Brandon Lewis of the computer repair organization Nerd Alert presented information about “Online Threats and You” at the May 18 Marina Affairs Committee meeting at the Marina del Rey Hotel.
Nerd Alert performs a variety of services such as PC/Mac repair, virus and spyware removal, and data backup and recovery.
Lewis explained to the committee that there are constant changes in threats to small businesses and home computers, which can lead to financial impacts through loss of productivity, a breach of sensitive material and identity theft. In the world of computer breaches, the “big boys” go after large corporations for data and money, said Lewis.
He referred to “landmines” on Facebook, and cautioned the audience members that if they don’t know who is “friending” them on the site, they shouldn’t be tempted to click on a link, such as one that states, “See what you’ll look like in 20 years.” “Chat messaging is even trickier, and if it looks suspicious, it probably is,” he said.
Lewis urged individuals to always “uncheck” a box when clicking on a link, because it may be unrelated and other software can be downloaded by leaving a checkmark in the box. “Read everything and uncheck ‘install’ or ‘add,’ and opt out of ‘opt in,’” he suggested.
By ignoring these (checked) boxes, individuals leave themselves open to receiving numerous e-mails and junk mail from companies, he said. “If you are receiving these kinds of e-mail, scroll down and click ‘unsubscribe’ and then mark it as spam,” Lewis suggested.
On a normal search engine such as Google, Lewis suggests using the mouse to hover over a link at the bottom of the browser bar without clicking on it and it will show the real address. He said that by clicking on a link, it could redirect a person to a site out of the country, many times to China.
“These links are hijacked before they get to your computer, and your anti-virus program hasn’t figured out that there is a problem,” he said. The anti-virus program only protects a computer once its been infected, he said.
A new “bug” goes to Norton or another anti-virus program and then the information regarding the virus is sent out the next day. “If a virus can hijack Google, it’s already beaten your antivirus program, and the infections are on the Google server,” he said.
Lewis noted that one individual reportedly had approval from Google to place a link online that said “I will infect your computer if you click on this link,” and people clicked on it anyway.
For online shopping security tips, Lewis suggested clicking on safeshopper.org for information.
Regarding web-based email, he explained that there is a difference between free email and service provider email, and users need to be careful with free email addresses. He said some of those providers are less aggressive in their spam filters, and that “Using g-mail (Google mail) is much safer and unbelievably good.”
Asked if g-mail was pre-read before it was sent to the user, Lewis responded that g-mail is read first and then sent forward, but that a much smaller amount of advertisements are sent than the other email providers that typically sent random ads with large pictures. “G-mail is discrete and relevant, and it is a trade-off,” he said.
He suggested there is nothing wrong with Norton’s anti-virus program and that it is “very hands-on” and protects every application, but it does slow down older machines, adding that “no anti-virus program is perfect.” Lewis recommended the ESET NOD 32 anti-virus program that includes protection for a Mac.
He said he doesn’t trust using a free anti-virus program, and claimed that it’s not a good idea.
“It’s approximately $60 for a program, and I charge $75 per hour, typically needing two hours to fix your computer once it’s been infected,” Lewis said.
Receiving email attachments is another way to infect a computer, he said. “It’s common sense to check who the sender is and not to open the attachment just because it’s there. If it looks suspicious, and it seems to be from someone you know, contact them to be sure they sent it,” Lewis recommended.
He used an example of a major bank supposedly sending emails asking users to update their bank information. Lewis noted that individuals should always type in the bank’s address rather than clicking on a link.
A customer of his was expecting a package from his son in England, so when he received an email from the shipping company asking him to print out a shipping label because they hadn’t been able to deliver his package, the customer thought nothing about it and clicked on the link, consequently winding up with a virus from the attachment, Lewis recalled.
Lewis said that even PDF files can introduce a virus, and that if individuals aren’t expecting it, they should contact the sender to make sure it’s legitimate. Another scam is the “friend in need” that occurs on Facebook and in emails, in which the “friend” will ask for money to be sent to him or her, he said.
The Nigerian fake check scam is also very prevalent, and Lewis said that in 2010, over $150 million was lost to this type of scam. He said the elderly are targeted to “cash this check” because they are considered more vulnerable. The loss to an individual needs to be $50,000 before the FBI investigates, Lewis said.
Passwords should be numbers, letters and symbols, preferably one of each, he said. For a bank password to be secure, it should use letters, numbers and a symbol, and different passwords should be used for varying purposes, he said.
Lewis explained that use of Facebook is completely different than bank accounts, and if someone obtains a user’s password, they will have their email address and other information.
Users who wish to change their email can download their AOL (or other) address book, input to g-mail, and email all of their contacts in the book to let them know they’ve changed email.
An old account can be left open for a couple of months, he said, and all online account information needs to be changed to update the new e-mail address, he said.