Department of ChemistryThe following tips and guidelines can help protect you from computer viruses, hacking and identity theft. Computers maintained by department staff are set up for automatic updates and anti-virus software. You must still use secure passwords, take precautions regarding email (suspicious email, phishing scams) and web browsing (spyware).
If you set up your own computer, it is your responsibility to
Secure your computer before you connect to the network.
Windows users should use XP service pack 2 (which installs the firewall by default). If you want to use any previous version of Windows, you must download and install all security patches before connecting to the network. Any computer or device connected to a university network is continuously subjected to attack. Insecure Windows computers can become infected in just a few seconds.
Note that if you do become infected, it usually means that you'll need to reformat your hard drive and reinstall the operating system and all applications from scratch. Life is much easier if you stay secure to begin with!
Login password is often the first line of defense against unauthorized access to your computer. Computers with no password, or an easy to guess password, can be quickly broken into. Choose a secure password for every account.
Do not share your password with anyone. It is also recommended that you change your password every six months.
No matter which OS you use, you need to keep it, and major applications, updated. Modern OSes and many applications can check automatically and tell you when an update is available. You should take advantage of this feature when possible, especially for MS Office and your web browser.
In the Settings / Control Panels, open Automatic Updates. Select Automatic (recommended), and Every Day. Set the time for when the computer is turned on and connected, but is least likely to interrupt you. Some automatic updates need to reboot your computer. The latest Windows updates are also available at http://windowsupdate.microsoft.com
In System Preferences, select the Software Updates panel. Set it to check Daily or Weekly. OS X will notify you when updates are available. It won't install them automatically, though it can download them. You'll need to log in as the administrative user to install them. Some updates need to reboot your computer.
Windows Update will also automatically update Office. Mac OS X Office 2004 should be set to notify you about updates, since some of them are security related.
UW has site licenses for MacAfee virus scan software for both Windows and Macs (Virex). You can either download it from the UW servers, or come to Bagley 363 and check out a UWICK CD. Once it's installed, be sure to set it to automatically update the data files at least once per day.
If you think your computer has been infected, you can borrow a virus scanner. No scanner can catch every kind of break-in, though.
A simple rule of thumb is that if you don't know the email sender, be very careful about opening that email. Remember, thought, that a virus-infected machine can address email to you from someone you know. If you weren't expecting something, be careful as well.
While most viruses require you to open an email attachment to be infected, there are some that can infect your system simply by viewing the email. When in doubt, delete it.
Phishing is an Internet scam where fraudulent emails and web sites are used to trick recipients into surrendering their personal or financial data for malicious purposes. Phishers often use well-trusted brand names of banks, online retailers, or credit card companies to fool recipients into believing that the email is genuine and from a legitimate source.
Never use links provided in the email. Go to the web site directly by typing the address in your browser's Address/Location field and login from there. If you are not sure, call the company in which the suspected email came from.
Please visit the What is Phishing? section for more information about phishing, sample phishing email and how to protect yourself.
Spyware potentially provides malicious users with your most private personal information. For example, a typical online banking visit could yield a malicious user with your banking information. There are software solutions that can scan your computer for any spyware and remove the spyware for you. Please visit the What is Spyware? section for more information about spyware and how to get anti-spyware tools.
Back up your data frequently. It's not a matter of if something happens, it's a matter of when. Hard drives break, buggy software causes data corruption, break-ins may wipe the disk or cause more subtle harm. Set things up so that you don't have to remember to backup--for about $200 you can get an external hard drive and software that will backup every day automatically. Periodically write your data files to DVD or other permanent media. Multiple copies kept in multiple locations is your best defense against having to do all of that work over again.