Some computer threats aren’t immediately apparent, and they aren’t often talked about by the so-called experts. They’re risks that you can’t block by just turning on your anti-virus software or by avoiding certain email attachments. Let’s look at seven of these threats now.
1—Unprotected Home WiFi
The easiest wireless router to connect to is the unprotected wireless router. There’s no password, so there’s no hassle when you want to connect. That’s a tempting reason to setup your home router with an open connection, but I suggest you take the extra few minutes to password-protect your router.
There’s two reasons—privacy and liability. I’ll discuss privacy in another section because the liability part can get you sent to jail.
If you own an open router, anyone can connect to the Internet through your router. Sure, that means they can hog your bandwidth, but that isn’t as much as a problem as when they use your Internet connection to do something illegal—such as download child pornography.
When the police discover someone do something illegal on the Internet, they track down the Internet Protocol (IP) address of the offender. Then they contact the Internet Service Provider (ISP) which owns that IP address and get the home address for the customer using that IP addresses so they can get an arrest warrant.
If the police track the IP address back to your wireless router, they’re going to arrest you, not the person who was accessing the Internet through your open router. You may be able to make a case in court that it wasn’t you, but it will probably cost you thousands of dollars in legal fees to make that point in addition to the jail time, bond money, and cost to your career of being accused of downloading child pornography.
The five minutes it takes to secure your router can avoid all of that, so I highly recommend it.
2—Unprotected Public Wifi
When you use an unprotected wireless connection in public, anyone within range of the router (which can be up to a mile with the right equipment) can snoop on your connection.
Not only can they see the same web pages you visit, but they can also access the hidden HTTP cookie your Web browser sends to websites to identify you.
For example, you login to Facebook, whether at home or in public. When you open up Facebook at the public coffee shop, your computer sends a secret message (cookie) to Facebook saying, “This is _____. Remember me?” Facebook verifies the secret and lets you access your wall and other information.
But when you send that cookie at the coffee shop on the unprotected connection, anyone else who is listening to the wireless connection can grab your cookie. Then they can send it to Facebook and Facebook will show them your wall and other information.
This method doesn’t just apply to Facebook, but almost every website on the Internet. The only websites which are secure are the websites which run in SSL (HTTPS) mode all the time. Your Web browser indicates you’re on a secure website by turning the address bar green or gold. (Different colors for different browsers.)
I recommend that you avoid unprotected Internet, but if you must use it, open your Web browser in private mode (also called incognito)—look in the File menu or try pressing Ctrl-Shift-N. Private mode won’t send any of your usual cookies, so as long as you don’t log into any sites, you should be safe.
3—Losing It All
What if a hacker uses the above technique or another technique to access your online account, what is he likely to do? The answer, unfortunately, includes a likely possibility that he’ll wipe out all of your data.
Some hackers are just bad intentioned—they delete all of your data out of spite. Other hackers use your account for some scam, but then they delete all of your data to make it harder for your to undo the scam.
For example, a common scam is the Western Union scam. A hacker breaks into your email account and sends everyone in your address book an email telling them you’re stuck in a foreign country and you’ve lost your wallet. The email continues with a plea for your friends to send you a few hundred dollars by Western Union Moneygram.
If your friends and family do send money, it’ll be picked up by an associate of the scammer and will never be seen again. (Moneygrams are not refundable when fraud occurs.)
To make it harder for you to ruin this scheme, hackers will delete your entire email address book and all of your old messages so you can’t find the addresses for your friends and family to tell them that you’ve been hacked and that the money request is a scam.
As I said earlier, that unfortunately leaves you without email or address book. Scammers will also delete your information off of social media sites for the same reason, leaving you without any friends or followers.
For this reason, you should use secure passwords, avoid unprotected wireless connections, and backup your online data if possible. GMail and several other online email sites make backups easy, and I highly encourage you to make regular backups part of your monthly or weekly schedule. (GMail will also provide automatic backups for about $5 a month.)
5—Keeping Your Kids Safe
You’ve been on the Internet; you’ve seen how foul and nasty it is. Think about the messages your kids are picking up; think about the shady characters they’re going to meet.
There’s software you can install on your computer to help filter out some of the worst parts of the Internet, but instead of turning to software, I highly recommend that you put your family’s computer in a public part of the house (such as the living room or kitchen) and then keep an eye on your kids whenever they’re on the Internet.
I know that eventually your kids will start browsing the Internet on their own, but if you keep an eye on them during their formative stages and give them useful advice for avoiding the scum of the net, they’ll probably be well prepared when they start browsing by themselves.
I love free programs and I use them all the time. But I also know that a lot of hackers and other unsavory types hide viruses, spyware, and other computer threats in free downloads.
Free downloads can be good or bad, and there’s only one way I know of which can help you tell the difference: find an expert.
You don’t need to know an expert, all you need is a trusted resource, such as a software review site. Find a site which frequently reviews software and which has no vested interest in whether or not you download the software. Then check them for every program you intend to download. If the software hasn’t been reviewed, send them an email suggesting they review it—most will.
But never just download a program without knowing it’s safe. Once you mess up your computer, it’s almost impossible to clean it up without reinstalling Windows.
7—Google Sees All
This may seem a little paranoid, but it’s increasingly the case on the Internet that a few large companies know everything about what you do on the Internet. Chief among these companies is Google.
Every time you visit a webpage—any webpage—that webpage gets information about you and your Web browser. The main information is your Internet Protocol (IP) address, Web browser name and version, time zone, screen size, and some other minor details.
That’s not so bad. If someone, say the government, wanted to track every website you visited, they’d have to ask every website in the world for their logs—which isn’t likely to happen.
But over the last few years things have changed. Now many websites on the Internet use shared services, many of them from Google. For example: Google advertisements (AdWords), Google website statistics (Analytics), and Google cloud computing (Apps).
Whenever you load a webpage incorporating a Google service, you also send Google your information—including the address of the page you tried to load.
That means that someone who wants to know every webpage you visited can get almost all of that information from just one source—Google. A subpoena to Google will get the government the address of every web page you’ve visited over the last few years no matter how many times you’ve cleared your Web browser history.
Maybe that doesn’t scare you; maybe it isn’t really a threat to privacy; but all that information in the hands of one giant company sometimes seems to me to be the most important of computer threats.