Consist of:
- Never disclose personal information in response to an email request or an online pop-up message. Banks and other companies never request sensitive, personal information such as account details and Social Security numbers over the Internet. They are also unlikely to request you call a phone number provided in an email to verify information. Instead refer to phone numbers on your financial statements or on the back of your credit card and only share credit card details with reputable online retailers and auction sites. These organizations typically provide secure internal message centers or transaction histories to check for important correspondence and transactions. Avoid using public or shared computers when accessing financial accounts or conducting online transactions and exercise caution when using a PC in a wireless hotspot.
- Avoid solicitations for donations. Limit online charitable donations to organizations you know and trust. Common donation scams include foreign lotteries, the Nigerian email scam, cure-all products, debt relief, and anything promising an unbelievable return on investment.
- Patch Windows and keep all applications up to date. Cybercriminals target vulnerabilities in the most popular applications and operating systems. For this reason, apply security updates not only on operating systems but to all often-used programs. Also, apply security updates to third party software, which can act as an attack vector for malware even when your operating system is fully patched. Enable automatic updates whenever possible.
- Click only on links and email attachments from known and trusted sources. If an email seems suspicious, consider that a friend’s email account may have been compromised or spoofed. With cybercriminals targeting many popular social networking sites, you cannot always ensure that your friends are truly sending an email. Run a virus scan on a suspicious attachment and check the URL with a web reputation service. Or consider calling the sender by phone if you are unsure.
- Avoid clicking on any link displayed as a numeric IP number, rather than a domain name.
- Disable browser scripting and avoid downloadable widgets wherever possible. Many web-based attacks use various scripting languages to run infectious programs in a browser or use downloadable widgets to execute infections locally.
- Download software from trusted web sites only. Free games and file-sharing software may come bundled with malware. Be cautious when downloading applications on social networking sites. The applications may be harmless but may be easily compromised.
- Monitor where external devices are used and update all security software to combat potential threats. Digital picture frames, iPods and other MP3 players, PDAs, USB sticks, flash drives, digital cameras”all these devices can harbor malware that can cripple a home network.
- Lock your mobile phone to prevent data theft or the installation of spyware or other unscrupulous applications. Also, delete text messages from unknown senders and download ring tones and games only from legal, official web sites. If an application appears to be infected, delete it immediately. Change Bluetooth settings to non-discoverable or hide to avoid attempts to pair or connect with a mobile phone or device propagating a virus. Also, when using Bluetooth, be careful when accepting files to avoid possible infections or viruses. If a mobile phone becomes infected, turn off all Bluetooth functions so malware on the phone cannot locate new targets and reflash your device to return it to factory settings.