As an aside to ArkAngelss excellent post, Id like to add that as phishing scams are strictly speaking related to Internet banking, if you opt out of email notifications from those companies that you use for financial services, you can be certain that any emails that do arrive from those companies are fraudulent (99.9999999999999% certain
).
I never open an email from anyone I dont know, I never open a spam email, and I never open an email from my bank or credit card company, and if I did, I certainly wouldnt Click on a referring URL or an obfuscated URL in one of those emails. Following these simple rules has kept my network free of Viruses/Trojans etc.
The only occasions where I broke these rules were when I used to open the 419 emails I used to get, simply because they were damned fun to read.
I certainly wouldnt discourage anyone from downloading security updates for their software, but for those who find that an update causes inconvenient software conflicts/serious loss of performance on a machine, the simple types of rules that Ive outlined above should keep anyone reasonably safe.
Also, I used to subscribe to various mailing lists, that were contributed to by System Administrators and very knowledgeable hackers (hackers in the legitimate sense, and not those who gain unauthorised access to networks), and they reported just about as many vulnerabilities that could be exploited in all of the alternative Web Browsers to Internet Explorer, than those found in IE itself. One can make a Web Browser, or a computer totally safe from Cracker exploits, but with the result that the software/machine is almost unusable.
I counsel, that
reasonable precautions should be used by the computer user, and that unreasonable precautions should only be taken by those responsible for securing networks that fall under the Data Protection Act.
But this is just opinion you understand, and Im not prescribing behaviour for others to follow.
Best regards,
Paul.