Internet Security Education

What is a firewall?

A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

What is phishing?

Phishing emails or attacks are fraudulent schemes that attempt to retrieve personal information (usernames, passwords, social security numbers and financial information) from unsuspecting users. Generally, these emails look like they are from legitimate institutions asking the recipient to update his account information via links or file attachments included in the email. Often, there are subtle discrepancies like misspelled words, improper logos, etc. You can find out more about phishing here. We strongly recommend never clicking on any links or opening any attachments associated with these suspicious emails. In most cases, deleting the message is the safest thing to do. Please make sure it is deleted from your deleted items folder(s).

Unfortunately, Hargray cannot stop phishing attacks. However, you can forward the phishing scam to the parent company (i.e., the name of the company in the email subject or in the email body) in question. Go to the homepage of the company being phished and look for any information on phishing attacks or consumer alerts. They may have a complaint email address or telephone number to specifically handle those claims.

Is the email warning I received about a virus outbreak genuine?

Probably not. In fact, almost certainly not. Unless you have subscribed to an email warning service from a reputable Antivirus company, you can be fairly sure that any virus warning email you receive is a hoax. Virus warning hoaxes are surprisingly common. Do not panic and do not forward them on. A list of virus hoaxes is available on the Web sites of Symantec, which make Norton’s Antivirus products, and MacAfee Internet Security. Also check out Vmyths.com. This site has a lot of information on virus hoaxes and some rather alarming stories about what can happen if people take them seriously. In particular, it has an excellent guide on how to spot a virus hoax.

What can I do to protect myself?
  • Do not open attachments without scanning them for malware.
  • Avoid Web sites and chat rooms that seem suspect.
  • Never put confidential personal or financial details in email.
  • If you receive email from an individual or organization claiming to have had a prior business relationship with you, verify their details before communicating with them.
  • Read the terms and conditions of use before installing software or using an online service.
Am I fully protected if I have these programs?

Not entirely. Software can offer you some protection, but you also need to be careful about how you use the Internet. For example, you should never open an email attachment unless it has been scanned for viruses. Even if it is from someone you trust, consider the possibility that they could be infected by an email virus and do not realize it.

How can I recognize online scams?

There are a lot of people who would like to get your money without giving you anything in return. You will probably receive the occasional email from these people. Be aware of email scams as described below.

Email scams fall into two main categories. The first takes the form of someone offering an amazing deal. You can make a lot of money for no risk and little effort. The second type is a bit more insidious, taking the form of an official communication from your bank or ISP etc. requiring you to provide information or send money. You may have read about people being defrauded of enormous sums after they received emails purporting to be from a government official. This ‘official’ has his hands on a large sum of money, which he is prepared to share with the recipient. All the recipient has to do is transfer a few thousand dollars to a bank account. This money will be used to expedite the extraction of the huge sum of money from the Swiss bank account/government holding account etc. Of course, if anyone is foolish enough to advance the money, the scammer is never heard from again. This sort of thing is easily avoided. Don’t be greedy. If it seems too good to be true, it is. Remember that and you have nothing to fear from this sort of scam.

The ‘official communication’ scam is a bit subtler. It may appear to be from your bank telling you it needs some details from you or from your ISP, asking you to confirm your credit card number. One of the most effective is a message from a company you have never heard of saying someone has attempted to charge your credit card, and could you please confirm or deny the purchase by providing your credit card number.

Never give out personal details in response to an unsolicited email. That includes passwords, credit card details, even your name. If you get an email that appears to be from an official source, check directly with that source if you have any doubts.

Usually there are internal clues that an email is a scam.

  1. Spelling and grammatical errors
  2. Imperatives — you must, you have to, etc.
  3. Threats — do something or we’ll charge your card, close your account, etc.
  4. Lack of specifics — you may be addressed by your email address or as Dear Customer.

Generally, be suspicious. Be aware that there are people who want to rip you off. Do not trust email you did not ask for. Hargray will never ask for personal details in an unsolicited email. Most large institutions have the same policy. Even if you get an email that really does seem to be from your bank or similar institution, if it asks for personal details, check. Have a look at Scambusters.org for more information and examples.

What security software do I need?

There are three programs you need: a firewall, a virus scanner, and a spyware killer. A firewall stops other computers on the Internet from making contact with yours, except in a pre-approved fashion. In other words, when you’re logging into the mail server to collect your messages, someone else may be trying to log into YOU. A firewall prevents this.

virus scanner checks files downloaded onto your computer to make sure they’re not viruses. It also looks at the files already installed on your computer to make sure they haven’t been altered or infected by viruses. If a virus is found, the scanner deletes it before it’s able to do any harm. It’s important to keep your virus scanner up to date so it will recognize new viruses.

spyware killer removes software that attempts to steal your personal details or hijack your computer’s resources for someone else’s benefit.

You should also plan to periodically update these programs. Virus scanners usually will update automatically every few days. If yours doesn’t, you should update it manually at least once a week. Spyware killers also need to be updated several times a month. Firewalls won’t need quite as much attention, but they still need to be updated several times a year.

The following are links to some popular security packages:

You will also periodically need to update your operating system. From time to time, Microsoft releases security patches to fix vulnerabilities in its software, which is open to exploitation by malware writers. We recommend installing patches for Windows, Internet Explorer, and Outlook or Outlook Express when they become available. Information on the latest patches can be found at Microsoft.com.

Please note that Hargray is not able to supply software or provide support for installed security software. The links on this page are suggestions only. If you encounter any difficulty with your security software, please contact the manufacturer or a computer technician for assistance.

What is the biggest security mistake people make?

Ignoring the need for security until they are affected by malware, then adopting security practices haphazardly and without planning ahead. This leads to erratic security measures that leave you feeling protected, when you’re really not. Letting your security software get outdated is another big mistake, because old virus definitions cannot offer any protection.

Do I really need security software?

If you connect to the Internet, your computer is at risk. The only way to ensure that an unprotected computer is not affected by malware is to stay offline, never install new software, or never allow anyone to put a CD-ROM in the drive.

What is malware?
  • Viruses that can damage your computer
  • Trojan horses that attempt to hijack the PC for the sending of spam
  • Trojan dialers that change your Internet service provider without your knowledge
  • Spyware that tries to steal your personal or financial information
  • Any other deceptive or damaging software that installs itself without your approval.
Who is responsible if I am affected by malware?

The one who carries the most responsibility is whoever created the program, and law enforcement agencies worldwide are working to ensure that offenders are held responsible. However, we also ask our users to keep in mind that they are ultimately accountable for any harm done to or by computers they own, particularly if this harm was made possible from outdated security software or no security software.

We regret, but cannot accept responsibility, for:

  • Damage to your property
  • Fraudulent use of your personal information
  • Money lost to fraudulent business dealings
  • Bandwidth charges for a computer turned into a spam server by a trojan horse.

Please take the time to understand Internet security and keep your security software up to date.

How can I read large email message files?

The email protocol was created for the sending of simple text messages. File attachments can occasionally cause problems, as mail servers still treat email as correspondence that can be sent back and forth very quickly. If someone has sent you a large file, you may not be able to download it due to the connection timing out.

If this happens, you can go to webmail. Simply read the large message and delete it. You will then be able to download the rest of your emails normally.

Hargray.com webmail is at webmail.hargray.com.

When deleting a message in webmail, you will need to select the email via checking the box next to it, choosing the delete option, then choosing the purge deleted option.

What can I do if my computer is infected by malware?

In most cases, malware does not cause harm if you catch it early enough. Follow these steps:

  • Make a note of the incident or warning message that leads you to believe you are infected. If you talk to Hargray Technical Support or a computer technician, knowing the warning signs you’ve seen helps us understand the situation. (Please keep in mind that Hargray can offer general advice only, as we are not security specialists.)
  • If you are not sure what the threat is, do not connect to the Internet. This can expose you to further harm.
  • Run your virus scanner and spyware killer one at a time, in full scan mode rather than the regular brief scan. Give them as much time as needed to complete the process.
  • If this does not eliminate the problem, please contact your virus scanner’s manufacturer or a computer technician for further assistance.
What is spyware?

Spyware can be any software that does the following:

  • Installs itself on your computer without your knowledge and/or consent
  • Collects/transmits information about your computer use or other habits without your knowledge and/or consent
  • Keeps reinstalling itself, no matter how many times you remove it
  • Sends you unwanted advertisements in the form of pop-ups on your computer whether you are online or not
How do I remove spyware from my computer?

There are several programs available on the Internet that can assist with the removal of most spyware. The three listed below are the most popular.

Disclaimer: Hargray does not support the installation, maintenance, or removal of these programs. The websites above are not owned by Hargray and are listed for informational purposes only.

What are the noticeable effects of spyware?
  • Your homepage changes to something you did not set it to and may not let you change it back.
  • It may install new toolbars in Internet Explorer.
  • Pop-up advertising may take over your computer.
  • It may cause strange problems within Windows (slowness both with the computer itself and with the Internet, strange errors, program problems, etc.).
  • It may block ports on your Internet connection, causing some Internet applications (browser or email, typically) to stop functioning normally.
How did I get spyware on my computer?
  • Some websites can exploit flaws in your browser and install spyware; others bring pop-ups that can contain spyware.
  • Free software (often called freeware or shareware) often contains adware or spyware; read the disclaimers during installation.
  • Some commercial software may include adware or spyware; it may or may not be listed in the disclaimer or license agreement.
How do I check my computer for viruses?

There are many programs available on the Internet that can search for and assist with the removal of most viruses.

Disclaimer: Hargray does not support the installation, maintenance, or removal of these programs. These websites are not owned by Hargray and are listed for informational purposes only.

What is a macro virus?

A macro virus uses another application’s macro programming language to distribute itself. It infects documents, such as MS Word or MS Excel. Unlike other viruses, macro viruses do not infect programs or boot sectors, although a few do drop programs on the user’s hard drive. The dropped files may infect executable programs or boot sectors.

Special note: Occasionally you may get an “illegal operation” error when you try to start MS Word after cleaning a Word macro virus. If this happens, search for the file “normal.dot” and rename it to “normaldot.bak.” MS Word will generate a new, clean “normal.dot” the next time it is started. This problem occurs because some viruses can leave harmless code residue that MS Word may be reading incorrectly, causing erratic behavior.

What is a virus?

A virus is a hostile program that copies itself from computer to computer without the user’s knowledge. A virus is usually harmful and will attempt to delete files or corrupt the operating system so the computer will run badly or fail completely. Less harmful viruses will drain your computer’s resources. In 2004, a particularly successful virus called Netsky sent so much infected email that even people who were not directly affected by the virus found all their Internet activities slowing to a crawl as bandwidth was tied up by virus email. A listing of latest known viruses can be found on the Symantec site.

You will also find manual fixes on the Symantec site for most known viruses. If you are not an advanced computer user or do not feel confident to follow complex processes affecting the computer’s sensitive files, please arrange for qualified technical assistance to be on hand.

Hargray Technical Support is not able to support the removal of computer viruses.

What is a trojan horse?

A trojan horse is malware (hostile software) that infects a computer by seeming to be something else. For example, an email or document file may contain a script that will copy itself into all your documents and alter them. Unlike a virus, a trojan horse cannot replicate itself from computer to computer without human involvement. For a trojan horse to infect a computer, the user would need to interact with an infected file — opening an email attachment, viewing a document, or running a script. A trojan horse may also open up your computer to outside use, allowing someone to gain access to your personal documents and files and use your computer’s resources for their own purposes.

What is a worm?

A worm is a program that replicates itself from computer to computer like a virus, but rather than damaging an infected system, it hijacks it. For example, a lot of the email spam you receive is sent out by normal home users who have been infected by a mass-mailing worm and don’t realize it. A worm will usually slow down all your computer activities, especially while connected to the Internet, and will affect other Internet users by increasing the amount of spam they must deal with and tying up bandwidth that would otherwise be available.

How can I recognize a hoax virus warning?

Most hoaxes share these characteristics:

  • Claim that antivirus software cannot deal with the problem
  • Claim that Microsoft or some other well-known software company (usually not involved with computer security) has declared this to be “the worst threat” in years
  • Claim that failing to act quickly will have serious consequences — the total destruction of your computer, or worse
  • Advise the user to find and delete a particular file
  • Ask you to forward a copy of the message to all your friends

A list of known hoax viruses can be found on the Symantec site.

How can I wisely surf the Internet?

Tips for surfing the Internet:

Do not give out personal information without exercising caution. This includes your address, telephone number, social security number, bank account information and, even in some cases, your name. The Federal Bureau of Investigation (FBI) offers excellent tips for Internet safety. Please check with your local law enforcement departments or trusted websites, such as the FBI’s site, for tips on keeping yourself, your assets and your loved ones secure.

How can I prevent my children from accessing adult and other inappropriate Internet content?

Content-filtering software is available from various providers. However, strong supervision of your children’s Internet activity is always advisable. The FBI offers excellent tips for Internet safety. Please check with your local law enforcement departments or trusted websites, such as the FBI’s site, for tips on keeping yourself, your assets and your loved ones secure.

How do spammers get my address?

Spammers get email addresses in several ways. If your email address appears on a newsgroup or website, it can be harvested from there. Also, a lot of “give us your email address for a free subscription” requests result in your address being sold to a spammer. Spammers will also send emails to random usernames @hargray.com or any other ISP’s domain, knowing that some of them will be valid. For that reason, it’s important not to reply to spam, as that confirms your address is valid.

(Note: Remember — NEVER send a reply with a remove request to a spammer. This only confirms that your address is valid, and you’ll probably receive more spam.)

How do I look at spam or emails that have been blocked?

Helping to prevent spam and viruses from spreading through email, Hargray’s spam filter also offers customers the ability to manage their mailbox settings. Review your blocked spam here.

Why does some spam get through?

If you received an email with the subject “Viagra for free jocjvbsgds,” you would immediately recognize it as spam and delete it. Hargray’s spam filter may not. Some email that is obviously spam will slip through the filter because we do not want to block legitimate emails. What is obvious to you is not necessarily obvious to a computer, which cannot think. The spam filter has to work by following simple instructions. These instructions are combined to give the filter a high probability of identifying spam. There are two types of errors that can be made in this process. The filter can fail to identify spam, or it can identify a legitimate email as a spam. The two types of errors are related. As the chance of one increases, the chance of the other decreases. If the filter is so aggressive that it blocks every spam, it will also block a great deal of legitimate email. The primary focus of Hargray’s filtering system is not blocking legitimate emails.

Why do I get spam?

People are trying to sell you things. Email is cheap to send. Spam mailing lists are created in a variety of ways, including scanning Usenet discussion groups, buying or stealing Internet mailing lists, searching the Web for addresses, and even just guessing email addresses at random. If you use email, chances are, you’re going to get spam.

Why am I receiving returned emails that I didn’t send?

This is called “email spoofing.” This can be done by a virus finding an email address on the Internet and then using that address to look like it’s coming from that person. Or it can be done maliciously by anyone. In most cases, it is untraceable or nearly impossible to find out who is doing it.

Email spoofing is the forgery of an email header (or email address) so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations.

Email spoofing is possible because Simple Mail Transfer Protocol (SMTP), the main protocol used in sending email, does not include an authentication mechanism. To send spoofed email, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone could send spoofed email that appears to be from you with a message that you didn’t write.

Although most spoofed email falls into the “nuisance” category and requires little action other than deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed email may purport to be from someone in a position of authority, asking for sensitive data such as passwords, credit card numbers, or other personal information — any of which can be used for a variety of criminal purposes.

The best thing to do if you receive an email that claims to be from a reputable company requesting sensitive information is to call that company and verify that it is requesting the information.

Some steps you can take to reduce or eliminate “spoofing”:

  • Install an antivirus application. If you already have one installed, make sure it is up to date.
  • Scan your computer for viruses.

If your computer is free from viruses:

  • Change your email address. Changing your email address will eliminate not only email “spoofing” but spam as well. Be cautious about using your email address online. Many forums on the Internet are where spoofers and spammers get their email address lists.
  • Delete them as you get them.
Why am I receiving rejection messages for email I never sent?

Relay error messages in response to email you don’t recall sending usually indicate that someone else who has your email address in their address book is infected by an email virus. When email viruses send out infected messages, they attempt to hide their origin by falsely listing an address taken from the infected computer’s address book as the sender. When the messages are rejected by the recipient server, the server attempts to contact the sender to warn of the virus problem, and because of the falsified address, the warning comes to you instead. Unfortunately, this makes it very difficult to identify the infected party and alert them about the problem. Our advice is to delete these warning messages, and when the user of the infected computer realizes the situation and deals with it, the messages will stop. Please keep in mind that even though these virus warnings are not a reliable indicator that your computer is infected, you do need to be aware of the risk of infection and take precautions. Any computer that connects to the Internet should have a virus scanner installed, and the scanner should be updated regularly.

+