Check your PCs for viruses!

[mikeymike]

Remember that virtually all email viruses spoof the from address.  While there is a chance that Amiga.org users' computers have been infected with viruses, it is worth taking that into account as well.

On two occasions I've received viruses from my own email address.  And no, my computer hasn't had a virus infection in years.

[mikeymike]

Here's my advice on avoiding viruses/spyware:

* Don't use IE/OE/Outlook
* Don't rely on a firewall to keep you safe
* Don't rely on your anti-virus scanner to keep you safe
* Don't open attachments with suspicious file extensions, and if you're not sure about an attachment, email the sender and ask them if they meant to sent it to you.  Then try the file with the virus scanner.

No anti-virus software is foolproof or invulnerable.  Windows-based firewalls are far more flawed than most AV software.  Learning a few lessons which should be common knowledge will keep you far more safe.

[mikeymike]

whabang wrote:
Don't use a static IP unless you need to.

I disagree.  The usefulness of having a static IP outweighs the fringe "security through obscurity" benefit of having a dynamically-assigned IP address.  At the end of the day, if someone is looking for a machine to hack into, they'll just scan an entire IP range for machines with vulnerable services running.  If your machine was successfully hacked into, typically a program is left running on your machine which will advertise your hacked machine's existence on the Internet, mostly in the form of connecting to an IRC server and waiting for instructions.

Don't use ZoneAlarm at all (it causes low-IDs in eMule anyway).

I totally agree with this, but most Windows-based firewalls are about as useful as a monkey with five asses.

I've written an article about software firewalls here:
http://www.mikeymike.org.uk/mikes/040829.html

Regularily go through your computer, looking for anything suspicious.

This requires a bit more knowledge, though it is worth knowing.  Get acquainted with what processes are normally running on your computer, you can use Task Manager (right-click on the taskbar, there's an option for it there) to see the process list.  You can search for executable names in google, and if they come up as spyware/viruses, you know you've got a problem.  Otherwise, if you see a process you can't account for, investigate it more thoroughly.

When checking customers' machines, I generally run a scan with Ad-Aware on their machines, and for new customers, there hasn't been one yet whose machine didn't light up like a spyware christmas tree (admittedly Ad-Aware has one false-positive I'm aware of, but it also considers most cookies as spyware, which is a bit of an over-reaction).

I don't run a virus scanner for on-access scanning.  I avoid dodgy attachments, it helps that my friends are competent computer users though.  I otherwise run a spyware scan and virus scan probably about once or twice a month.  On the rare occasion I need to install unknown new software, I manually virus/spy scan the installer, then virus/spy scan my system after the installation.

But if you use a decent browser and mail client, (eg. not one by MS), you cut down the amount of risk you're taking by at least half.  The rest is down to what ought to be common sense then.

Otherwise, keeping software patched is a good idea.  And don't forget, companies do not email software updates to customers!