How to keep your computer from being hacked

Dear Consumer Ed:

My husband keeps clicking on every pop-up ad that comes up on the Internet.  As a result, he has downloaded malware, which has slowed down the computer and created unwanted toolbars, coupon services and even an unwanted security software program.  Short of barring him from the computer entirely, what is the best way to protect our computer from being hacked?

Consumer Ed says: 

With hackers and identity thieves frequently finding new ways to attack your computer, there are some basic security steps that you can take to protect your computer and your personal information.  Malware (the nickname for “malicious software”) includes viruses and spyware that can be remotely installed on your computer when you download programs on the Internet to play games, listen to music, and other activities.  It may be used to send consumers pop-up ads, redirect their computers to unwanted websites, monitor their Internet usage, or record their keystrokes, which, in turn, could lead to identity theft.  Here are some ways to protect your computer from malware:

• Install Reputable Security Software. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Viruses can be planted in emails or attachments to emails, in programs or files that you download, and even in Web sites that you visit. These viruses have the potential to wipe out your computer files.  Anti-virus software scans everything that enters your computer, looking for these viruses. Spyware is software that tracks your computer activity, gathering information without your knowledge. Anti-spyware software blocks or removes spyware. You may obtain the anti-virus and anti-spyware software separately or as a package. For lists of security tools from legitimate security vendors, visit staysafeonline.org.
• Use a Firewall. A firewall is a virtual barrier between your computer and the Internet. Everything coming into or leaving your computer must go through the firewall, which blocks anything that doesn’t meet specific security criteria. Before purchasing separate firewall hardware or software, check your operating system to see if there is a built-in firewall and whether it is turned on.
• Update System and Software Frequently. Computer and software companies frequently update their programs to include protection against new security threats. Simply updating your operating system and software whenever new versions become available gives you an added measure of security. If available, activate automatic security updates so you will be alerted when updates are issued.
• Avoid “Free” Security Scans. Be suspicious of an offer of a “free security scan,” especially when faced with an unexpected pop-up, email, or an ad that claims “malicious software” has been found on your computer. Though the “alerts” look like they’re being generated by your computer, they actually are created by a scammer and sent through your Internet browser. If you suspect a problem, shut down your browser. Don’t click “No” or “Cancel,” or even the “x” at the top right corner of the screen. Some of these scams are designed so that any of those buttons can activate the program. If you use Windows, press Ctrl + Alt + Delete to open your Task Manager, and click “End Task.” If you use a Mac, press Command + Option + Q + Esc to “Force Quit.” Complete a separate search of the program to determine if it is legitimate.
• Download Carefully. Don’t download programs from Web sites you don’t know and trust. Don’t download or share music or movie files with strangers— the file you receive could contain a virus, spyware or inappropriate content. (And, unauthorized file sharing of copyrighted material is illegal.)
• Create and Protect Strong Passwords. Create strong email passwords and protect them with the following tips:

• The longer the password, the tougher it is to crack.  Use at least 10 characters.
• Mix letters, numbers, and special characters.  Try to be random – don’t use your name, birthdate, or common words.
• Don’t use the same password for different accounts.  If it’s stolen from you, it can be used to take over all your accounts.
• Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password. 
• Keep your passwords in a secure place, out of plain sight.

• Use a Pop-up Blocker. Don't click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.
• Use the Spam Filter. Utilize your email program’s automatic spam filter, which reduces the number of unwelcome email messages that make it to your inbox. Delete, without opening, any spam or “junk mail” that gets through the filter.
• Backup Important Data. No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.
• Report Possible Fraud. Report possible fraud online at www.ftc.gov/complaint or by phone at 1-877-FTC-HELP.

Related to: 

• Security