However, Webroot Software, Inc., the leading provider of anti-spyware
software and other security technologies, recently surveyed an international sample of 1,100 consumers. The survey revealed that 45.4% of the respondents are concerned about spyware during their shopping sessions. The survey also reveals that 60.7% of the consumers see themselves having an intermediate computer knowledge, thus most consumer would prefer having
easy to follow guidelines to protect their computers.
In line with these concerns, Webroot has developed some hints and tips to
help shoppers get through the festive frenzy safely:
1. Just say “No!” to free software
Many adware and spyware products come bundled with so called freeware. File
sharing programs like Kazaa come bundled with nasty programs that create
pop-up ads and redirect your browser home page or search results. There is
freeware that is spy-free but because of the less than honest techniques
used by the spyware purveyors it is too hard to investigate every program.
That said there are reputable sites that offer freeware that is
unencumbered and there are efforts underway by industry groups to certify
software as spy-free.
2. Use Mozilla FireFox
As of this writing there are no pieces of spyware or adware that attack
vulnerabilities in FireFox. Of course, there are vulnerabilities in FireFox
that could be attacked so you still have to be vigilant. And of course you
cannot get rid of IE completely because many sites still require it.
3. Use Mac OSX
This operating system, available on Apple computers is much safer to use
that any Windows based OS. There are lots of reasons for this but the most
important is that this OS has a very low market penetration so virus and
spyware writers ignore it. There have only been a couple of viruses and too
date NO spyware written for Mac OS X.
4. Make sure your Internet Explorer has been patched up to the latest
available security patch.
That goes for Windows too. You should be running WinXP Service Pack 2 with
all of the latest security patches.
5. Avoid questionable sites
Avoid Web sites that offer unscrupulous content such as pirated software or
adult material. These sites are notorious for spreading spyware.
www.slotchbar.com is one to avoid for instance. If you are browsing to such
sites do not say “yes” to anything!
6. Be very suspicious of email. Attachments in particular
Do not open the attachments unless you know the sender *and* you were
expecting something from them. Malicious payloads often come from trusted
contacts because they are infected with a virus that is sending from their
email account. Look at the links people send you before clicking on them.
Do not open a .wav, or other media file. Only go to htm or html sites.
7. Use public kiosks with extreme caution
Go to www.webroot.com and run a SpyAudit to see if anything exists on the
public kiosk that is capable of stealing your identity or monitoring your
internet browsing session. If you cannot download and install the
executable from Webroot that is a good sign. The machine is probably safe.
8. Use Firewall and AV
If you are running Win XP with SP2 you are probably protected by its
embedded firewall. A good commercial firewall gives you additional
protection and control. A hardware firewall can give you good protection
as well but not from the other computers on your local area network!
It is extremely important to have the latest AV signatures and those from a
commercial entity. This is too important to trust to freeware which gets
new signatures out too late. You should upadate you AV signatures
continuously.
9. Use an anti-spyware product
a What features should I look for – how do I know what is a good
product?
Detecting and removing spyware is a difficult business. Effective
anti-spyware software provides users with frequent updates to combat the
latest spyware variations. Run scheduled or manual scans, and make sure you
select any proactive monitoring options the software may have. Also,
fortify your defences with anti-virus and firewall protection.
b A good anti-spyware product
i. has won awards from industry-leading publications
ii. is backed up by an innovative company with a solid business
reputation
iii. is frequently updated (version and definitions)
iv. is a thought leader and has an in-house threat research team
devoted to keeping track of the latest developments in spyware.
10. For IT departments
Consider not giving users administrative rights. It is very hard to install
spyware with out that.