What are the most common Windows hack attacks?

[=MGN=RedEagle]

Hi guys,

As part of my security plan, I am trying to come up with a list of the most common attacks made against a Windows machine.

If you have a guess let me know. I am looking for a top 5 list.

I should mention that I listing things which an intentional hacker would do, not the random attack that every Windows PC would suffer.

 

[Biker]

The biggest security risk with Windows is the person using it.

 

[=MGN=RedEagle]

The biggest security risk with Windows is the person using it.

Other than that...?

 

[Biker]

That's it.

You don't need to know how Windows is compromised. All you need to know is how to keep your machine up to date, use decent security software and practice safe and prudent habits when accessing the Internet.

 

[Chris D]

I couldn't agree more with Biker.

You're suggesting that there's gaping holes in Windows that are wide open and ready to be exploited. It's a misnomer that Windows is inherently insecure

 

[=MGN=RedEagle]

I couldn't agree more with Biker.

You're suggesting that there's gaping holes in Windows that are wide open and ready to be exploited. It's a misnomer that Windows is inherently insecure

My idea is to just learn what the potential openings are to build that list of safe behavior.

 

[Chris D]

There aren't really any openings. Just best practice to follow:

• Always have a firewall enabled
• Always have anti-virus installed
  • It's worth noting for these two points that I only ever use the free Microsoft Security Essentials and Windows 7 built-in firewall. Just make sure they're enabled and updated!
• If you download an application verify it is from a reputable source. Always scan downloaded files using the anti-virus.
• Never open e-mails from people you don't know.
• Never download attachments from people you don't know.
• Always virus scan attachments even if you do know the person who sent it.
• Never open e-mails from banks, PayPal, online shops unless you're specifically expecting them.
• Never click links in emails from the above places.
• Never provide login details to websites that have been linked to in emails (they might look genuine but might not be).
• Always ensure your computer completes Important/Critical Windows Updates.

There's loads I've missed but basically it's all common sense.

 

[SilverCircle]

Other than that...?

None.

 

[=MGN=RedEagle]

Here is my problem. I have more than one group trying to hack into my computers. I cannot afford security guys... too expensive and my funds are gone due to all the hacks (time/client loss).

 

[Paul B]

Which groups and why?

 

[=MGN=RedEagle]

Which groups and why?

Religiously radical people on one hand and a former developer gone rogue on the other. (Don't quote this for other reasons, thanks.)

 

[Biker]

And you know this how? From your previous threads dealing with computers, I get the distinct impression that you aren't that savvy when it comes to technology. So I'm more than a little curious as to what makes you think your PCs are being attacked.

 

[=MGN=RedEagle]

And you know this how? From your previous threads dealing with computers, I get the distinct impression that you aren't that savvy when it comes to technology. So I'm more than a little curious as to what makes you think your PCs are being attacked.

Ya I am not that tech savvy. For the first group it's because they make threats to do so often. For the second group, he left way too much information behind when he contacted me to try and sell me the data he stole.

 

[Biker]

I could say I'm going to nuke your machine and slag your hard drive into an unrecognizable heap of fused metal. Doesn't mean I can do it.

Most mouth breathers who claim they're going to hack your PC haven't ventured out of their mother's basement in months and most likely couldn't hack their way out of a wet paper bag.

 

[Mike Edge]

There aren't really any openings. Just best practice to follow:

• Never open e-mails from banks, PayPal, online shops unless you're specifically expecting them.

Or better yet, don't click the link even if expecting the mail. Take an extra 30 seconds to type in the URL yourself instead.

 

[=MGN=RedEagle]

Most mouth breathers who claim they're going to hack your PC haven't ventured out of their mother's basement in months and most likely couldn't hack their way out of a wet paper bag.

Already lost 4x computers and had to format them. I think their board, I just need a good policy and plan for next time.

 

[ManagerJosh]

Already lost 4x computers and had to format them. I think their board, I just need a good policy and plan for next time.

If you want our group to act as a virtual CISO, we could.

 

[=MGN=RedEagle]

If you want our group to act as a virtual CISO, we could.

Thanks Josh. This is the same issue as we were having before. I feel like I need to begin to learn this stuff myself just to make sure I can really prepare against it. I feel like this situation could be long-term so I am doing all the studying I can to prepare myself. From not understanding the concept of RAM three years ago, somehow today I manage servers and run a tech-related company.

 

[Biker]

Wait. Am I reading this right? You know virtually nothing about technology in general, absolutely nothing about security specifically, and you're managing servers and running a tech company with no security personnel?

Whether you can afford to or not, I would highly suggest you get someone in place that KNOWS security. Because you aren't going to last very long without one. This isn't something you can just "read up on".

 

[=MGN=RedEagle]

Wait. Am I reading this right? You know virtually nothing about technology in general, absolutely nothing about security specifically, and you're managing servers and running a tech company with no security personnel?

Whether you can afford to or not, I would highly suggest you get someone in place that KNOWS security. Because you aren't going to last very long without one. This isn't something you can just "read up on".

I don't want to explain things in detail for privacy reasons, but it would make a lot more sense if I did. lol. We have nothing to do with hardware pretty much. We are also small.