A mass mailing of this type was bound to hit quite a few people who
had shipped something via UPS in the recent past and therefore might
easily be lured into opening the virus-launching attachment, and UPS
was quick to put up (and e-mail) a warning about the malicious
messages:

Here are few things to check:

1.         Surf the Internet without a firewall

Many home users plug their computers right into their spiffy new cable or DSL modems and hop onto the Internet without realizing that theyre putting themselves at risk from viruses and attackers. Every Internet-connected computer should be protected by a firewall; this can be a firewall built into the broadband modem or router, a separate firewall appliance that sits between the modem/router and the computer, a server at the networks edge running firewall software, or personal firewall software installed on the computer (such as ICF/Windows Firewall built into Windows XP or a third-party firewall program like Kerio or ZoneAlarm).

One advantage of personal firewalls on laptop computers is that theyre still with you when you take the computer on the road and plug into a hotels DSL or cable port or connect to a wireless hotspot. Just having a firewall isnt enough, though. You must also be sure its turned on and configured properly to protect

2.         Neglect to run or update antivirus and anti-spyware programs

Lets face it: Antivirus programs can be a royal pain. Theyre always blocking some application you want to use, you often have to disable them to install new software, and they have to be updated on a regular basis to do any good. Seems like the subscription is always expiring and prompting you to renew it--for a fee, in many cases. But in todays environment, you cant afford to go without virus protection. The malicious programs that AV software detects--viruses, Trojans, worms, etc.--can not only wreak havoc on your system but can spread via your computer to the rest of the network. In extreme cases, they can bring down the whole network.

Spyware is another growing threat; these are programs that install themselves on your computer (usually without your knowledge) and collect information from your system that is then sent back to the spyware programs author or vendor. Antivirus programs often dont address spyware so its important to run a dedicated spyware detection and removal program.

If you work outside of LAZ Hartford corporate office, please review your Antivirus subscription (it has to be current with all the latest updates).

3.         Install and uninstall lots of programs, especially betas

You like to be on the cutting edge, so you often install and try out new software. Beta programs are usually free and give you a chance to sample neat new features before most people. There are also many freeware and shareware programs made available as Internet downloads by their authors. We know youd never do it, but some users even install pirated software or warez.

The more programs you install, the more likely you are to run across ones that either include malicious code or that are poorly written and cause your system to behave improperly or crash. The risk is greater with pirated programs.

Even if you install only licensed, final-release commercial software, too many installations and uninstallations can gunk up the registry. Not all uninstall routines completely remove program remnants and at the least, this practice can cause your system to slow down over time.

You should install only the programs that you really need, stick with legitimate software, and try to minimize the number you install and uninstall.

4.         Keep disks full and fragmented

One of the results of installing and uninstalling lots of programs (or adding and deleting data of any kind) is that it fragments your disk. Disk fragmentation occurs because of the way information is stored on the disk: On a new, clean disk, when you save a file its stored in contiguous sections called clusters. If you delete a file that takes up, for example, five clusters, and then save a new file that takes eight clusters, the first five clusters worth of data will be saved in the empty space left by the deletion and the remaining three will be saved in the next empty spaces. That makes the file fragmented, or divided. To access that file, then, the disks read heads wont find all the parts of the file together but must go to different locations on the disk to retrieve it all. That makes it slower to access. If the file is part of a program, the program will run more slowly. A badly fragmented disk will slow down to a crawl.

You can use the disk defragmenter built into Windows (Programs Accessories System Tools) or a third-party defrag program to rearrange these pieces of files so that theyre placed contiguously on the disk.

Another common cause of performance problems and application misbehavior is a disk thats too full. Many programs create temporary files and need extra free space on the disk to operate. You can use Windows XPs Disk Cleanup Tool or a third-party program to find and delete rarely used files, or you can manually delete files to clear space on your disk.

5.         Open all attachments

Some folks just cant help themselves: Getting an e-mail message with an attachment is like getting an unexpected gift. You just have to peek inside to see what it is. But just as that package left on your doorstep could contain a bomb, that file attached to your mail message could contain code that will delete your documents or system folder or send viruses to everyone in your address book.

The most blatantly dangerous attachments are executable files--those that run code--with extensions like .exe, .cmd, and many others (see http://antivirus.about.com/od/securitytips/a/fileextview.htm for a list of file extensions for different types of executables). Files that arent themselves executables, such as Word .doc files and Excel .xls files, can contain embedded macros. Scripts (Visual Basic, JavaScript, Flash, etc.) arent directly executed by the computer but are run by other programs.

It used to be that you could assume plain text (.txt) or graphics (.gif, .jpg, .bmp) files were safe, but not anymore. File extensions can be spoofed; attackers take advantage of the Windows default setting that doesnt display common file extensions to name executables something like greatfile.jpg.exe. With the real extension hidden, it shows up as greatfile.jpg. So the recipient thinks its a graphic, but its actually a malicious program.

You should open attachments only when theyre from trusted sources and only when youre expecting them. Even if the mail with the attachment appears to come from someone you trust, its possible that someone spoofed their address or that their computer is infected with a virus that sent the attachment to you without their knowledge.

6.         Click on everything

Opening attachments isnt the only type of mouse click that can get you in trouble. Clicking on hyperlinks in e-mail messages or on Web pages can take you to Web sites that have embedded ActiveX controls or scripts that can perform all sorts of malicious activities, from wiping your hard disk to installing a backdoor program on your computer that a hacker can use to get in and take control of it.

Clicking the wrong link can also take you to inappropriate Web sites that feature pornography, pirated music or software, or other content that can get you in trouble if youre using a computer on the job or even get you in trouble with the law.

Dont give in to click mania. Think before you click a link. Links can also be disguised in phishing messages or on Web sites to appear to take you to a different site from the ones they really point to. For example, the link might say www.safesite.com, but it actually

7.         Share and share alike

Your mother taught you that its nice to share, but when youre on a network, sharing can expose you to dangers. If you have file and printer sharing enabled, others can remotely connect to your computer and access your data. Even if you havent created any shared folders, by default Windows systems have hidden administrative shares for the root of each drive. A savvy hacker may be able to use these shares to get in. One way to prevent that is to turn off file and printer sharing--if you dont need to make any of the files on your computer accessible across the network. This is especially a good idea if youre connecting your laptop to a public wireless hotspot. You can find instructions on how to do so at http://www.pcmag.com/article2/0,1895,1277222,00.asp.If you do need to make shared folders accessible, its important that they be protected by both share-level permissions and file-level (NTFS) permissions. Also ensure that your account and the local administrative account have strong passwords.

8.         Pick the wrong passwords

That brings us to another common mistake that can expose you to attacks: picking the wrong password. Even if you dont belong to a network where the administrator forces you to select strong passwords and change them regularly, you should do so. Dont pick passwords that are easy to guess, such as your birthdate, loved ones name, social security number, etc. Longer passwords are harder to crack, so make your password at least eight characters long; 14 is even better. Popular password-cracking methods use "dictionary" attacks, so dont use words that are in the dictionary. Passwords should contain a combination of alpha, numeric, and symbol characters for best security.

A long string of nonsense characters may create a password thats tough to crack, but if you cant remember it, youll defeat the purpose by writing it down (where an intruder may be able to find it). Instead, create a phrase you can remember easily and use the first letters of each word, along with logical numbers and symbols. For example: My cat ate a mouse on the 5th day of June becomes Mc8amot5doJ.