As a novice (and not only), protect yourself from spam and viruses on the Internet
This article was written long ago, but continues to be relevant. Its purpose is the role of a certain “lechilki” for beginners who complain about the abundance of “Internet dangers”; I send them the link to this article. The original of the article is on my homepage, as I try to update it.
So, let's begin.
Two things are most dangerous for the average Internet user:
')
In the second case, your own computer will be used to send SPAM, massive network attacks (of course, without your knowledge). You also risk losing your beautiful ICQ number, credit card numbers, email accounts, passwords from online payment systems wallets. Do you have anything else? That you will lose too. Oh yeah, I almost forgot, this virus from your computer will be sent to all your friends, information about e-mail addresses is in your contact book or ICQ contact list.
Not too happy, huh?
In this article I will not tell you about antiviruses, programs that destroy SpyWare, SPAM filters and other programs of this kind. I want to talk about something more important - about your head :).
If you do not want all this to happen to you, you must adhere to some rules that you must learn well.
Protection against spam is not easy. It is very difficult to protect yourself from this shit, but you can try to make life difficult for SPAMs.
Rule one - be careful about the files that came to you by mail.
Especially, this rule should be followed by those who do not know what the Registry Monitor, Process Explorer programs are and why they are needed.
If you received an email with an attachment without warning, do not rush to open it. Even if in the field “return address” your good friend appears, this does not mean that the letter was sent from this address, or that the letter was deliberately sent to your friends. If you do not feel confident - you should try to contact the sender (by phone, ICQ or the same e-mail) and ask him again: “Hello Dima, what kind of file did you send me?” If you get an answer from which it follows that Dima or Vassenka sent you his photo - you can open the letter. If it turns out that Dimochka didn’t send you a letter, then it’s time for Dimochka to check your computer for viruses. And erase the letter. And from the "basket" too.
What to do if the sender is unavailable, but what kind of file did you need to know? Well, first again, try asking someone more experienced to help you figure out what the file is. If not, try to figure it out for yourself: Save the file to disk, somewhere in a separate daddy. Our main task is not to open (do not run - do not click on it twice, do not click Enter on it) files with “potentially dangerous” extensions (file type, usually three letters after the file name and full stop, for example, EXE in the iLoveYou.exe file ). These extensions usually include: exe, com, pif, vbs, vsh, lnk, bat, cmd (these are executable files, and script files that after opening can harm you). How to check which file extension? Many “correct” email programs (for example, TheBat!) Immediately inform the user about the file type (visible in the window where the attached email files are located), besides double clicking on the file (in TheBat! Is not on your computer’s drive!) »Reports the actual file extension, and again asks if you are sure that you want to open the file.
If you do not have anything like this, and you have already saved the file to disk without launching it - go to the folder with the file, right-click on it, select the “properties” item in the drop-down menu. If on the panel that opens (for Windows XP) you see the value “Application” in the “file type” field, it is better to leave such a file until the circumstances are clarified. Also for such files, usually in the properties window there is a tab "compatibility" (which is necessary only for applications).
I also want to draw your attention to the fact that appearance can be deceptive. A file with an .doc file file may not be an MS WORD document file at all, and a file (icon) that looks like a “JPG image” may actually be a program started. Always look at the extension. Therefore, I advise you to open Start / Settings / Control Panel / Folder Options / View tab / remove the check mark from the “Hide extensions with registered file types” cell.
The rule applies not only to files received by mail, the same applies to files sent via ICQ, IRC and other networks.
Rule two - do not react to the advertising letters that came to you (SPAM)
If you received a sales letter - just delete it. You do not have to answer it - at best, no one will read it (since the return address is usually fake) at worst - you will show that your postal address is “alive” and you can send a lot of advertising to it.
Rule three - do not "unsubscribe" from the mailings.
Many SPAM letters contain a signature that says “if you don’t want to receive more advertising from us, you should follow this link and unsubscribe”. This is a provocation, never press links in SPAM letters. The point is not even that you make an extra "host" on the counter of the "spinning up" site. The whole danger lies in the link itself - such a link might look something like this:
http://server.com/subscr.php?id=12345, where 12345 is the number corresponding to your postal address, and by clicking on this link you will again confirm that your postal address is "alive and always ready to accept SPAM."
Rule number four - do not leave your e-mail address anywhere.
If you are asked to enter your e-mail somewhere during registration, think twice whether it is worth it. If you are not sure that this is a reliable server, and the list of registered users will not be transferred to SPAMMERS - only then leave your real address. (large Internet services, old proven forums can be attributed to “reliable” servers).
What to do if you still need to register, and the address is scary to leave? There are two options: 1 - get yourself an extra mailbox, especially for such registrations. 2 - use the mailinater.com service. The essence of this service is simple - when registering on a suspicious site, you specify the postal address of user_name@mailinater.com, register, then go to the site mailinater.com , enter the login you chose (no password required!) And see the letter that was sent there you at registration. I advise you to choose login more difficult, so that it plays the role of a kind of password when receiving data.
Also make sure that in all the forums that you visit in the settings of your account, the checkbox "do not show my e-mail" to other users is checked (almost all modern forum engines support this option). With the participation of various echo conferences, it is also recommended not to use your main mailbox.
Rule number five - (in general) do not click on unfamiliar sites "OK" in the dialog boxes.
Many troubles occur due to the fact that users indiscriminately poke the "OK" button without even reading into what they agree with. What if it was your death sentence? :)
If, while working on the Internet on some website, a dialog box with “yes” and “no” buttons pops up: read carefully what they tell you. If you are offered to install any program - do not agree. If the browser informs you that the contents of the page are not safe - choose the option that will keep your safety, try not to ignore such warnings. If you use the Internet Explorer browser (Oh, it would be better if it was Opera or FireFox ), the best thing is to set the advanced security level - in the menu Tools / Internet Options / Security / Default / select "medium". Better below the "average" does not fall.
Rule Six - Do not install software of dubious origin.
Hanging out on the web and downloading screensavers, fun programs and other sludge from untested sites — you run the risk of catching a virus with such a program. Many such “colored trinkets” are created for this purpose.
This is especially true of “hacker software”, most often “young talents” who come to think of themselves as hackers and extort megabytes of “Trojans” along with outdated “nukes” and “Internet cracks” come across such tricks. A vivid example of this is not so long ago (upd: already - for a long time) the program that appeared, allegedly for hacking the phpBB forum, which contains a Trojan virus.
Rule number seven - install updates.
Many programs can download updates. In this case, “updates” are not new versions of programs, they are so-called “live update” (Live update). The point is this: There is, for example, the program Norton Antivirus. Every day new viruses appear, and your program knows nothing about them. In order for it to successfully deal with them, it needs updates to the virus definition database. Such updates (if you did not change anything in the settings) are usually performed automatically, or the program prompts you to check after a certain period of time. It is very important to update your antivirus, operating system (Windows XP update settings - Start / Settings / Control Panel / System / Automatic Updates)
Rule number eight - do not choose a simple mailbox name.
When registering a mailbox, you, of course, first of all want to register some simple name like “sasha”, “vasily” or something like that. This is logical - such an e-mail is easier to remember, easier to dictate by phone, and in general it looks better on a business card. Let's look at this approach from the other side: If SPAMMER makes a list of the most popular logins and sends its advertisements to mail servers using such lists at random, you will also be distributed. Remember that such a spammer will not be alone. So it’s up to you to decide which is more important for you - a short common login, or something more complicated, but “not a dictionary”, something that you simply can’t guess.
Rule nine - do not use simple passwords.
Your password should not match the login. Your password should not consist of one digit (this way it is easier to peep it “from behind”). Your password should not be too short. Your password should not consist of characters on the same line on the keyboard. Your password should not consist of the word "password".
There is a practice - to type Russian words (it is easier to remember them) in the English layout. For example, I guess the password “synchrophasotron” and type it by pressing Russian letters on the keyboard in the English layout, it turns out “cby [hjafpjnhjy”. The option is not bad, but the word is still a dictionary, besides, you may have problems typing such a password if there is no russified keyboard.
Rule tenth - do not store passwords in the clear
If you work with a large number of passwords - do not store them in clear form in text files and do not write on paper.
To store passwords, a sufficiently large number of programs are written - one is more convenient than another. Here, of course, security comes down to the fact that all your passwords are protected by one password, but there can be no other way out - not to remember all passwords.
I can advise you to choose a sufficiently long password and do not forget to make backup copies of the database with passwords, possibly on a floppy disk or flash drive.
And finally, a few small tips without explanation: Try to read what programs tell you when they offer to click OK or Cancel. Read the program documentation. Install antivirus. Replace Internet Explorer and Outlook with more secure programs, such as Opera , TheBat! , Mozilla Firefox , Thunderbird ... there is a choice. Do not participate in mass games like “ letters of happiness ”, “sausages” in LiveJournal and so on. Install Ad-Aware SE Professional and sometimes check your computer for malware. (do not forget to update the definition database for this program).
Passing through the road, first look to the left, leaving the house check whether you have forgotten to turn off the iron, gas and water. Always use a condom. Do not catch the eye of the chef when he is hung over. Take care of yourself.
Have something to add? - I will be glad if you comment on the article.
Thank!
So, let's begin.
Two things are most dangerous for the average Internet user:
- SPAM
- Viruses
')
In the second case, your own computer will be used to send SPAM, massive network attacks (of course, without your knowledge). You also risk losing your beautiful ICQ number, credit card numbers, email accounts, passwords from online payment systems wallets. Do you have anything else? That you will lose too. Oh yeah, I almost forgot, this virus from your computer will be sent to all your friends, information about e-mail addresses is in your contact book or ICQ contact list.
Not too happy, huh?
In this article I will not tell you about antiviruses, programs that destroy SpyWare, SPAM filters and other programs of this kind. I want to talk about something more important - about your head :).
If you do not want all this to happen to you, you must adhere to some rules that you must learn well.
Protection against spam is not easy. It is very difficult to protect yourself from this shit, but you can try to make life difficult for SPAMs.
Rule one - be careful about the files that came to you by mail.
Especially, this rule should be followed by those who do not know what the Registry Monitor, Process Explorer programs are and why they are needed.
If you received an email with an attachment without warning, do not rush to open it. Even if in the field “return address” your good friend appears, this does not mean that the letter was sent from this address, or that the letter was deliberately sent to your friends. If you do not feel confident - you should try to contact the sender (by phone, ICQ or the same e-mail) and ask him again: “Hello Dima, what kind of file did you send me?” If you get an answer from which it follows that Dima or Vassenka sent you his photo - you can open the letter. If it turns out that Dimochka didn’t send you a letter, then it’s time for Dimochka to check your computer for viruses. And erase the letter. And from the "basket" too.
What to do if the sender is unavailable, but what kind of file did you need to know? Well, first again, try asking someone more experienced to help you figure out what the file is. If not, try to figure it out for yourself: Save the file to disk, somewhere in a separate daddy. Our main task is not to open (do not run - do not click on it twice, do not click Enter on it) files with “potentially dangerous” extensions (file type, usually three letters after the file name and full stop, for example, EXE in the iLoveYou.exe file ). These extensions usually include: exe, com, pif, vbs, vsh, lnk, bat, cmd (these are executable files, and script files that after opening can harm you). How to check which file extension? Many “correct” email programs (for example, TheBat!) Immediately inform the user about the file type (visible in the window where the attached email files are located), besides double clicking on the file (in TheBat! Is not on your computer’s drive!) »Reports the actual file extension, and again asks if you are sure that you want to open the file.
If you do not have anything like this, and you have already saved the file to disk without launching it - go to the folder with the file, right-click on it, select the “properties” item in the drop-down menu. If on the panel that opens (for Windows XP) you see the value “Application” in the “file type” field, it is better to leave such a file until the circumstances are clarified. Also for such files, usually in the properties window there is a tab "compatibility" (which is necessary only for applications).
I also want to draw your attention to the fact that appearance can be deceptive. A file with an .doc file file may not be an MS WORD document file at all, and a file (icon) that looks like a “JPG image” may actually be a program started. Always look at the extension. Therefore, I advise you to open Start / Settings / Control Panel / Folder Options / View tab / remove the check mark from the “Hide extensions with registered file types” cell.
The rule applies not only to files received by mail, the same applies to files sent via ICQ, IRC and other networks.
Rule two - do not react to the advertising letters that came to you (SPAM)
If you received a sales letter - just delete it. You do not have to answer it - at best, no one will read it (since the return address is usually fake) at worst - you will show that your postal address is “alive” and you can send a lot of advertising to it.
Rule three - do not "unsubscribe" from the mailings.
Many SPAM letters contain a signature that says “if you don’t want to receive more advertising from us, you should follow this link and unsubscribe”. This is a provocation, never press links in SPAM letters. The point is not even that you make an extra "host" on the counter of the "spinning up" site. The whole danger lies in the link itself - such a link might look something like this:
http://server.com/subscr.php?id=12345, where 12345 is the number corresponding to your postal address, and by clicking on this link you will again confirm that your postal address is "alive and always ready to accept SPAM."
Rule number four - do not leave your e-mail address anywhere.
If you are asked to enter your e-mail somewhere during registration, think twice whether it is worth it. If you are not sure that this is a reliable server, and the list of registered users will not be transferred to SPAMMERS - only then leave your real address. (large Internet services, old proven forums can be attributed to “reliable” servers).
What to do if you still need to register, and the address is scary to leave? There are two options: 1 - get yourself an extra mailbox, especially for such registrations. 2 - use the mailinater.com service. The essence of this service is simple - when registering on a suspicious site, you specify the postal address of user_name@mailinater.com, register, then go to the site mailinater.com , enter the login you chose (no password required!) And see the letter that was sent there you at registration. I advise you to choose login more difficult, so that it plays the role of a kind of password when receiving data.
Also make sure that in all the forums that you visit in the settings of your account, the checkbox "do not show my e-mail" to other users is checked (almost all modern forum engines support this option). With the participation of various echo conferences, it is also recommended not to use your main mailbox.
Rule number five - (in general) do not click on unfamiliar sites "OK" in the dialog boxes.
Many troubles occur due to the fact that users indiscriminately poke the "OK" button without even reading into what they agree with. What if it was your death sentence? :)
If, while working on the Internet on some website, a dialog box with “yes” and “no” buttons pops up: read carefully what they tell you. If you are offered to install any program - do not agree. If the browser informs you that the contents of the page are not safe - choose the option that will keep your safety, try not to ignore such warnings. If you use the Internet Explorer browser (Oh, it would be better if it was Opera or FireFox ), the best thing is to set the advanced security level - in the menu Tools / Internet Options / Security / Default / select "medium". Better below the "average" does not fall.
Rule Six - Do not install software of dubious origin.
Hanging out on the web and downloading screensavers, fun programs and other sludge from untested sites — you run the risk of catching a virus with such a program. Many such “colored trinkets” are created for this purpose.
This is especially true of “hacker software”, most often “young talents” who come to think of themselves as hackers and extort megabytes of “Trojans” along with outdated “nukes” and “Internet cracks” come across such tricks. A vivid example of this is not so long ago (upd: already - for a long time) the program that appeared, allegedly for hacking the phpBB forum, which contains a Trojan virus.
Rule number seven - install updates.
Many programs can download updates. In this case, “updates” are not new versions of programs, they are so-called “live update” (Live update). The point is this: There is, for example, the program Norton Antivirus. Every day new viruses appear, and your program knows nothing about them. In order for it to successfully deal with them, it needs updates to the virus definition database. Such updates (if you did not change anything in the settings) are usually performed automatically, or the program prompts you to check after a certain period of time. It is very important to update your antivirus, operating system (Windows XP update settings - Start / Settings / Control Panel / System / Automatic Updates)
Rule number eight - do not choose a simple mailbox name.
When registering a mailbox, you, of course, first of all want to register some simple name like “sasha”, “vasily” or something like that. This is logical - such an e-mail is easier to remember, easier to dictate by phone, and in general it looks better on a business card. Let's look at this approach from the other side: If SPAMMER makes a list of the most popular logins and sends its advertisements to mail servers using such lists at random, you will also be distributed. Remember that such a spammer will not be alone. So it’s up to you to decide which is more important for you - a short common login, or something more complicated, but “not a dictionary”, something that you simply can’t guess.
Rule nine - do not use simple passwords.
Your password should not match the login. Your password should not consist of one digit (this way it is easier to peep it “from behind”). Your password should not be too short. Your password should not consist of characters on the same line on the keyboard. Your password should not consist of the word "password".
There is a practice - to type Russian words (it is easier to remember them) in the English layout. For example, I guess the password “synchrophasotron” and type it by pressing Russian letters on the keyboard in the English layout, it turns out “cby [hjafpjnhjy”. The option is not bad, but the word is still a dictionary, besides, you may have problems typing such a password if there is no russified keyboard.
Rule tenth - do not store passwords in the clear
If you work with a large number of passwords - do not store them in clear form in text files and do not write on paper.
To store passwords, a sufficiently large number of programs are written - one is more convenient than another. Here, of course, security comes down to the fact that all your passwords are protected by one password, but there can be no other way out - not to remember all passwords.
I can advise you to choose a sufficiently long password and do not forget to make backup copies of the database with passwords, possibly on a floppy disk or flash drive.
And finally, a few small tips without explanation: Try to read what programs tell you when they offer to click OK or Cancel. Read the program documentation. Install antivirus. Replace Internet Explorer and Outlook with more secure programs, such as Opera , TheBat! , Mozilla Firefox , Thunderbird ... there is a choice. Do not participate in mass games like “ letters of happiness ”, “sausages” in LiveJournal and so on. Install Ad-Aware SE Professional and sometimes check your computer for malware. (do not forget to update the definition database for this program).
Passing through the road, first look to the left, leaving the house check whether you have forgotten to turn off the iron, gas and water. Always use a condom. Do not catch the eye of the chef when he is hung over. Take care of yourself.
Have something to add? - I will be glad if you comment on the article.
Thank!
Source: https://habr.com/ru/post/6321/
All Articles