Stop. Think. ClickTM

A computer


OnGuard Online
Your Safety NetTM


Access to information and entertainment,credit and financial services, products fromevery corner of the world�even to yourwork�is greater than earlier generationscould ever have imagined. Thanks to theInternet, you can order books, clothes, orappliances online; reserve a hotel roomacross the ocean; download music andgames; check your bank balance 24 hoursa day; or access your workplace fromthousands of miles away.

The flip-side, however, is that the Internet� and the anonymity it affords�also can give online scammers, hackers, and identity thieves access to your computer, personal information, finances, and more.

But with awareness as your safety net, you can minimize the chance of an Internet mishap. Being on guard online helps you protect your information, your computer, even yourself. To be safer and more secure online, adopt these seven practices.


1. Protect your personal information. It�s valuable.

Why? To an identity thief, your personal informationcan provide instant access to your financialaccounts, your credit record, and other assets.

If you think no one would be interested in your personal information, think again. The reality is that anyone can be a victim of identity theft. In fact, according to a Federal Trade Commission (FTC) survey, there are almost 10 million victims a year. It�s often difficult to know how thieves obtained their victims� personal information, and while it definitely can happen offline, some cases start when online data is stolen. Visit to learn what to do if your identity is stolen.

Unfortunately, when it comes to crimes like identity theft, you can�t entirely control whether you will become a victim. But following these tips can help minimize your risk while you�re online:


A hacker is a person who uses theInternet to access computers withoutpermission. A spammer is someone whosends mass amounts of unsolicitedcommercial email. A virus is softwarethat spreads from computer to computerand damages files or disrupts your system.

2. Know who you�re dealing with.

And know what you�re getting into. There aredishonest people in the bricks and mortar worldand on the Internet. But online, you can�t judgean operator�s trustworthiness with a gut-affirminglook in the eye. It�s remarkably simple for onlinescammers to impersonate a legitimate business,so you need to know who you�re dealing with. Ifyou�re shopping online, check out the sellerbefore you buy. A legitimate business or individualseller should give you a physical address and aworking telephone number at which they can becontacted in case you have problems.

A floater connected to a fishing line in the water.

�We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.�

�Phishers� send spam or pop-up messages claiming to be from a business or organization that you might deal with�for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to�update� or �validate� your account information. It might threaten some dire consequence if you don�t respond. The message directs you to a website that looks just like a legitimate organization�s, but isn�t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name. Don�t take the bait: never reply to or click on links in email or pop-ups that ask for personal information.

Legitimate companies don�t ask for this informationvia email. If you are directed to a website toupdate your information, verify that the site islegitimate by calling the company directly, usingcontact information from your account statements.Or open a new browser window and type theURL into the address field,watching that theactual URL of the site you visit doesn�t changeand is still the one you intended to visit. Forwardspam that is phishing for information and to the company, bank, ororganization impersonated in the phishingemail. Most organizations have information ontheir websites about where to report problems.

Two compters connected.

Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.

But file-sharing can have a number of risks. If you don�t check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents. In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.

If you decide to use file-sharing software, set it up very carefully. Take the time to read the End User License Agreement to be sure you understand the side effects of any free downloads.

A looking glass.

Many free downloads�whether from peers or businesses�come with potentially undesirable side effects. Spyware is software installed without your knowledge or consent that adversely affects your ability to use your computer, sometimes by monitoring or controlling how you use it. To avoid spyware, resist the urge to install any software unless you know exactly what it is. Your anti-virus software may include anti-spyware capability that you can activate, but if it doesn�t, you can install separate anti-spyware software, and then use it regularly to scan for and delete any spyware programs that may sneak onto your computer.


Most viruses sent over email or Instant Messenger won�t damage your computer without your participation. For example, you would have to open an email or attachment that includes a virus or follow a link to a site that is programmed to infect your computer. So hackers often lie to get you to open the email attachment or click on a link. Some virus-laden emails appear to come from a friend or colleague; some have an appealing file name, like �Fwd: FUNNY� or �Per your request!�; others promise to clean a virus off your computer if you open it or follow the link.

Don�t open an email attachment�even if it appears to be from a friend or coworker�unless you are expecting it or know what it contains. You can help others trust your attachments by including a message in your text explaining what you�re attaching.

3. Use anti-virus software and a firewall, and update both regularly.

Dealing with anti-virus and firewall protectionmay sound about as exciting as flossing yourteeth, but it�s just as important as a preventivemeasure. Having intense dental treatment isnever fun; neither is dealing with the effects ofa preventable computer virus.


Anti-virus software protects your computer from viruses that can destroy your data, slow your computer�s performance, cause a crash, or even allow spammers to send email through your account. It works by scanning your computer and your incoming email for viruses, and then deleting them.

To be effective, your anti-virus software should update routinely with antidotes to the latest �bugs� circulating through the Internet. Most commercial anti-virus software includes a feature to download updates automatically when you are on the Internet.


What to Look For and Where to Get It
You can download anti-virus softwarefrom the websites of software companiesor buy it in retail stores. Look for anti-virussoftware that:


Don�t be put off by the word �firewall.� It�s not necessary to fully understand how it works; it�s enough to know what it does and why you need it. Firewalls help keep hackers from using your computer to send out your personal information without your permission. While anti-virus software scans incoming email and files, a firewall is like a guard, watching for outside attempts to access your system and blocking communications to and from sources you don�t permit.

Some operating systems and hardware devices come with a built-in firewall that may be shipped in the �off�mode. Make sure you turn it on. For your firewall to be effective, it needs to be set up properly and updated regularly. Check your online �Help� feature for specific instructions.

If your operating system doesn�t include a firewall, get a separate software firewall that runs in the background while you work, or install a hardware firewall�an external device that includes firewall software. Several free firewall software programs are available on the Internet.


Some spammers search the Internet forunprotected computers they can controland use anonymously to send unwantedspam emails. If you don�t have up-to-dateanti-virus protection and a firewall,spammers may try to install softwarethat lets them route email through yourcomputer, often to thousands of recipients,so that it appears to have come fromyour account. If this happens, you mayreceive an overwhelming number ofcomplaints from recipients, and youremail account could be shut down byyour Internet Service Provider (ISP).

4. Be sure to set up your operating system and Web browser software properly, and update them regularly.

Hackers also take advantage of Web browsers(like Internet Explorer or Netscape) and operatingsystem software (like Windows or Linux) thatare unsecured. Lessen your risk by changing thesettings in your browser or operating system andincreasing your online security. Check the �Tools� or�Options� menus for built-in security features. Ifyou need help understanding your choices, useyour �Help� function.

Your operating system also may offer free software �patches� that close holes in the system that hackers could exploit. In fact, some common operating systems can be set to automatically retrieve and install patches for you. If your system does not do this, bookmark the website for your system�s manufacturer so you can regularly visit and update your system with defenses against the latest attacks. Updating can be as simple as one click. Your email software may help you avoid viruses by giving you the ability to filter certain types of spam. It's up to you to activate the filter.

If you�re not using your computer for an extended period, turn it off or unplug it from the phone or cable line.When it�s off, the computer doesn't send or receive information from the Internet and isn�t vulnerable to hackers.

5. Protect your passwords.

Keep your passwords in a secure place, and outof plain view. Don�t share your passwords onthe Internet, over email, or on the phone. YourInternet Service Provider (ISP) should neverask for your password.

In addition, hackers may try to figure out your passwords to gain access to your computer. You can make it tougher for them by:

One way to create a strong password is to think of a memorable phrase and use the first letter of each word as your password, converting some letters into numbers that resemble letters. For example,�How much wood could a woodchuck chuck� would become HmWc@wcC.

6. Back up important files.

If you follow these tips, you�re more likely to bemore secure online, free of interference fromhackers, viruses, and spammers. But no system iscompletely secure. If you have important filesstored on your computer, copy them onto aremovable disc, and store them in a safe place.

7. Learn who to contact if something goes wrong online.

Hacking or Computer Virus
If your computer gets hacked or infected by a virus:

Internet Fraud
If a scammer takes advantage of you through anInternet auction, when you�re shopping online, orin any other way, report it to the Federal TradeCommission, at The FTC enters Internet,identity theft, and other fraud-related complaintsinto Consumer Sentinel, a secure, online databaseavailable to hundreds of civil and criminal lawenforcement agencies in the U.S. and abroad.

Deceptive Spam
If you get deceptive spam, including email phishing for your information, forward it to Be sure to include the full header of the email,including all routing information.

Divulged Personal Information
If you believe you have mistakenly given your personal information to a fraudster, file a complaint at, and then visit the Federal Trade Commission�s Identity Theft website at to learn how to minimize your risk of damage from a potentialtheft of your identity.


Parental controls are provided by mostISPs, or are sold as separate software.Remember that no software cansubstitute for parental supervision.Talk to your kids about safe computingpractices, as well as the things they�reseeing and doing online.


OnGuard Online - Your Safety Net (tm)

OnGuard Online provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.

To keep up to date with information about the latest computer threats, sign up for alerts from the Department of Homeland Security at