Monday, January 7, 2013

Basic Computer and Mobile Security Tips

by Kylene Long

Whether you are a Mac or Windows user, iOS or Android user, your computer or device is potentially vulnerable to infection. You should be cautious about where you go on the Web, what links you click on, and what apps you install.

One way to avoid visiting potentially harmful sites is to use Web of Trust (WOT), a plug-in for desktop browsers that can help you decide whether or not a site might be safe to visit. It uses simple stoplight colors (red, yellow, and green, with an alternative setting for colorblind users) to indicate potentially harmful and likely safe sites. With the WOT plug-in installed, when you search the Web with sites like Google and Bing you'll see colored circles next to each search result so you can have some idea of how trustworthy the site is before you click. If you ever accidentally visit a page that has a poor rating, the plug-in will display a warning. WOT's browser add-on is useful for computer experts and novices alike.

Also, don't always trust that you are typing in a Web address (URL) correctly. Look in the address bar to verify that what you've typed is correct before you press a button to go there. When you're not sure about the spelling of a site or whether it ends in .com or .org for example, or if you make frequent typos, you can alternatively do a Google search for the site's name instead of trying to type it from memory; normally the site you want is within the top few hits. Once you've found the site, you can bookmark it to make it easier to return to later.

Visiting links isn't the only thing to be cautious about.  It's also wise to be careful when installing software on your computer or mobile device, including apps from popular app stores like Apple's iOS or Mac App Store, Google Play Store, or Amazon Appstore.

Just because Apple and Google have a vetting process for apps doesn't mean that nothing undesirable ever slips past their app review processes (it happens—and more often than you might think). Always check the ratings on an app before downloading it. If an app has hundreds of reviews and an overall positive rating, it's probably safe. Be aware that there are some look-alike apps out there that at first glance may appear to be popular apps, or affiliated with popular app makers. Checking customer reviews can sometimes help you avoid the more shady apps.

Consider this: If you met a random stranger on the street, would you hand them your phone and let them do whatever they want with it, unsupervised? Whenever you visit a site you've never been to before, or install an app that you've never heard of, you should be aware that you're taking a risk. Obviously there's some risk inherent in doing anything; even legitimate sites can be hacked, for example. But it's still a good idea to keep your guard up, even if you use a Mac or an iPhone, iPad, or other smartphone or tablet.

For more from the JoshMeister on Security, please subscribe via e-mail or RSS, or follow Josh on Twitter or .


  1. Every day I receive 20 to 30 emails supposedly from Oprah, Beyonce, Pamela Anderson, etc. about weight loss, beauty secrets, etc. I never click on the links. Has my email been hacked, or is it because one of my contact's email has been hacked?

    1. Ed, this is probably not a symptom of your own account being hacked, and it may or may not be an indication of someone else's account getting hacked. Spam (the type of unsolicited e-mail you're describing) has been around for decades. Spammers try to adapt to spam filtering technologies, so the exact content of junk e-mail will continue to evolve, but we can expect spam to continue to exist for years to come. You're wise to never click on any links in spam e-mails. When in doubt, it's best to delete questionable e-mails (ideally without opening them, whenever possible).

      Based on my observations of various e-mail accounts, AOL seems to be among the worst e-mail providers at spam filtering (meaning a lot more spam will reach your inbox if you have an AOL-based e-mail account), while Google's free e-mail service Gmail is one of the best at filtering spam (although even Gmail isn't perfect). Other e-mail providers are usually somewhere in between. Gmail also offers additional security features including two-factor authentication (meaning you can ask Google to send you a text message to verify it's really you whenever someone tries to log into your account) and warnings when someone has recently attempted to access your account from a country you don't normally visit.

      If spam is a really major problem with your current e-mail account, you might consider setting up a Gmail address that you only give out to family and friends (and perhaps a small number of really important businesses you deal with, like your bank and/or bills, to make sure you don't miss those e-mails) and then continue to give your old e-mail address to most businesses, Web sites, etc. Basically, you're then using your old address as a spam trap since most junk mail will probably end up there rather than in your new inbox. For those few businesses you give your new address, try to use the plus symbol to create unique sub-addresses for your account. (Note that you can only do this with Gmail and a small number of other e-mail providers that support it, and unfortunately some companies don't allow you to register with an address that has a plus symbol in it.) For example, if you have Bank of America, you could try giving your bank the address "" and then you'll have a better idea of which e-mails are genuinely from that company (which can help you identify phishing e-mails used by fraudsters to try to trick you into giving up your banking information). Later if one of those companies gets hacked and you start getting spam at that "plus address," you can give the company a new plus address and create a Gmail filter to automatically delete any new e-mails sent to the old plus address.

      These are just a handful of ideas on how to avoid spam. I hope you find some of them useful.

    2. Thank you very much; this is helpful.


Comment moderation is enabled. (If you wish to contact Josh privately, you can leave a comment and ask that it not be published.)