Even if your PC is equipped with up-to-date anti-malware software, hardware and software firewalls, and other security measures, it can still become infected. The weak link in computer security is the wetware: the human beings who use the machine. And there's simply no fool-proof defense against operator error.
That's why any PC security plan has to assume that eventually, some piece of malware will breach the defenses. And these days, infections can do considerable damage without being detected. Here are five ways — some more practical than others — to reduce the risk of someone stealing the sensitive data on your system or using it to break into your bank accounts.
#1: Don't use Windows
It makes perfect sense that data thieves target the most-popular computer platform, so the best way to minimize your risk is to use an operating system other than Windows. Unfortunately, this simply isn't practical for many users. At work, our employers usually determine the type of PC we use.
But even when the choice is ours to make, the software we rely on may lock us into Windows. Still, more and more people are switching from Windows PCs to Macs — despite the cost premium — or to Linux — despite the added complexity and smaller number of applications available. And their primary motivation for choosing an alternative platform is the added safety it provides.
If you can't give up Windows, you may still be able to install Linux on an old PC or in a partition of your Windows PC. Then you can use that system (or partition) whenever you engage in any sensitive computer activities. You'll find instructions for dual-booting Windows and the Ubuntu version of Linux on the Ubuntu Community Documentation site.
In 2008, I wrote a series of posts about getting started with Linux. I found out the hard way that it pays to do a little research before you start your conversion to Linux. Despite the heavy lifting, adding Linux to your PC repertoire offers many benefits apart from the added safety. To start with, the OS and nearly all applications are free. Do you think Microsoft will be giving away Windows anytime soon?
#2: Don't use your bank's online services
Several years ago, there was a rash of phishing e-mails masquerading as important messages from major banks. I scoff at any e-mail that purports to be from my bank. That's because I've never given my bank my e-mail address.
I've had the same bank account for decades and have never felt the need to bank online. You can say online banking is a convenience. You can say online bill-paying saves you time and the cost of stamps. But to me, the convenience and time- and money-savings simply aren't worth the added risk.
But I'm the Luddite exception, as the growth in online banking services attests. To bank safely online, make sure you're dealing with a legitimate establishment. The FDIC offers a guide to safe Internet banking that's a few years old but still helpful, particularly for its information on how to determine whether an online bank is insured.
You must also take precautions during an online banking session. In 2008, University of Michigan researchers reported on the prevalence of flaws in the design of banking sites that put the banks' customers at risk. More ominously, the FDIC issued a special alert last October warning banks about "money mules" who are recruited — often unwittingly — as accomplices in fraudulent electronic funds transfers from compromised bank accounts. (Read more about the threat on the Retail Payments Risk Forum's Portals and Rails blog.)
Many analysts see multifactor authentication (or two-factor authentication) as a way to strengthen the security of online banking. Last September, security expert Bruce Schneier described weaknesses in two-factor authentication. Schneier recommends securing the transaction rather than the person, which he points out is the approach taken by credit-card companies.
#3: Use a disposable credit-card number
Speaking of credit cards, the Electronic Funds Transfer Act limits consumers' loss due to unauthorized use of credit cards to $50 — but the protections don't apply to unauthorized use of debit cards. That's why it's important to avoid using debit cards for online transactions.
You can increase your level of protection when buying products or services online by using disposable credit-card numbers. CreditCards.com describes these virtual credit cards and offers tips for reducing your risk of loss when using PayPal and other electronic payment systems to purchase products online.
#4: Use virtualization software all the time
Last August, I described the $25 Returnil virtualization software that creates a virtual environment — or sandbox — on your PC to prevent any unauthorized changes to your system. When you shut down your machine, all traces of the session are wiped out.
When I tested the program, it didn't slow my PC down noticeably, though it does require that you grant permission for each file or program setting you want to change while working in the virtual environment. Still, if safety is your paramount concern, there's no more secure method than using a virtualization program such as Returnil.
#5 Use more than one malware scanner
No security program is 100% effective, so the more different malware scanners you use, the better your chances of spotting any virus that makes it through your first line of defense. (Remember to use only one real-time malware scanner at a time to avoid system-stopping software conflicts.)
I set my primary security program to scan e-mail and file downloads automatically and to run full system scans during times when the PC is otherwise idle. But I also use Malwarebytes' Anti-Malware program to scan my system about once every week. The free version of the program lets you perform manual scans, but only the $24.95 version supports real-time malware scans and automatic updates of its virus database.
Nearly every security-software vendor offers free online scans. These include Trend Micro's HouseCall, BitDefender Online Scanner, Kaspersky Online Virus Scanner, F-Secure Online Scanner, and Panda ActiveScan. CNET Editor Jessica Dolcourt examines the pros and cons of these services in "Demystifying online virus scans."
The VirusTotal service lets you scan files you suspect may be infected. The free service uses virus databases from more than 40 different security services. Likewise, Jotti uses 16 separate virus scanners to identify infected files. And just in case two virus-scan aggregators aren't sufficient insurance, run that suspicious file through the dozens of scanners at VirScan.org.