You should use passwords not only on your home computer but also for services you use elsewhere on the Internet. All should have the strongest passwords you can use and remember, and each password should be unique and unrelated to all other passwords. A strong password should be at least 8 characters long, uses combinations of uppercase and lowercase letters, numbers, and punctuation, and is usually not a word found in a dictionary.

Vendors often release patches and updates for their software when a vulnerability has been discovered. Some companies release updates at a certain time each month. Many applications can be configured to automatically check for available updates. Another option is to periodically check the vendor's web site for information about software updates.

Don’t Run Programs of Unknown Origin
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain malicious software (malware).

Phishing — bait or prey?
"Phishers" send spam or pop-up messages claiming to be from a business or organization that you might deal with for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to "update" or "validate" your account information.
Don't take the bait: don't open unsolicited or unknown email messages; don't open attachments from people you don't know or don't expect; and never reply to or click on links in email or pop-ups that ask for personal information.

Free Software and File-Sharing — worth the hidden costs?
Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.

But file-sharing can have a number of risks. If you don't check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents.

In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.

Use Anti-Virus Software
Anti-virus software programs are developed to detect and remove computer viruses and other virus-related software from users' computers.
• Configure your anti-virus software to perform a full system virus scan on a weekly basis.
• Confirm that your anti-virus definition files are up to date.
• Ensure that “Automatic Update” settings are configured and that updates are being applied.

Install and Use a Firewall
A firewall controls the flow of information that travel between your computer and the Internet. When information coming into (or going out of) your computer is not obeying the “safety rules,” the firewall can block the information to help protect your computer from unauthorized and potentially dangerous material.

Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CDRW disks). Use software backup tools if available, and store the backup disks in another location such as a fireproof safe, safety deposit box or at your child or parent’s home.

This mail may use the return address of someone you know or has a provocative subject line. The sender is trying to encourage you to open the letter, read its contents, and click on a link to a malicious website or open an attachment that will install malware on your computer. If you must open an attachment before you can verify the source:

• Be sure your virus definitions are up-to-date
• Save the file to your hard disk
• Scan the file using your antivirus software
• Open the file

An unsecured wireless network can give hackers access to your computer in order to steal personal information or to upload malware onto your computer. To secure your wireless network, be sure to enable encryption, change the default password that comes with your wireless device, change the Service Set Identifier name (SSID), turn off SSID broadcasting and use MAC filtering. Your wireless device manual will have directions on how to implement these security settings.

Laptops, PDAs and Cell Phones are more easily stolen or misplaced because of their size. Remember, if your laptop is gone, your data is too. Beyond the simple loss of the data stored on your hard drive, someone else could have access to:

• Your online bank account
• Your online brokerage account
• The list of passwords you store in Word or Excel
• Your name, address, telephone number and e-mail address
• All your e-mail correspondence
• Your personal accounting or tax data If you are using a laptop remember:
• Protect information stored on the laptop with a secure password. It should consist of a combination of numbers and upper and lower-case letters
• Encrypt confidential information.
• Be sure that all important data contained on the laptop is backed up
• Keep it with you during air and vehicle travel until it can be locked up safely

Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer's normal operations. Be aware of any unusual or unexpected behaviors.

Know who to contact if you believe your child is in danger.
Visit www.getnetwise.org for detailed information. If you know of a child in immediate risk or danger, call law enforcement immediately. Please report instances of online child exploitation to the National Center for Missing and Exploited Children's Cyber Tipline. Even though children may have better technical skills, don't be intimidated by their knowledge. Children still need advice, guidance, and protection. Keep the lines of communication open and let your child know that you can be approached with any questions they may have about behaviors or problems encountered on the computer.

Hacking or Computer Virus
If your computer gets hacked or infected by a virus:

• Immediately unplug the phone or cable line from your machine. Then scan your entire computer with fully updated anti-virus software, and update your firewall.
• Take steps to minimize the chances of another incident
• Alert the appropriate authorities by contacting:
  • Your ISP and the hacker's ISP (if you can tell what it is). Often the ISP's email address is abuse@yourispname.com or postmaster@yourispname.com. You can probably confirm it by looking at the ISP's website. Include information on the incident from your firewall's log file. By alerting the ISP to the problem on its system, you can help it prevent similar problems in the future.
  • The FBI at www.ifccfbi.gov. To fight computer criminals, they need to hear from you.

Internet Fraud
If a scammer takes advantage of you through an Internet auction, when you're shopping online, or in any other way, report it to the Federal Trade Commission, at http://ftc.gov. The FTC enters Internet, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

Deceptive Spam
If you get deceptive spam, including email phishing for your information, forward it to spam@uce.gov. Be sure to include the full Internet header of the email. In many email programs, the full "Internet header" is not automatically included in forwarded email messages, so you may need to take additional measures to include the full information needed to detect deceptive spam. For further information, go to http://spam.getnetwise.org/.

Divulged Personal Information
If you believe you have mistakenly given your information to a fraudster, file a complaint at http://ftc.gov, and then visit the Federal Trade Commission's Identity Theft website at http://www.ftc.gov/bcp/edu/microsites/idtheft/ to learn how to minimize your risk of damage from a potential theft of your identity.

http://itsecurity.wi.gov	http://www.privacy.wi.gov	http://www.msisac.org
http://www.getnetwise.org/		http://staysafeonline.org/