Home User Security Guide
by Randy Nash - @RISK Online - Monday, 31 January 2005.
Pop-ups are a fact of life on the Internet, but they can be minimized to some degree. First, there are many pop-up blockers available. I personally like the Google Toolbar, but many of my friends and colleagues like the Yahoo! Toolbar just as much. Both of these toolbars provide a pop-up blocker, along with some nice features unique to their service. I like Google's toobar because it lets me set my default search engine to Google. The Yahoo! Toolbar claims not only pop-up blocking, but some anti-spy abilities as well (I've not tested this myself). Either one works well, but neither one can get rid of ALL pop-ups. No matter what we do, new techniques are being developed to get around these blockers. It's a running battle.


Phishing has become one of the fastest growing threats related to identity theft. Phishing attacks use a fake e-mails or webpage to fool you into giving up sensitive personal information that can be used to steal your identity (for financial purposes). This information can consist of personal financial data such as credit card numbers, account usernames and passwords, and social security numbers. The use of well-known names (banks, AOL, eBay, etc) enables these phishers to convince up to 5% of recipients to respond to them. Beware!

So, how can you detect a phishing scam? First of all, any reputable agency will NOT ask for your account information, user id, password, SSN, or related information via an email. If you get an email asking you to go to a website and confirm any of this information be extremely cautious as well. Websites can be faked very easily. The Anti-Phishing Working Group has made it their mission to track and report this sort of activity. You can review their website for more information. If you do a lot of online banking or online purchasing and you're concerned about this threat, Netcraft has developed their own toolbar (yes, I know… another toolbar) to help you identify potential scam sites. Please review their site for more information.

Wireless (Wifi) Security

Another hot item found in many Christmas stockings this year is wireless routers. This presents a whole new host of security issues that need to be addressed. A wireless router makes it easy to expand your home network. No more dragging cables around your house, or trying to snake them through the walls. Simply purchase a wireless router and wireless network card and you're ready to go… right? Wrong!

Sure, you can plug everything in and if all goes well you can be up and surfing in no time. The problem is that wireless network is completely insecure. If you just set up the equipment and use it right out of the box you have very likely opened your whole network and Internet access to anyone else with wireless connection. The default settings allow ANYONE to connect to your wireless router and, by extension, your Internet connection. Wireless networking can provide connectivity beyond the walls of your home. Your neighbors, or even someone driving down the street with a wireless laptop could connect to your network without your knowledge. There are some steps that you should take to provide some measure of protection to your wireless network.

A good friend of mine has written some excellent guidelines for Wireless Security. The full guides are available via his website: Blackthorn Systems. He has written a both a Home Security Guide, and a Small Business Security Guide. With permission of the author, the primary steps for home users are:


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th