Best Security Practices for Internet Safety
Below is part of a recent post in a forum, where a member asked how they might protect themselves better after a major virus or spyware infection created an unbootable system that needed reformatting.
QUOTE: Yes, sometimes advanced spyware or viruses become so ingranulated in the Windows registry and startup process that reloading is your only method of recovery. Tools, more secure settings and best practices will help prevent future occurrences. You probably know most of this general advice and I'll share what I see as a helpful in protection from some of the dangers out there:
1. Good AV package (there are certainly good free versions)
2. Good Firewall (bi-directional preferred)
3. Ensure you are using XP SP2 and IE7, (IE 6 has so many unpatched holes)
4. Firefox offers a good complementary browser with very few working exploits in the wild
5. Best practices and avoidance and "thinking security" at all times are probably your best defenses. Avoid all attachments and URLs in emails (plain text mode is also preferable). Be careful in website visitations (avoid all ads and untrusted sites). Think of every spam message as a telemarketing call or door-to-door salesman visiting ... There ain't no free lunches out there.
6. Monitor new developments. You don't have to become a security expert, but when a new risk emerges take the precautions, workarounds, countermeasures, etc. You're welcome to bookmark my Security Blog (link in signature) as I try to share new developments, best practices, etc. from a user standpoint (and there many other great sites out there as well)
7. You might want to research Anti-Spyware solutions (Counter-Spy, Spysweeper, AVG's version, AdAware, etc.)
8. Ramp up your security services and lock down unneeded services
9. When it comes to email or websites, avoid trusting them too quickly. I like the "No Trust" rule, rather than "Trust but Verify", as top-notch scammers can create authentic looking HTML that appears to come from a bank, Paypal, Microsoft, or other vendors. Call if you have to and validate anything suspicious.
10. Protect your privacy and avoid sharing sensitive info.
11. Use strong passwords and even change them periodically.
12. Stay up-to-date on all Windows patches and security updates for other products