This article answers some of the most commonly asked general security questions. You can choose one of the quick links below to jump quickly to the question and answers that you are looking for, or scroll and read through all of the questions to gain a better understanding of online security topics.

Threats
Protection
Privacy
Browser Security
Acceptable Use

If you cannot find your answer, please Contact Us at: support (a) HBPlant.org

Threats

How does the Internet create security risks for my computer?

The Internet works by allowing one computer to send information to another computer across a network of worldwide computers. Rather than going directly to the intended computer, data often passes through several intermediate computers. Each intermediate computer has the potential to see the contents of data being transmitted — creating a security risk.

Other security risks can be created from files and programs downloaded to your computer or sent via e-mail. Some programs, called "viruses" are written to intentionally damage your computer and the data stored on it. Make sure that security updates are consistently installed in your computer such as Windows updates. In addition, install a firewall, antivirus, and anti-spyware software to protect your computer from viruses.

<< Back to Top

"Malware" is a generic term used to describe viruses, spyware, adware, Trojan horse, rootkits, worms or any other program with malicious intent.

<< Back to Top

A virus is a program or piece of code that is installed and runs on your computer without your knowledge. Viruses can also replicate themselves and are often designed so that they automatically spread to other computer users. Viruses can be transmitted as attachments to an e-mail, as downloads, or via diskettes or CDs. Some viruses are harmless, but most can be quite damaging by erasing data or causing your hard disk to reformat.

<< Back to Top

Worms are a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms most often use parts of an operating system that are automatic and usually invisible to the user. It’s common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other applications and traffic.

<< Back to Top

A Trojan horse is a malicious code that is contained inside seemingly harmless programs or data. The purpose of a Trojan horse is to gain control of the computer and execute whatever it had been program to do. Many Trojan horses are designed to damage data on your hard drives, send back personal information, or corrupt your hard drive. In one celebrated case, a Trojan horse was programmed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.

<< Back to Top

Adware is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen.

<< Back to Top

Spyware is software installed on your computer without your knowledge that gathers information such as surfing habits, for later retrieval by advertisers and/or other interested parties. It can record and send through the Internet your keystrokes, history, passwords, and other confidential and private information. It is often sold as a spouse monitor, child monitor, surveillance tool, or a tool for spying on users to gain unauthorized access. It can enter a computer as a virus or through installation of a new program.

<< Back to Top

A rootkit is a set of processes or files that installs itself on your system without your knowledge or permission. Rootkits attempt to hide from antivirus, anti-spyware, and system management utilities. Originally, rootkits were used on UNIX^® based systems for benign purposes. Today however, rootkits may be used to create a backdoor into your system for malicious purposes - such as intercepting information sent from your system, logging your keystrokes, using your system for denial of service attacks, and other deviant activities. Rootkits exist on multiple operating systems including UNIX^®, Linux, Solaris^®, and Microsoft Windows^®.

<< Back to Top

A "zombie" computer is a system that has often been compromised by a virus. The virus typically installs remote access software on the compromised machine and the "host" machine takes control of the compromised computer. Zombie computers are often used to send spam or send overwhelming amounts of traffic to a targeted server- causing it to crash. This form of attack is called a Distributed Denial of Service Attack.

<< Back to Top

A computer that isn’t configured to download the latest security updates such as Windows Updates, doesn’t have a firewall, antivirus, and anti-spyware installed has a higher risk of being accessed remotely. Also, a wireless router that is not encrypted with a password can be accessed without your authorization. Make sure that your wireless connection is secure by configuring your wireless router. For more information, call or visit the router manufacturer’s website.

<< Back to Top

Also known as hijackware, is a type of malware that changes your pc’s browser settings. It redirects your web browser to malicious and inappropriate sites that you would not normally visit.

<< Back to Top

There are three common paths used to hijack a computer:

• Web browser infection – Some web sites contain unknown, malicious programs known as Trojan horses that allow intruders to hijack and gain full control of a computer. Malicious websites can also expose you to various types of spyware and adware.
• E-mail viruses – E-mail messages that prompt the recipient to unknowingly open a viral attachment represent a tried-and-true way to slip malicious code past firewalls and antivirus defenses.
• Network worms – Computers can get turned into zombie machines with absolutely no intentional action taken by the computer owner. Malicious programs, called worms or bots, are responsible. These programs continuously scan the Internet for Windows-based computers that have security holes, making these computers prime targets for hijacking.

<< Back to Top

Identity theft is when an imposter obtains valuable information such as Social Security and driver’s license number from their victim and uses the information as their own. The information can be used to receive credit, services, merchandise, etc.

<< Back to Top

Hoaxes are nothing more than plain text information, usually distributed as e-mails. While this is just text and cannot, by definition, cause problems directly, hoaxes are not harmless. A hoax might be as simple as a spam-generating chain letter about famous people giving away money, or it could be complex and potentially damaging. Several known hoaxes direct the reader to delete critical system files off the computer by claiming these files are viruses. Still other hoaxes are the front-ends for identity theft scams or get-rich-quick schemes. The broad range of possibilities make hoaxes hard to identify and hard to prevent. For more information about hoaxes, read tips from United States Computer Emergency Readiness Team at http://www.us-cert.gov/cas/tips/ST04-009.html

<< Back to Top

Protection

A strong username and password will help prevent intruders from accessing valuable information stored in your computer and online accounts.

<< Back to Top

The best prevention to catching a computer virus is installing antivirus, anti-spyware, firewall, and security updates to your operating system. In addition to having the software installed on your computer, you need to make sure to keep it up-to-date and perform regular scans. Not taking these important precautions will leave your personal computer vulnerable to infection.

Today’s viruses, worms, and so-called "bots" (programs that turn your computer into a zombie) operate in the background, completely without your knowledge. They quietly alter data, steal personal information, and use your PC for their illegal activities. It's hard to detect these programs if you do not have up-to-date protection.

<< Back to Top

Many new computers come with antivirus software preloaded. Such software often include a six- to twelve-month subscription to the service and important updates. If you purchased the computer over a year ago, you may need to re-subscribe to the antivirus software or install new antivirus software. Once the subscription ends, the software will still be on your computer, however you will no longer receive updates. Most antivirus software companies charge a fee to renew the subscription.

If there is antivirus software loaded on your computer, you should be able to locate it in the Control Panel under the Add/Remove Programs list. Also, most antivirus programs have an icon in the system tray. Hoover your mouse over the icons so that the name of the program will be displayed. Do this until your locate your antivirus program. You may need to show hidden icons. Once you located the antivirus software, click on Start >> Programs (or All Programs) >> Click on the name of the antivirus software to bring up a control center for the product. The control center window should display the date of the most recent updates. Some antivirus programs have a “live update” or “auto-update” feature accessible from a submenu of the program group on the Programs list.

<< Back to Top

If you do not have antivirus software, you can scan your computer with an online virus scan (OLS). OLS will scan computer for malware and vulnerabilities. Scans can take 30 to 60 minutes to run depending on the speed of the connection and the number of files to be scanned.

Most major antivirus companies provide online virus scans on their website. Below is a list of the most popular online scans:

• F-Secure^®: http://support.f-secure.com/enu/home/ols.shtml
• McAfee^®: http://us.mcafee.com/root/mfs/default.asp^†
  
• Microsoft OneCare^®: http://onecare.live.com/site/en-US/default.htm
• Symantec^®: http://security.symantec.com^†
• Trendmicro^®: http://housecall.trendmicro.com

^†Note: Online scans from Symantec^® and McAfee^® will only scan your computer for vulnerabilities. It will not attempt to remove any malware that may be present.

The online scan will return a summary of the number of files scanned, the number of files infected, and the names of the viruses found. The online scan will try to disinfest the files for you, or if it can't you may need to download the appropriate virus removal tool and follow the instructions to manually remove the virus. The disadvantage to using an online virus scan is that it will not prevent your system from becoming infected in the future. For maximum protection, install antivirus software on your computer and keep it up-to-date.

<< Back to Top

Security experts recommend the following safe practices:

• Use antivirus, anti-spyware and firewall programs.
• Keep your operating system up-to-date with the latest security patches.
• Avoid clicking on pop-up windows.
• Avoid clicking on e-mail attachments from unknown sources. If you choose to open an attachment from a trusted source, scan it first for viruses before opening.
• Avoid downloading freeware/shareware from a non-trusted source.
• Avoid using Peer-to-Peer file sharing programs and networks.
• Avoid visiting websites with questionable or inappropriate material.

<< Back to Top

Installing anti-spyware software such as Ad-Aware, Spybot Search and Destroy, or F-Secure Anti-Spyware and scanning your pc on a regular basis will minimize your risk of getting spyware and adware.

See "How can I protect my computer from being hijacked" above for additional information.

<< Back to Top

The H.B. Plant High School Alumni Association High-Speed Internet Technical Support Staff focuses support on the connectivity between cable modem and personal computer. The scope of support in solving spyware/adware issues that H.B. Plant High School Alumni Association can provide is very limited, therefore, we strongly suggest that you contact the vendor of the spyware removal product for additional support.

<< Back to Top

The use of e-mail has become popular that some unscrupulous individuals use this technology to fraud people of their valuable information such as online banking password. In order to avoid becoming a victim, you need to educate and protect yourself.

For more information on e-mail security, click Here.

<< Back to Top

Encryption is the translation of data into a secret code in order to protect its confidentiality, integrity, and authenticity.

• Original data is called "plain text."
• Encoded data is called "cipher text."
• Plain text is automatically coded and sent as cipher text over the Internet.
• Any program receiving cipher text needs one or more encryption keys for decoding and using the data.

<< Back to Top

The convenience of using a wireless connection to surf the Internet from home or public area is now the choice for people who want instant connection. Unfortunately, with this type of convenience comes with security risk. It is easier for an intruder to capture your data when you transmit it wirelessly compare to a wired connection. Click Here for information on how to educate and protect yourself.

<< Back to Top

One major benefit of turning your computer off when not in use is that your computer is less likely to be scanned by an intruder. In addition, by limiting the amount of time that your computer is "online" and unattended, the less vulnerable it will be to unwanted intrusions that can sometimes turn your computer into a zombie machine. Also, by turning the computer off while not in use, you will help conserve electricity, potentially extend the life of the computer's moving parts and protect the machine from electrical surges.

<< Back to Top

Privacy

When is it safe to send or submit private information over the Internet?

Always use caution when providing private information online. Avoid sending private information such as your password, credit card number, secret word, or PIN in an e-mail. Only submit private information to trusted websites. When making a payment or buying something over the Internet, make sure your connection is secure. The lock symbol in the status or address bar of the browser indicates that the connection is secure. In addition depending on your settings, your browser may pop up an alert box to inform you when you are about to view pages over a secure connection. Secure sites use encryption and digital certificates to manage security of message transmissions over the Internet.

<< Back to Top

The following tips will help protect your personal information while online.

• Do not give online services, such as those providing free webmail, dating services, or online games your personal information unless you understand those services’ privacy policies regarding how personal information can be shared. Once personal information is on the Internet, it is very hard to get it off.
• Before making online purchases, read and understand the privacy policy for that particular website. Find out if the site shares information such as your name, address, credit card information, etc. with 3^rd party companies.
• Check to see how the company will use your personal information. This will prevent website from sharing your personal information.
• Consider creating a separate e-mail address just for online purchases. That way, if the site that you decide to make a purchase with shares your information with a 3^rd party, your primary e-mail address will not be compromised.
• Consider using "virtual" account numbers. This will protect your real credit card number from online fraud. Contact your financial institutional to see if this feature is available.
• Consider adjusting your web browser's cookie settings. Turning off cookies, will help prevent tracking of your surfing habits.

<< Back to Top

A privacy policy is the policy under which the company or organization operating a website handles the personal information collected about "you" who’s visiting the site. Click Here to read H.B. Plant High School Alumni Association's Privacy Policy.

<< Back to Top

Browser Security

<< Back to Top

Pop-up windows are advertisements that suddenly appear on your screen while you are connected to the Internet. These annoying pop-up windows are often linked to websites that are automatically programmed to launch new pop-up windows periodically. Pop-ups may also be caused by a program such as adware running in the background on your computer.

Security experts recommend the following safe practices to help prevent pop-ups and malware:

• Use antivirus, anti-spyware and firewall programs.
• Keep your operating system up-to-date with the latest security patches.
• If you receive a popup, do not click inside the box. Simply click on the "X" on the right side of the pop-up window.
• Avoid clicking on e-mail attachments from unknown sources. If you choose to open an attachment from a trusted source, scan it first for viruses before opening.
• Avoid downloading freeware/shareware from a non-trusted source.
• Avoid using Peer-to-Peer file sharing programs and networks.
• Avoid visiting websites with questionable or inappropriate material.

<< Back to Top

A cookie is a data file stored on your computer by a website. A website uses cookies for user authentication, user tracking, and user personalization. A cookie is not a program. It is a basic text file containing strings of letters and numbers. A cookie file does not contain any personal information (such as name, address, account numbers, etc.). A website identifies you by matching up the string of values in the cookie with the same string of values stored on their server.

Cookies come in different flavors. You can have first-party cookies and third-party cookies stored on your computer.

• First-party cookies are cookies that the actual Web site you are visiting places on your computer.
• Third-party cookies are cookie that advertisers place on your computer so they can track your habits across various Web sites. This allows advertisers to tailor advertisements to your presumed preferences.

<< Back to Top

There are two different ways a cookie can be stored. A cookie can be stored as a session cookie or a permanent cookie.

• A session cookie is used only once while you are visiting a website. For example, a session cookie would be created while you added items to a shopping cart while are visiting your favorite online store. Once the items are purchased, the basket becomes empty.
• A permanent cookie is a cookie that is accessed many times by a particular website. For example, you know you have a permanent cookie installed if you visit your favorite shopping website and it welcomes you back with your name.

<< Back to Top

By default, your web browser has cookie acceptance turned on. However, if you are concerned about privacy, you can elect to have cookies restricted or turned off. If you turn cookies completely off, some website features may not be available, or information may not be displayed properly. It is recommended that you turn off third-party cookies and accept first-party cookies from trusted websites.

You can find information on how to adjust your cookie preferences at the following websites:

1. Firefox: http://www.mozilla.com/en-US/firefox/
2. Internet Explorer: http://www.microsoft.com/windows/products/winfamily/ie/default.mspx
3. Netscape: http://www.netscape.com/
4. Safari: http://www.apple.com/macosx/features/safari/

<< Back to Top

The Temporary Internet Files folder, also known as the “cache folder,” stores Web page content for more efficient surfing in the future. If you use a dial-up connection, this process makes your surfing faster because the Web browser only has to load the new content of the page that you have previously visited.

Clearing the contents of the Temporary Internet Files folder on a regular basis removes corrupted content, releases system resources, and frees up hard drive space. Most web browsers will also allow you to adjust the folder size to your particular preference.

<< Back to Top

Click on the links below for more information on how to manage your Temporary Internet Files folder:

1. Firefox: http://www.mozilla.com/en-US/firefox/
2. Internet Explorer: http://www.microsoft.com/windows/products/winfamily/ie/default.mspx
3. Netscape: http://www.netscape.com/
4. Safari: http://www.apple.com/macosx/features/safari/

<< Back to Top

Most modern web browers have the ability to accept or perform the following security features:

• Secure Sockets Layer (SSL) allows you to send information to secure sites with safety and confidence.
• Secure sites are equipped to prevent unauthorized people from seeing the data sent to and from those sites. When viewing a secure site, your web browser displays a lock icon on the status or address bar.
• Site Certificates verify a website's identity so you can feel secure that credit card numbers and other information you send over the Internet go to the certificate owner and no one else.
• Security Zones let you assign Web sites different security levels, based on your level of confidence.
• Security Alerts warn you before you visit, submit, or download items with the potential of threatening your security.

For more information about browser security, read tips from United States Computer Emergency Readiness Team at: http://www.us-cert.gov/cas/tips/ST05-001.html.

<< Back to Top

The SSL protocol was developed by Netscape in 1994 to encrypt transactions. The SSL protocol authenticates using public-key cryptography and digital certificates.¹ Most web browsers support SSL encryption and is used by many websites to secure confidential user information such as credit card numbers. To verify if the website is transmitting information using SSL, look for https:// instead of http:// in the address bar.

<< Back to Top

Acceptable Use

What is H.B. Plant High School Alumni Association 's Acceptable Use Policy?

An acceptable use policy (AUP), also known as the Terms of Service (TOS), typically defines how you can use a particular service. You must agree to the company's AUP before using the service. You can view H.B. Plant High School Alumni Association 's Acceptable Use Policy by clicking Here.

<< Back to Top

A copyright infringement is the unauthorized use of a copyrighted material that violates the owner’s exclusive rights to his/her own work.

For more information on copyright infringement make a request here: support (a) HBPlant.org , or visit our support page.

<< Back to Top

The most common types of internet abuse are spam, viruses, port scanning, hacking, threats and harassment, and copyright infringement.

For more information and to report abuse here: support (a) HBPlant.org , or visit our support page.

<< Back to Top

¹Krutz, R., Vines, R. (2007). The CISSP and CAP Prep Guide: Platinum Edition (Ed.), Cryptography (p. 281). Whiley Publishing, Inc.

Disclaimer:

All Tradenames & Copyright marks belong to their respective owners. Some of the links in this article are to Internet sites maintained by third parties, no inference or assumption should be made and no representation may be implied that either H.B. Plant High School Alumni Association or its affiliated entities operates or controls in any way any information, products or services on these third party sites.