Danger #5: Hackers

A hacker’s main aim is to get into your PC or one of the many types of online account you might use, usually just for the pleasure of breaking in. Some hackers simply want to break in so they can do as much damage as they can. Think of them as cyber graffiti artists. Others want to steal your money or other personal details. Think of them cyber criminals.

There are several ways a hacker can cause you grief. The simplest is just guessing your passwords. By guessing your online banking password, for example, they can ruin your life. By guessing the password you use to read your email, they can snoop on you, or send obscene or misleading messages to your friends and colleagues, who will think they actually come from you.

To prevent this sort of thing happening, you should always use “strong” passwords.

Strong passwords are at least 8 characters long, DO NOT INCLUDE DICTIONARY WORDS BY THEMSELVES, include both letters, numbers and, where possible, punctuation, and also where possible, a mix of both upper case (capital) and lower case (small) letters. In addition, your passwords should not include anything like your phone number, name, credit card number, PIN number, address, in part or in full, nor indeed anything that a hacker could guess or look up. Do not think that using reversed words or numbers will protect you either. They won’t. Nor does doubling words (e.g. “davedave” instead of "dave"). Why is all this so? Simply because programs exist that are designed specifically to crack (electronically guess) passwords. They often include knowledge of entire dictionaries in multiple languages, automatically reverse these words, double them, triple them capitalise them and add them together. They then add numbers, punctuation and letters to the start and ends of all these. The end result is that in some cases they can give a hacker access to an account in a matter of seconds.

Examples of bad passwords:

bread (especially if the account belongs to a baker!)

evad (dave backwards)

davedave

0207 (a telephone area code)

Examples of good passwords

Ihjhdgjl7897A$! (difficult to remember, but next to impossible to guess or crack)

Wha*&Xess45V

IARRGH&^!hjhjh7

We’ll admit that these good passwords aren’t really practical in real life, as they are too easy to forget. And some systems won't allow punctuation in a password. So simply do your best with a combination of easy to remember and hard to guess combinations of letters and numbers and, if allowed, punctuation too. And if possible, try to use different passwords, or variations of a password, for each service you use that requires a password to login.

If you want to use high strength passwords without having to remember then then "password manager" applications like RoboForm (www.roboform.com) are invaluable. These store and encrypt all your passwords for you, even entering them into web pages when you visit sites that require a login. They make life extremely easy for you, and extremely difficult for the hackers. We cannot recommend RoboForm highly enough - it is one of the most valuable Windows utilities that you will ever use.

Trojan horses

Another way a hacker can make mischief is to get into your PC. Most often this is done using what's known as Trojan program. A Trojan is a form of virus (or more accurately it is related to them). It can pose as an innocent program that either appears to do absolutely nothing when you run it, or crash, or even apparently do something useful. But when the program is run, it actually creates and hides a backdoor entry way for a hacker to get into your PC whenever you are connected to the Internet. You won’t notice it is there. But by using it, a hacker can “see” in real time every letter you type on your keyboard, including usernames and passwords as you type them to gain access to a service. They can even grab an image of your PC’s Windows desktop and view it on their PC. Some Trojans can even record a log of all keys your press on your keyboard when you aren’t connected to the Internet, ready to be sent to the hacker when you connect again. The hacker can also add, delete or modify files on your PC. They could, for example, modify your email program to send viruses. Or cause your PC to attack another PC or a server, or to send Spam. Or to dial a premium rate telephone number somewhere. It could be happening to you right now. The threat is very real. They could be logging your actions as you type a letter to your loved ones, or entering your online banking or credit card details.

There is a simple way to combat the Trojans: Read and implement everything we said in Danger#1 about viruses. Most anti-virus programs will detect Trojans and stop you from accidentally running them.

In particular be sure to install and keep up to date a Personal Firewall. These are the Internet equivalent of an electric fence, and keep hackers at bay in many ways, and don’t just protect you from Trojans. We use and highly recommend Zone Alarm from Zone Labs (www.zonelabs.com) for this purpose. Windows XP includes a very basic personal firewall as standard.

We also highly recommend you install a program like Ad-Aware (www.lavasoftusa.com). Although this program is designed to help protect your privacy more than anything else, it can also catch some of the things that even the combination of a firewall and an anti-virus program might miss.

You may also like to visit the GRC Web site (www.grc.com) and follow the TEST MY SHIELDS links. This will lead you to an area of the site dedicated to Internet security, and where you can ask the GRC site to check how well protected your PC is against hackers. You might like to do this both before and after you've installed your personal firewall to see the difference it can make.

On the next page we will talk about Adware, Spyware and "Special interest toolbars", and how they can compromise your security, privacy and enjoyment of the Internet. Click on the Go on to next page link below to read about this, or click on the View Internet Security Index link to go back to the index page

Back to previous page (Pornography)

Go on to next page (Adware)

View Security, the Internet and You index page

NOTE: What we describe on these pages is merely our opinion of what the most important things you need to know and do in order to keep your Internet experience as safe as possible. You should therefore not treat it as a definitive text on Internet security, nor as being necessarily 100% accurate, but instead simply as a general guide.

Advertisement:
Would you like a UK telephone number (including 0207 Central London numbers) that you can divert to almost any telephone number almost anywhere in the world? Click here to find out more.