As a web designer and webmaster, internet security is a huge issue. Not only for myself and my company's site, but for all my clients. Part of my job is protecting my clients from my other clients. It's like this.....
For the last couple of months, I've had all manner of high power techs chasing a spamming bot that's very sophisticated and tenancious. As soon as we block one avenue, it morphs and starts using another. We were all convinced it was some sneaky piece of code buried deep in one client's site. But multiple scans and digging revealed nothing. In the end, we've concluded it's very much off-site and, in fact, on my client's computer (one or more of them).
Why didn't we go this route sooner, you may ask? The simple fact is, as a host and webmaster, internet security for my clients is my job, and it's counterproductive running round blaming others unless we're completely sure. At best, it makes one look stupid if you're wrong. So there was a good amount of due diligence.
Simple rule #1 - Anti-virus protection
Get a good quality anti-virus program. Personally, I have little respect for some of the "biggies" like McAfee and Nortons. Too often I've seen these "respectable" AV's miss basic stuff. For years I used Avast and it regularly thrashed those 2 for performance in every area. Now I use an even better, cloud-based one. It isn't free like Avast was, but it's not expensive, and, honestly, with the amount of hacking occuring, you cannot afford to be cheap when it comes to your security.
Simple rule # 2 - Firewalls
"But Windows comes with its own firewall. Why waste time and money with another?" Heard that too many times too - and it is really quite naive. Windows FW is better than it used to be, but not good. You should install a good quality FW AND switch to a wireless network. I used to be against them because of connection problems, but they are way ahead of where they were even 5 years ago. The great thing with wireless setups is they use NAT (Network Address Translation) to determine what request came from, or goes to, which computer. So your computer is hidden from the internet.
Simple rule # 3 - Opening attachments
I don't care where the email comes from, I'm always suspicious of attachments. That why I always ensure my real time scanner is running and up to date. If in doubt I'll email or phone the sender and query its legitimacy.
Simple rule # 4 - Downloading software
"But it's free!" Yep, and often (very often) loaded with malicious garbage ready to trash your computer or someone else's. If you want to download software, only use reputable download sites and make sure all your scanners and AV are running and up to date.
Also, while installing, watch what's happening. It's not an Olympic sprint to get the software installed. Many, many downloads come with piggyback products (most commonly browser hijacking addons). Often they are able to be unchecked during install - if you bother to watch.
Simple rule # 5 - Passwords
I've harped on this before, but it must be mentioned again. The following are NOT good passwords - your pet's name, "password", "1234", or your birthdate. IMHO, passwords MUST be a minimum of 12 characters, include numbers, upper and lower case, AND special characters (like those above the numbers on your keyboard). It should go without saying, but don't give them out, don't leave them lying around, and, if you need to store them, have them in a "vault-type" program, or, as I do, put them neatly in a password protected Word doc. And change them regularly.
Being safe on the net is getting less easy every day. Bots are getting smarter, and programs you use every day are getting filled with more and more security breaches. Even the humble home PC can now become a spamming giant if infected (like my client's was) and can cost YOU big money from your host. Bottom line is this; don't skimp a few bucks every year when it could cost you 10 times that if you get hit (or more likely WHEN you get infected, or nearly as likely, NOW that you HAVE been infected....)
I can recommend a good buddy of mine who I trust to look after my PC's security and he does a great job. Just call Scott (http://www.ackinccomputers.com/) on (623) 628-4412 and he can fix you up with great AV, and also speed up and clean up your computer. If you're a host and want bank quality security, let me know and I'll put you in touch with another buddy who handles all that for me.
Internet security - don't leave home without it!