Tips, Tricks, and Myths for your Computer Security

Racepoint Global

Written by: Jimmy Nguyen – Senior Applications Specialist, Racepoint Global Boston

Tips:

Locking your computer (Windows icon + L) 

Do you lock your computer when you walk away from your desk or when you are at your local coffee shop and get up to go grab your coffee at the counter? Chances are most of you don’t and I sometimes forget myself. The question remains: why do we not lock our computers? Why are we leaving a machine that has private information open for the potential to be tampered with or stolen? We instinctively lock our phones when it’s not in use so that no one can access the information stored on it. We also sign out of our banking sites when we are not using it so shouldn’t we do the same for our computer? Computers today are the center point of our lives as they keep us connected with our personal life through social media, storage of photos and videos, and our financial information. In addition, for those who use work laptops, these computers also contain valuable information about your company and the clients that you work for. It takes a less than a second to lock your computer so why take the risk every time when you step away from your computer without locking it; is it not worth that extra second? Please lock your computer to not only protect yourself but also your employer. Sadly, we all need to be a little paranoid in the world that we live in today.

Email Spoofing

You may have seen it before; an email from a friend or colleague that contains an attachment or a link to a website. While you may recognize the sender’s name in the email it doesn’t necessarily mean that it came from that person. For example, by exploiting vulnerabilities in email protocols, cybercriminals can “spoof” the sender’s email address, to make it seem like the message came from someone else. If possible, confirm with the person that sent you the message to make sure it’s legitimate before opening any attachments or click on any links.

Trust your instincts! If something doesn’t seem right, it may be for a good reason. Don’t let your curiosity put you and your computer at risk; a little paranoia is good.

One more important thing to note is that you may receive emails from Internet Service Providers (ISP) such as RCN, Comcast, Verizon or software vendors that claim they have updates and anti-virus software. These providers never send any patches or software via email; so it’s safe to assume that it’s not legitimate.

https://www.us-cert.gov/ncas/tips/ST04-010

Tricks:

Format Painter 

Have you ever noticed that button labeled “Format Painter” with a picture of a paintbrush that can be found in your daily use of Microsoft Outlook, Word, Excel, and even PowerPoint? The neat tool allows you to quickly copy formatting from one location to another. All you need to do is select the text of formatting that you would like, click Format Painter and then select the text where you would like that formatting to be applied. The versatile tool can be used for shapes, Excel cells, and even picture borders.

Additional tip: if you would like to format more than one selection, you double click “Format Painter” rather than single clicking it. This allows you to apply your formatting to multiple selections. You can then cancel it by pressing “Esc.”

https://support.office.com/en-us/article/copy-formatting-using-the-format-painter-b9fe82ea-c0a0-41de-837b-d2f15dd41ea9

Paste Options – have you ever wondered why when you paste text from one location to another that it doesn’t merge with the formatting of the destination? This occurs because when you paste by copying with CTRL & C and paste with CTRL & V, by default, it will paste your selection with the source formatting. However, there are two other paste options which are available which are merge formatting and pasting with just text only. Merge formatting (icon with clipboard with arrow) allows you to paste in text and use the formatting of the destination rather than from source. Pasting text only (icon with clipboard and A) means that text that is pasted will be stripped of all formatting. You can bring up these alternative options by right-clicking the destination which will show the available past options for you to select.

Shortcuts:

Here are some helpful windows shortcuts that will help boost your productivity. Don’t worry! I didn’t forget the Macintosh users.

Windows + D:  minimize all windows on screen

Windows + Tab: switch to different window

ALT – TAB (Hold): switch to different window

CTRL + W: close window

CTRL + SHIFT + T: reopen recently closed tab in web browser

Windows + L: Lock Computer

Macintosh shortcuts

Command + Tab: switch to different window

Command + W: close window

Command + Q: quit application

Command + Shift + 4: take screenshot

Command + C, then Command + Shift + V: Cut, Paste

Myths:

Myth: There is nothing important on your machine, so you do not need to protect it.

What you think is important may be different from what another person thinks. Your personal device and company devices may have financial data or other data of value, and attackers may be able to collect it for use for their own financial gain or use it to hurt your or your employer financially. Even if you do not store that kind of information on your computer – which is highly unlikely – an attacker who has access to your computer may be able to use it in attacks against other people. A distributed denial of service (DDOS) attack is an example how a compromised computer can be used to attack other people or organizations.

Myth: Attackers only target people with money.

Anyone, no matter what age, gender, religion, or affiliation can become a victim of identity theft. Attackers don’t discriminate and are always on the lookout for the biggest reward that requires the least amount of effort. As many of you have seen on the news, these attackers focus their efforts on large database filled with thousands if not millions of records of customer information. The Equifax breach of 2017 is a great example where millions of customers’ social security numbers and other private information was stolen, and the extent of the breach was never clear. The information stolen from these databases could be collected and used for malicious purposes. It’s impossible to know if and when your information could be used to hurt you; it could happen tomorrow or maybe 10 years from now. Thus, it’s important to pay attention to your credit information so that you can quickly spot any fraud that may occur to minimize any potential damage.

Myth: When computers slow down, it means that they are old and should be replaced.

While it is very possible that running newer or more intensive software programs on an older computer could lead to slow performance, it may just require replacing or upgrading a particular component such as memory, processor, hard drive. Another possibility is that there are other processes or programs running in the background that you may be unaware of. If your computer has suddenly become slower, it’s also possible that it may be compromised by malware or spyware, or you may be experiencing a denial-of-service (DDOS) attack where your computer and thousands of other computers are used to attack someone else. An example of this would be an attack that occurred back in 2016 where many of US sites were unavailable as Dyn (the company that controls most of the domain name system infrastructure), was flooded with so much traffic from infected devices causing the system to overload and shut down. The links below shows a world map of attacks that are currently taking place.

https://threatmap.checkpoint.com/ThreatPortal/livemap.html

https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet

Myth: Anti-virus software and firewalls are 100% effective.

Anti-virus software and firewalls are important defensive technical measures that are put in place to protect your machine and its information.  However, neither of those defensive measures alone are good enough to protect you from an attack. This is due to the fact that most security breaches that occur are from human errors such as lack of knowledge or those with acting with malicious intent. For instance, many organizations will prevent users from installing applications to reduce the potential for a user to install malware as disguised themselves as a legitimate application. The best line of defense against attacks is with good technical security mechanisms along with awareness and the practice of good security procedures.