Ryan C. Williams

Article / Updated 12-14-2021

As you read about viruses and all the other critters used on the internet to ferret out your passwords and personal information, you should remember that they’re really just a means to an end. So what’s the end? That depends on the goal of the program writer. Some critters are written to annoy; others are written to destroy. Basics of viruses A virus is a type of little program that loads on your computer without your knowing it and then starts running amok. A virus can replicate itself and pass itself along to infect other computers — but only by burying itself inside something larger, such as a Microsoft Word document or the programming code of a piece of software. It then takes a ride to another computer on a disk, or as an email attachment, or by some other method of file transfer. In replicating themselves, viruses sometimes do their damage by making so many copies of themselves that they fill up your computer’s memory and cause it to crash. In many cases, the replication and spread of a virus are secondary to its primary function, which is to perform some other task (sometimes harmless, sometimes electronically fatal) inside your computer. For example, a more malicious virus may take complete control of your computer and order it to do something horrible like delete its own hard drive. Other viruses are intended as mere pranks: A good example is the Merry Christmas virus that simply flashes a harmless season’s greeting on your screen in December — end of story. Or so you think, but now it’s April Fools’ Day and the Merry Christmas virus doesn’t let you boot up your computer. Ha-ha-ha! Basics of worms Forgive the analogy, but think tapeworms — the ones your mom always thought you had in your gut when you were a kid. Here’s why the analogy is so fitting. Worms are similar to viruses in that they can copy themselves and do bad things to the computers they invade. Worms are also notorious loners, though, so they generally don’t attach themselves to the programming code of files or dig deeply in the out-of-the-way corners of disks or hard drives, as viruses do. Instead, worms send copies of themselves over the internet directly or they can hitch a ride in an email message. Basics of macro viruses A macro virus is a unique virus: Rather than be its own little program or application, it makes its appearance in the form of a macro embedded in a document file. Some experts claim that nearly three-quarters of all viruses are macro viruses, in part because they can embed themselves in your software and attach themselves to every document you create, which allows them to spread easily to others. To understand macro viruses, you first have to understand macros. Many software applications, including Word, Excel, and PowerPoint, allow you to create macros, which are nothing more than a way to record long series of commands and then repeat the series of commands over and over again with just a keystroke or two. In some cases, macros add themselves to your default document template so that they’re executed automatically every time you open an existing document or create a new one. That’s how most macro viruses spread so quickly: Every time you create a new document in Word, the document is based on a default template named Normal.dotm that can contain font choices, margin settings, and, yes, even macros and macro viruses. If a macro virus is in your default template, you spread the virus every time you open or create a new document. Basics of Trojan horses A Trojan horse program tricks you into loading and running it by pretending to be something that it’s not. (Surely you remember this story from Greek mythology.) The perfect example of a Trojan horse is a file that masquerades as an antivirus software patch but is really a virus. Some Trojan horses are coupled with other types of viruses, such as macro viruses, which then generate new Trojan horses that are passed along to others. Basics of bots After a malicious entity infects a computer, it can gather computers together to perform specific tasks, like spam several million email accounts or try to take down a server. An infected computer is a bot, and many bots gather to form botnets. It’s not bad enough that your computer is infected — botnets are like zombie armies gathered to perform hideous tasks (and probably gather more victims like themselves). Basics of spyware Computer privacy experts define spyware as any piece of software that gathers information and uses your internet connection to send that information somewhere else on your computer without your knowledge or approval. But why does the spyware do this? In many cases, the spyware is gathering information about you and your activities on your computer and sending that data back to the software manufacturer or some other data-collection company so that it can know more about you.

Article / Updated 04-29-2021

Keep your eyes open and you’ll avoid a lot of what the internet has to throw at you attempting to access your passwords and personal information. Basics of phishing scams Eventually, you’ll receive an email that says it’s from your bank, eBay, PayPal, or a similar website announcing a problem with your account. Invariably, the email offers a handy link to click, saying that you must enter your username and password to set things in order. Don’t do it, no matter how realistic the email and website may appear. You’re seeing an ugly industry called phishing. Fraudsters send millions of these messages worldwide, hoping to convince a few frightened souls into typing their precious account name and password. How do you tell the real emails from the fake ones? It’s easy, actually, because all of these emails are fake. Finance-related sites may send you legitimate history statements, receipts, or confirmation notices, but they will never, ever email you a link for you to click and enter your password. If you’re suspicious, visit the company’s real website by typing the web address by hand into your browser's address bar. Chances are good that the real site won’t list anything wrong with your account. Basics of card verification scams Card verification scams are usually done by phone or via email. The person calling or writing says that he needs to verify your credit card information for your account at some online merchant or pay service. He tells you that the server containing the credit card numbers has been hacked into and all the data on the credit card accounts has been lost, or he tells you that he’s verifying your information to make sure that it’s current. The caveat is that if you don’t provide the information, he’ll cancel your account. If the scam is done by email, the URL provided takes you to a site set up by the thieves, and when you enter the information to “verify” your credit card number, name, and expiration date, they capture the information on their server. Then — you know what happens — your card is used to make fraudulent charges. When the scam is done by phone, the thief writes down all the information needed to use your credit card for fraudulent purposes. To avoid this scam, don’t give the thieves the information either on the phone or online.

Article / Updated 04-29-2021

Everybody’s password to access internet sites (or PIN or passphrase or whatever you use) is different, or else there wouldn’t be any reason to use them. That said, there are some common pitfalls that anybody with passwords should avoid, so let’s list the most common (and the most troublesome). Keep these scenarios in mind as you navigate the internet, and don’t let yourself be an easy target! Don't write your password on your keyboard Anybody walking by your computer could get access at a glance if you write down your password on or under your keyboard. Step away for a quick second for some coffee, and that’s all it takes. That’s also all it takes for somebody to steal the computer altogether, but why make it easier for your thieves by giving them the password as well? Don't use the same password over multiple sites After a thief has access to your email password, for example, that same password could get them access to a whole host of other sites, most of which are probably identified by the messages those sites send to your email account. Using separate passwords for each site (or at least your most important sites, like banking and credit card accounts) helps maintain a better level of security for your information. Don't email your password If you do decide to share a password with someone you trust, don’t share it via email. Not only does Netflix get really angry when you share your account, but you don’t know what could happen to the email account of the person to whom you send the email. Just because you do your best to ensure security on your accounts doesn’t mean everybody does. Don't share your password with people you don’t know If you wouldn’t trust someone with your wallet or your car, don’t trust her with your password. There’s no telling who’s on the other side of that email account or phone number. Ask anybody who’s ever exchanged pleasantries over email with a Nigerian prince asking for a little financial transaction. Don't use common words in your password Sure, ordinary words may be easy for you to remember, but they’re easy for everybody to guess as well. Thieves know them, and the tools they use to break into accounts try these words before anything else. Avoid using words in passwords entirely! You should also avoid using common sequences of numbers, as well. Any variation on “!23456” is just too easy to guess. You could try to use all of the digits in pi, but that’s just too easy to guess as well. Who doesn’t know all of the digits in pi by heart? Really? Okay, but that’s still too many numbers to type out. Use something else. Don't use your birth date in your password Via social media or other resources, it’s easy for others to find out your date of birth. Again, why make theft easier? Avoid including any number that can easily be linked to you in your password. And don’t use your anniversary date, either — you’ll never remember it. Don't use any identifying number as your password Any number that people can easily associate with you doesn’t belong in your password. Phone numbers are too easy to link to your account, and leaving your Social Security number in a database (even a supposedly secure password database) is just too dangerous. Keep your personal numbers out of your password. Don't use your child’s name in your password Don’t include your child’s name in any password you create. This advice applies to any family member, really, but especially to children. Especially if you’re one of those people who uses your child’s photo as your Facebook profile photo. How easy is it for a thief to make that connection? Note that, in this case, pets are most definitely considered family members. They are certainly worth a place in your heart, but not in your password. Don't type your password on a device you don’t trust You’ve probably developed a level of comfort with your home PC or smartphone. Your electronic devices are around you all the time, you’ve gotten to know them, and you can personally ensure that they’re safe because you’re the only one who uses them. Still, you can pretty much guarantee the safety of your personal devices. You can’t guarantee that same level of safety at a computer offered at a hotel business center or a library or any other common computer. A good rule is that if you don’t have permissions to install software on the computer, you probably shouldn’t be typing important passwords on that computer, either. Don't type your password when using the internet on a network you don’t trust Hey, look! That network advertised on the sign that says FREE WIFI at the airport or hotel surely has to be safe, right? Please, stop right there. If you’ve never been on the network before and it seems too good to be true, please stay off of that network. Verify that any public network you’re on is valid before conducting important business on it. If you’re at a hotel or airport or even somebody else’s house, ask someone with some authority or knowledge before you access the network. And even then, use a VPN to ensure that your traffic is secure and encrypted before you proceed with any major decisions, like taking out a mortgage or Tweeting a picture of your meal. Some things are just too important to risk.

Article / Updated 03-26-2016

You are your username on the internet. For most of the YouTube community, that’s all you are. This means you do not have to share personal information. Registering with YouTube is an anonymous procedure — you don’t need to give your name, just your e-mail address. YouTube keeps that information private, so really, all that other YouTube users know about you automatically is your username. Any other information is divulged by you. Keep your identity a secret. Let them call you Batman, not Bruce Wayne. YouTube is a community of millions of people, and you seldom truly know who it is you’re interacting with. That’s why the best policy — the smartest policy — is to use the Tube within the shelter of your anonymous username. The following is a list of things to consider when using YouTube anonymously: Don’t use your full name as your username. Be johniscool rather than johnsmith. That might seem obvious, but it’s not always the case. That’s because many people use YouTube for exactly that reason: to get their names out there. If you’re a comedian, chances are that you want your name on your videos. You want an agent. You want to get hired. It only makes sense. If you’re not trying to get famous on YouTube, though, don’t post your full name anywhere. Don’t reveal too much in your videos. If, for some reason, your video contains footage of the outside of your house, avoid showing your full address. In other words, if you see the number 24 on the door and then in a later frame see you and your husband walking the dog past a street sign that reads Princeton, you have a pretty good idea of where you live. For the same reason, avoid showing the license plate on your car. Be careful with kids and the family videos. One of the greatest things about YouTube is that you can easily share videos with family and friends across the miles. For family videos, upload them as private videos — ones that can be viewed only by people you designate. Don’t reveal too much on your channel. Customizing your channel on YouTube is a great way to introduce yourself to the YouTube community, creating a place where users can go to see all the videos that you upload and to learn more about you. However, make sure that they don’t learn too much. Unless you’re looking to get famous or want to be contacted by any random person on the Tube, don’t post your full name or personal contact information. Remember that your channel is no more private than any other page on YouTube. Think twice before giving out your personal e-mail address. People often forget that YouTube is a chat site as well as a video-sharing site. You can message other users, and they can message you. But stay clear on this point: Any messages you send or receive are sent through YouTube. In other words, if someone watches one of your videos and sends you a message, he sent that message to your username. That’s anonymous. He does not have your real e-mail address. You can swap messages anonymously — using just your username — with any other Tuber, so there’s no real need for you to give your personal e-mail address to any other user. Consider carefully what you write in messages, comments, or feedback. You probably aren’t planning on getting into fights with people on the Tube, but you might be surprised at how easily things can get heated. Some Tubers leave nasty comments, and you might be tempted to fire off a response. That’s not a violation, but don’t get so angry that you arrange a meeting place for a real-life fight. That might sound crazy, but believe it or not, it happens. On the flip side, you might not be planning on falling in love on the Tube either, but you just might find yourself involved in a message exchange with some charming Tuber out there. Believe it or not, this happens, too. And what a coincidence — he lives in your city! He’s rich, he’s a brain surgeon, he looks like George Clooney, and he wants to meet you for a drink. Should you go? That’s entirely up to you, but don’t forget that this is a total stranger, and he just might not really be that handsome devil you see in his videos. Whatever you do, do not message that person your personal info. If you go out on a limb and actually meet that person and sparks don’t fly, you probably won’t want him to know how to get back in touch. Don’t tell anybody your password. YouTube will never ask you to reveal your password for any reason. If you get a message from YouTube asking for your password, that message is not really from YouTube. You’re being scammed by someone, somehow, some way. Don’t be guilty of libel. Libel is defamation by written or printed words, pictures, or in any form other than by spoken words. What this means for you on YouTube is that you should be careful of making accusations or allegations about other Tubers. Don’t say that someone is a thief. Don’t say that someone has a disease, that he’s insane, that he’s a murderer, or that he’s cheating on his spouse. Will you get sued? It might not be likely, but it’s not impossible. Don’t assume that YouTube knows who every user is. When someone registers with YouTube, all that she supplies is an e-mail address. No name. No credit card. So don’t make the mistake in thinking that YouTube has the 411 on every user or that every user can ultimately be held accountable for his or her behavior.