sharing Disable File Sharing
Wifi Secure your wireless network. If you are using a wireless router/modem, change the default administrator password to something robust as discussed above. Use WPA or WPA2 encryption – WEP is an older standard and is no longer considered secure. Also, disable the router's ability to be administrated from its WAN side. Refer to your router/modem manual for further details.
URLs Take care with shortened URLs. URL Shortening services such as bit.ly and TinyURL can mask the actual destination site, with the result being that your browser could be directed to a malicious site without you knowing it until it's too late. Some URL shortener services allow you to preview the actual URL before going there – avoid using services that do not support this.
Double File Extensions Watch for odd file extensions such as used in "help.txt.vb" and "mother.jpg.exe". While .txt and .jpg are usually benign extensions, your system will usually only recognize the last extension – .vb or .exe – which will then run and potentially infect your system.
Browser Scripting Manage how scripts are run in your browser. Browser plugins such as NoScript for Mozilla Firefox and ScriptNo for Google Chrome can provide a great deal of protection against malware on the web that depends on scripting or (JavaScript, ActiveX) or applications that can execute code (Adobe Flash, Java). These plugins let you selectively "white list" websites and web resources. When a site is first visited, the plugin blocks scripted resources from being able to run. You can then temporarily or permanently enable those resources if you deem them safe; from that point on the site will behave normally.

Third Party Software Disclaimer

We'd Like to Help!
Malware Resources