1

http://windows.microsoft.com/en-us/windows/understanding-security-safe-computing#1TC=windows-7 Use a standard user account When you log on to your computer, Windows grants you a certain level of rights and privileges depending on what kind of user account you have. There are three different types of user accounts: standard, administrator, and guest. Although an administrator account provides complete control over a computer, using a standard account can help make your computer more secure. That way, if other people (or hackers) gain access to your computer while you're logged on, they can't tamper with the computer's security settings or change other user accounts. What is a boot disk (startup disk) and why would I need one? A boot disk (sometimes called a startup disk) was a type of removable media, such as a floppy disk, CD, or DVD, that contained Windows startup files that your computer could use to start Windows if the Windows system files on the hard disk became damaged or unusable. In Windows 7 or 8, you can create a system repair disc that contains the System Recovery Options menu. This menu, also located both on your computer's hard disk and on the Windows installation disc, contains special recovery tools that can help get Windows running again.

2

Use a firewall A firewall is software or hardware that checks information coming from the Internet or a network and then either turns it away or allows it to pass through to your computer, depending on your firewall settings. In this way, a firewall can help prevent hackers and malicious software from gaining access to your computer. Windows Firewall is built into Windows and is turned on automatically. If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future.

3

•Don’t share passwords with others or store them on the device they’re designed to protect. (Get more tips for protecting your password. https://www.microsoft.com/security/pc-security/protect-passwords.aspx) Avoid common password pitfalls Cybercriminals use sophisticated tools to rapidly crack passwords, but you can help foil their attempts. DO NOT USE: •Personal identity information that could be guessed or easily discovered, like pet names, nicknames, birth date, address, or driver's license number. •Dictionary words in any language (including the word password—the most common password in the English language!). •Words spelled backwards, abbreviations, and common misspellings (accommodate, remember). •Common letter-to-symbol conversions, such as changing "o" to "0" or "i" to "1" or “!”. •Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (such as qwerty).

4

Best Antivirus Software and Apps 2015By Tom’s Guide Staff (http://www.tomsguide.com/t/antivirus/) February 4, 2015 2:20 PM The market is flooded with antivirus suites that can keep your computer safe and secure, making it tough to pick the right ally. To grab your attention, many security-software companies offer enhanced suites that do more than just scan your computer for malware. We're talking about additional features such as built-in parental controls, privacy controls, smartphone antivirus software and even identity-theft protection. Such all-encompassing products cost more than basic antivirus software, but the investment is often worthwhile for customers who want more functionality. Paid vs. Free Antivirus There's a lot of free antivirus software available for Windows PCs, but it generally will not protect you as well as the paid software. Of the free products we reviewed, only Avira Free Antivirus did a comparable job. You'll also miss out on extra features such as cloud storage, password managers or file encryption. To determine which security suite is worth your investment, we tested five of the most popular suites from the biggest names in the business, including Symantec, McAfee, Kaspersky Lab, Bitdefender and Avast! We evaluated each program based on setup, interface, ease of use and security and privacy features. Should I run two Antivirus programs at the same time? No. Think of it this way – it would be like having your husband or wife at home cooking your birthday dinner and bringing your boyfriend or girlfriend home to help! Not good.

5

Malware and such defined: Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". Viruses often perform some type of harmful activity on infected hosts, such as stealing hard disk space or CPU time, accessing private information, corrupting data, displaying political or humorous messages on the user's screen, spamming their contacts, or logging their keystrokes. A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. A Trojan horse, or Trojan, in computing is generally a non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm. Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the

6

restriction to be removed. Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. "Spyware" is mostly classified into four types: system monitors, trojans, adware, and tracking cookies. Spyware is mostly used for the purposes of tracking and storing Internet users' movements on the Web and serving up pop-up ads to Internet users. Adware, or advertising-supported software, is any software package which automatically renders advertisements in order to generate revenue for its author. Scareware, included into the class of malware known as Rogueware, comprises several classes of ransomware or scam software with malicious payloads, usually of limited or no benefit, that are sold to consumers via certain unethical marketing practices. The selling approach uses social engineering to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user. Some forms of spyware and adware also use scareware tactics. A tactic frequently used by criminals involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) fake antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware itself. The "scareware" label can also apply to any application or virus (not necessarily sold as above) which pranks users with intent to cause anxiety or panic.

6

7

Use Ccleaner application to uninstall applications and make changes to your start up programs.

8

9

I continually get a pop up window that states my Java is out of date – what should I do? The following programs are safe to update: Windows, MS Office, Java, Adobe, and Apple.

10

11

12

13

http://windows.microsoft.com/en-us/internet-explorer/manage-add-ons#ie=ie-11-win-7 Manage add-ons in Internet Explorer - Add-ons are apps that Internet Explorer uses to interact with web content like videos and games. Toolbars and extensions are also types of add-ons. Some common add-ons are Adobe Flash, Quicktime, and Silverlight. Internet Explorer is designed to provide an add-on free experience, and will play HTML5 and many Adobe Flash videos without needing to install a separate add-on. You'll only be able to install and use add-ons Internet Explorer for the desktop. If you're trying to view a page that requires add-ons, view it in the desktop: swipe up from the bottom of the screen (or right-click) to bring up the app commands, tap or click the Page tools button , and then tap or click View in the desktop. Installing and using add–ons in the desktop - If you're missing an add-on that you need to view a page, Internet Explorer will let you know, and will prompt you to install the add-on. Some add-ons come pre-installed by other apps or your PC's manufacturer. To view installed add-ons - Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Manage add-ons. Under Show, tap or click All add-ons. To turn add-ons on - Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Manage add-ons. Under Show, tap or click All add-ons. Tap or click the add-on, tap or click Enable, and then tap or click Close. Turning off and removing add-ons Add-ons can sometimes cause browsers to run slowly and crash, or they might pose a security or compatibility risk. You can turn off specific add-ons to help increase your

14

browsing speed, or if you suspect they're causing problems for Internet Explorer. You can also remove add-ons that you're no longer using from your PC. It's a good idea to delete add-ons if you suspect they're causing performance, compatibility, or security problems. To turn off add–ons - Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Manage add-ons. Under Show, tap or click All add-ons, and then select the add-on you want to turn off. Tap or click Disable, and then tap or click Close. To remove add–ons from your PC - Not all add-ons can be removed. Some add–ons are necessary for Internet Explorer and your PC to work correctly. Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Manage add-ons. Under Show, tap or click All add-ons, and then select the add-on you want to delete. If the add-on can be deleted, you'll see the Remove option. Tap or click Remove and then tap or click Close. The risks of installing add-ons - While add-ons can make your browsing experience better by giving you access to great web content, some add-ons can pose security, privacy, or performance risks. Make sure any add-ons you install are from a trusted source. Enhanced Protected Mode and add-ons - Enhanced Protected Mode helps protect your PC and personal data from malware and other attacks. When it's turned on, add-ons such as toolbars, extensions, and browser helper objects can only run if they're compatible with Enhanced Protected Mode. You'll be notified if an add-on is incompatible. If you need to run an incompatible add-on, you can turn off Enhanced Protected Mode in the desktop browser. To turn on Enhanced Protected Mode - Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Internet options. On the Advanced tab, under Security, select the Enable Enhanced Protected Mode check box, and then tap or click OK. You'll need to restart your PC before this setting takes effect. To turn off Enhanced Protected Mode - Enhanced Protected Mode helps protect your PC from malware and other attacks. Only turn off Enhanced Protected Mode if you're sure about increasing the level of risk to your PC. Open the desktop, and then tap or click the Internet Explorer icon on the taskbar. Tap or click the Tools button , and then tap or click Internet options. On the Advanced tab, under Security, clear the Enable Enhanced Protected Mode check box, and then tap or click OK. You'll need to restart your PC before this setting takes effect.

14

10 Tips for Wireless Home Network Security http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm By Bradley Mitchell Wireless/Networking Expert 1. Change Default Administrator Passwords (and Usernames) At the core of most Wi-Fi home networks is an access point or router. To set up these pieces of equipment, manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately. 2. Turn on (Compatible) WPA / WEP Encryption All Wi-Fi equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi today. Naturally you will want to pick the strongest form of encryption that works with your wireless network. However, the way these technologies work, all Wi-Fi devices on your network must share the identical encryption settings. Therefore you may need to find a "lowest common denominator" setting. 3. Change the Default SSID Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "linksys." True, knowing the SSID does not by itself allow your neighbors to break into your network, but it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring wireless

15

security on your network. 4. Enable MAC Address Filtering Each piece of Wi-Fi gear possesses a unique identifier called the physical address or MAC address. Access points and routers keep track of the MAC addresses of all devices that connect to them. Many such products offer the owner an option to key in the MAC addresses of their home equipment, that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not so powerful as it may seem. Hackers and their software programs can fake MAC addresses easily. 5. Disable SSID Broadcast In Wi-Fi networking, the wireless access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature was designed for businesses and mobile hotspots where Wi-Fi clients may roam in and out of range. In the home, this roaming feature is unnecessary, and it increases the likelihood someone will try to log in to your home network. 6. Do Not Auto-Connect to Open Wi-Fi Networks Connecting to an open Wi-Fi network such as a free wireless hotspot or your neighbor's router exposes your computer to security risks. Although not normally enabled, most computers have a setting available allowing these connections to happen automatically without notifying you (the user). This setting should not be enabled except in temporary situations. 7. Assign Static IP Addresses to Devices Most home networkers gravitate toward using dynamic IP addresses. DHCP technology is indeed easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP addresses from your network's DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range instead, then configure each connected device to match. Use a private IP address range (like 10.0.0.x) to prevent computers from being directly reached from the Internet. 8. Enable Firewalls On Each Computer and the Router Modern network routers contain built-in firewall capability, but the option also exists to disable them. Ensure that your router's firewall is turned on. For extra protection, consider installing and running personal firewall software on each computer connected to the router. 9. Position the Router or Access Point Safely Wi-Fi signals normally reach to the exterior of a home. A small amount of signal leakage outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. When installing a wireless home network, try to position these devices near the center of the home rather than near windows to minimize leakage. 10. Turn Off the Network During Extended Periods of Non-Use The ultimate in wireless security measures, shutting down your network will most certainly prevent outside hackers from breaking in! While impractical to turn off and on the devices frequently, at least consider doing so during travel or extended periods offline. If you own a wireless router but are only using it wired (Ethernet) connections, you can also sometimes turn off Wi-Fi on a broadband router without powering down the entire network.

15

Before You Connect to a Wi-Fi Hotspot – Securely By Melanie Pinola Mobile Office Expert Many people don't think twice about logging onto Starbuck's free wi-fi or using their hotel's wireless network when traveling, but the truth is, although public wi-fi hotspots like these are very convenient, they also carry a lot of risk. Open wireless networks are prime targets for hackers and identity thieves. Before you connect to a wi-fi hotspot, use the security guidelines below to protect your personal and business information, as well as your mobile devices. Disable Ad-Hoc Networking - Ad-hoc networking creates a direct computer-to-computer network that bypasses typical wireless infrastructure like a wireless router or access point. If you have ad-hoc networking turned on, a malicious user may gain access to your system and steal your data or do pretty much anything else. Turn off ad-hoc networking in Windows XP by going to your Wireless Network Connection's properties and make sure you have "Access point (infrastructure only)" as the one option selected for type of networks to access. Do Not Allow Automatic Connections to Non-Preferred Networks - While you're in the wireless network connection properties, also make sure the setting to automatically connect to non-preferred networks is disabled. The danger if you have this setting enabled is that your computer or mobile device may automatically (without even notifying you) connect to any available network, including rogue or bogus wi-fi networks designed only to lure unsuspecting data victims. In Windows XP, make sure the checkbox that says "Automatically connect to non-preferred networks" is not checked (About's Wireless/Networking Guide has steps for disabling auto-connect for Windows XP); Windows 7 and Vista by default prompt you to approve new connections. Also make sure

16

you only connect to known, legitimate networks (ask the hotspot provider for the SSID if you are unsure). Enable or Install a Firewall - A firewall is the first line of defense for your computer (or network, when the firewall is installed as a hardware device), since it's designed to prevent unauthorized access to your computer. Firewalls screen incoming and outgoing access requests to make sure they are legitimate and approved. Both Windows and Mac operating systems have built-in firewalls that you should make sure are enabled, especially before connecting to a public wi-fi hotspot. You can also install third-party firewall software if you need more granular control of the firewall settings or rules. Turn file sharing off - It's easy to forget that you have file sharing turned on or files in your Shared Documents or Public folder that you use on private networks but wouldn't want shared with the world. When you connect to a public wi-fi hotspot, however, you are joining that network and may be allowing other hotspot users to access your shared files. Before connecting to a public hotspot, make sure you disable file and printer sharing (disable sharing in XP in the network connection's properties; Windows 7 and Vista will turn off discovery for you if you specify the network is a public one, but you can check the Network and Sharing Center to make sure). Log On Only to Secure Websites - The best bet is not to use a public, open wi-fi hotspot for anything that has to do with money (online banking or online shopping, for example) or where the information stored and transferred may be sensitive. If you need to log in to any sites, though, including web-based email, make sure your browsing session is encrypted and secure. Check the address bar to see if it starts with HTTPS (encrypted) rather than HTTP (not encrypted) and/or if there is a padlock in your browser's status bar. Note that some webmail programs encrypt the login page but not the rest of the browsing session -- make sure the setting in your email program requires using HTTPS or SSL encryption for the entire interface; Gmail has this option. Most instant messaging programs are also typically not encrypted; Aim Pro is one business-friendly IM program that can send instant messages over a secure connection. Use VPN - VPN creates a secure tunnel over a public network, and therefore is a great way to stay safe when using a wi-fi hotspot. If your company provides you with VPN access, you could, and should, use the VPN connection to access corporate resources, as well as create a secure browsing session. Remote accesss solutions such as LogMeIn can also create a secure tunnel to a second computer at home, from which you can access files or use do other computing. You can also use a free personal VPN service like Hotspot Shield, designed specfically to protect you when using an unsecured network. Beware of Physical Threats - The risks of using a public wi-fi hotspot aren't limited to fake networks, data intercepted, or someone hacking your computer. A security breach could be as simple as someone behind you seeing what sites you visit and what you type, a.k.a. "shoulder surfing." Very busy public locations like airports or urban coffeeshops also increase the risk of your laptop or other gear getting stolen. For these reasons, you need to also keep in mind physical security measures like laptop security cables and laptop privacy screens.

16

You should store an encrypted copy of your data offsite.

17

18

19

20

Emails may be addressed to numerous people you do not know.

21

How to look at the properties of an email: Double click on the email. Do not open any links. Click on the file tab in upper left corner – click the properties box. Look at the box called internet headers. How to recognize phishing email messages, links, or phone calls - Phishing email messages, websites, and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer. Cybercriminals also use social engineering to convince you to install malicious software or hand over your personal information under false pretenses. They might email you, call you on the phone, or convince you to download something off of a website. What does a phishing email message look like? Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam. For more information, see Email and web scams: How to help protect yourself at http://www.microsoft.com/security/online-privacy/phishing-scams.aspx . Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address. Links might also lead you to .exe files. These kinds of file are known to spread malicious software.

22

Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised. For more information, see Watch out for fake alerts – see http://www.microsoft.com/security/pc-security/antivirus-rogue.aspx. Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. For more information, see Avoid scams that use the Microsoft name fraudulently – see http://www.microsoft.com/security/online-privacy/msname.aspx. Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered. For more information, see Protect yourself from cybersquatting and fake web addresses – see http://www.microsoft.com/security/online-privacy/cybersquatting.aspx. Beware of phishing phone calls - Cybercriminals might call you on the phone and offer to help solve your computer problems or sell you a software license. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. Once they've gained your trust, cybercriminals might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable. Treat all unsolicited phone calls with skepticism. Do not provide any personal information. For more information, see Avoid tech support phone scams. Report phishing scams - If you receive a fake phone call, take down the caller's information and report it to your local authorities. In the United States, use the FTC Complaint Assistant form - https://www.ftccomplaintassistant.gov/#crnt&panel1-1. Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk at http://answerdesk.microsoftstore.com/msusa/answerdesk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers (http://www.microsoft.com/worldwide) for people located around the world. You can use Microsoft tools to report a suspected scam on the web or in email. Internet Explorer. While you are on a suspicious site, click the gear icon and then point to Safety. Then click Report Unsafe Website and use the web page that is displayed to report the website. Outlook.com - If you receive a suspicious email message that asks for personal information, click the check box next to the message in your Outlook inbox. Click the arrow next to Junk and then point to Phishing scam. Microsoft Office Outlook 2010 and 2013. Right-click the suspicious message, point to Junk, and then click Report Junk. You can also download the Microsoft Junk E-mail Reporting Add-in for Microsoft Office Outlook (http://www.microsoft.com/downloads/en/details.aspx?FamilyID=53541292-ce94-4c5b-9127-b7d56f11b619).

22

23

US-CERT has received reports of apparently DHS-themed ransomware occurring in the wild. Users who are being targeted by the ransomware receive an email message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division.

24

https://blog.malwarebytes.org/tech-support-scams/

25

https://blog.malwarebytes.org/tech-support-scams/

26

https://blog.malwarebytes.org/category/exploits-2/

27

28

29

30

While the search engine on the homepage is a good start, the following sites will give you the opportunity to conduct an in-depth search of yourself to ensure that your privacy settings are truly secure. If you’ve just updated your settings you may need to wait for the indexes to update

31

32

33

34

35

36

37