Back-of-the-Envelope Computer Security

The Web Address of this page: http://scc.pinehurst.net/boesecurity.html

Updated: Friday, May 13, 2016

by Jim Anderson

The following is an outline of a presentation to the Computer Club of the Sandhills (May 9, 2016) at the Whispering Pines Town Hall. It includes examples, links to free software, articles, and informative websites.
Based on my experience this guide contains the most important security tips for the typical home computer/Internet user (especially the Preface and items numbered 0 through 7). I have called this presentation "Back-of-the-Envelope Computer Security" because it makes no claim to provide advice or solutions for every possible computer/Internet security issue, which are legion. That said, this guide represents the most common threats and the defenses and remedies I have myself employed. I hope this information will help save you time and frustration, and perhaps some money!

Preface (Before anything else): Passwords

  • Breaking News: It may be time for you to update your email passwords.
  • Password Do’s and Don’ts
  • The Simplest Security: A Guide To Better Password Practices
  • Two-factor authentication (2FA): What you need to know
  • Two-Factor Authentication: Who Has It and How to Set It Up
  • Why You Should Use a Password Manager and How to Get Started
  • Am I An Idiot for Still Using a Password Manager?
  • Should You Use a Password Manager?
  • Is The Password Dead? The Future Of Web And Mobile Authentication
  • The future of passwords really is no passwords
  • 0. Wireless security and Firewalls

    Wireless security

  • Wireless security (Does your wireless router require a passphrase to connect?)
  • Why this is important
  • Securing Netgear Routers
  • Securing Linksys Routers
  • Does your router need a firmware update?
  • Upgrading your router firmware manually (Netgear)

    Firewalls

  • What is a Firewall?
  • Your router has a firewall
  • Windows has a firewall (look in Control Panel)
  • Most major anti-virus programs include a firewall (it may be a feature of the paid version) - if enabled they will disable your Windows Firewall.
  • 1. Uninstall these insecure programs

    Some commonly installed programs can be sources of vulnerabilities, for instance Java and Quicktime. (Perhaps uninstall Adobe Reader and Flash as well, if you can do without these. Otherwise be sure to keep them up-to-date.)

    Go to Windows Control Panel/Programs and Features:

  • Uninstall Java
  • Uninstall Apple Quicktime (no longer supported)

    In your browser(s):

  • Also Disable Browser support for Java
    Java and Javascript have NOTHING to do with one another except the similarity of their names. Javascript is completely browser based and should NOT be disabled.

  • Download and install VLC (Free!) to replace Quicktime - VLC is the best video/audio player available for Windows.

  • 2. Keep Windows updated, but beware phony update notices generated by websites, especially for Flash

  • 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates
    Why are updates so important:
  • Zero-day vulnerabilities
  • What is a zero-day attack, and can anything defend against it?
    The Special Problem of Flash Updates
  • What is fake flash player update pop-up?
  • Chrome users are in luck: "You get Adobe Flash player on Chrome automatically, and it updates when Chrome does."
  • Firefox users have a bit of trouble to go through.
  • IE users are also in for grief.
  • 3. A little background on computer virus-related terminology:

  • Malware, Spyware, Virus, Worm, etc - What’s the Difference?
  • What Is the Difference: Viruses, Worms, Trojans, and Bots?
  • The Difference Between Antivirus and Anti-Malware (and Which to Use)
  • What's the difference between antivirus and anti-malware?
  • Common attack vectors
  • 4. Prevent virus/malware infections (real-time protection)

    How many anti-virus/anti-malware products should you install?
  • For all Windows users connected to the Internet one anti-virus and at least one anti-malware product are recommended. In general you should not try to install multiple anti-virus programs as they will interfere with one another (and often will not even install if they detect another anti-virus installation). Multiple Anti-malware programs generally do not pose the same problems. I prefer Avast/Malwarebytes combination. In addition, I use Adwcleaner if an infection is suspected.
  • Here is a review of The Best Free Antivirus Utilities for 2016 Included are reviews of Avast, Panda, AVG, Comodo.

    Here are the anti-virus/anti-malware products I use (or have used recently) and recommend, all FREE!

    Top-rated free anti-virus products:


  • Avast Free Antivirus 2016 I have tested Avast on five of my computers and used it for years (testing under Windows 7, 8.1) and am pleased with the results. See the PC Mag review of Avast Free Antivirus 2016. Avast will also prompt you about updates available for commonly installed free programs like Flash plugins, Adobe Reader, Firefox, VLC, etc. This feature can be turned off if you like to live dangerously. New! Avast now includes a password manager and, remarkably for an antivirus product, will check for network vulnerabilities, like router firmware problems!
  • Panda Free Antivirus 2016 Sets a new technological standard for virus/spyware/malware protection. Have also used Panda in the past with good results. See the PC Mag review of Panda Free Antivirus 2016.
  • AVG AntiVirus Free 2016 I used and recommended AVG for years until Panda and Avast surpassed them some time ago. But the Anti-Virus/Anti-Malware market is a game of technological leapfrog, almost more than any other. AVG remains a good choice. See the PC Mag review of AVG AntiVirus Free 2016.
  • What about Microsoft Security Essentials (Windows Defender in Win 8/8.1)? Most people need more than it provides.

    Anti-Malware:


  • Malwarebytes' Anti-Malware "Can detect and remove malware that even the most well known anti-virus and anti-malware applications fail to detect." Offers real-time protection during trial period, must be updated and run manually thereafter unless purchased. See the CNET review of Malwarebytes' Anti-Malware. Highly recommended.
    Newegg has the paid "Premium version" for $40 for 1 year, license covering 3 PCs.
  • New, personally only slightly tested, product with good reviews EMISoft Emergency Kit.
  • 5. If you do get an infection:

  • How to tell if you’re infected with malware
  • Adwcleaner "A free removal tool for: Adware, PUPs (Potentially Undesirable Programs), browser toolbars, homepage hijackers." Must be downloaded for each new version (no internal updates), and must be run manually - no real-time protection and there is no paid version. Still, what it does, it does well. Adwcleaner also has the benefit of cleaning up PUPs and browser infections. Some care must be taken in finding the real mccoy - Scammers Are Using a Fake Version of AdwCleaner to Trick People. Be sure to download it from the https://toolslib.net/ web site. Here is the AdwCleaner documentation. Highly recommended.
  • How to remove malware for free - YouTube Video
  • How to Remove Malware From Your PC
  • 6. Beware Scareware

    What is Scareware?
  • Here is an example I captured only yesterday. It was accompanied by an irritating woman's voice repeatedly warning me I MUST call the number listed on the screen, otherwise dire things would happen to my computer! Sometimes you will hear what sounds like a fire alarm, and other emergency type sounds designed to scare you. Also you might get cold-called (from Microsoft, NOT!) telling you you have a virus on your computer - how would they know? On one person's computer which was a victim of Scareware I found that among other things the miscreants had set a DNS server address in the IPv4 properties - these servers were either down or bogus. This meant all this person's web links would fail! To them it appeared as if they were not connected to the Internet. Using a different browser would not help. Only resetting the DNS to the default (Obtain DNS server address automatically) solved this problem.
  • Scareware is one variety of Social Engineering
  • Tech Support Scammers
  • Avoid tech support phone scams
  • "This is Microsoft Support" telephone scam
  • Remove Tech Support Scam pop-up
  • The hunt for tech support scammers
  • What happens if you play along with a Microsoft 'tech support' scam?
  • 7. The problem of PUPs

    What are PUPs?
  • PUPs and You
    What to do about PUPs:
  • Be careful when downloading free software as many contain PUPs. If the software is desirable be sure to monitor the installation screens and disable (uncheck) any options for additional, unrelated software. Avoid downloading from download.cnet.com - they are known to package PUPs with legitimate downloads, especially through their own "Download Helper." Be careful of extra "Download Now" buttons that show up on some download sites which purposely delay the start of the download to trick you into clicking these extra downloads of PUPs. This page gives you some ideas on the tricks employed by many freeware download sites.
  • Mind the PUP: Top download portals to avoid
  • Examples: Browser/homepage/search engine hijackers, toolbar malware (eg, the Ask toolbar)
  • Spyware [or Malware] Removal Utilities That Are Actually Spyware [or Malware]
  • 8. Beware Phishing expeditions

    What is Phishing?
  • Scam Email: What is Phishing? What do I do about it?
  • How to be Safe from Phishing
  • What to Do If You Receive a Phishing Attempt
  • Here is an example phishing attempt that "almost" caught me: I got an email last night with this very realistic appearanceand note the sender was "supposedly" Paypal (paypal@email.paypal.com):
    Paypal Phish attempt
    I say I almost fell for this - I clicked the View Statement button, but Avast closed the opening tab immediately. I clicked again, and again Avast closed the tab. Then I knew something was up. I let my mouse hover over the View Statement button and this is part of the URL it revealed:
    https://epl.paypal-communication.com/...
    This tells me it was not an email from Paypal, because the domain of the URL (epl.paypal-communication.com) is not a Paypal domain. How did I know this? Because all Paypal domains are within the paypal.com domain. So then I selected the gmail reply dropdown menu and selected Report Phishing as shown here:
    Report Phishing
    What would have happened had Avast not closed the link before I could do anything? Possibly I could have given some criminals my Paypal login info and they could emptied my checking account! Perhaps I would have noticed the strange domain when the tab opened and maybe not. But here Avast potentially saved me a great deal of grief.
  • 9. Malvertising

    What is Malvertising?
  • Malvertising Campaign Hits BBC, NYT, More
  • MSN Home Page Drops More Malware Via Malvertising
    What to do about it:
  • Malvertising Is Here: How to Protect Yourself
  • 10. Ransomware

    What is Ransomware?
  • The Growing Threat of Ransomware
    What to do about it:
  • Anti-Ransomware Software Overview
  • Malwarebytes Anti-Ransomware
  • Newest Rogue-Ransomware Threats
  • 11. Helpful (non-scamming) security-related websites:

  • Bleeping Computer, especially their Spyware and Malware Removal Guides
  • Malwarebytes Unpacked
  • MalwareHelp.Org
  • AVG Now (security blog)
  • Kaspersky Malware Blog
  • MS Safety & Security Center
  • Home Network Security by US-CERT (part of the Department of Homeland Security).