The first line of defense is to teach your child how to use the Internet safely. Children are interested in computers and the Internet as early as age two, and young children can be easily guided to appropriate web sites that provide entertainment and education.

As children get older, however, it becomes more difficult to supervise all their online activities. By adolescence, they may engage in viewing pornography or chatting online with potential predators. Sometimes they'll post photos of themselves and provide information that could allow pedophiles to approach them.

Being involved with your child's online activities helps limit some of these risks. Keeping the computer in the living room or just being interested in what they view may be enough to help children resist the temptation of 'forbidden' sites.

It's usually not possible, though, to supervise all their online activities. Scary thought, but when you're at work or shopping you can't know what your child is being exposed to.

Or can you?

In fact, there are a variety of software and hardware tools that can limit your child's Internet access or monitor his or her computer activities. Most cost very little, some are even free, others are simply helpful tips for how to restrict access.

FILTERS

Filtering software works by blocking certain web sites or specific keywords. Parents can specify them or use a pre-built list. For example, a list of pornographic or otherwise inappropriate sites is provided by the software vendor and can be updated from their web site. Any time your child tries to access one of these web sites he or she will get a 'HTTP 404 Page Not Found' or similar message.

Filters can also be set up to block access to certain types of Internet traffic such as instant messaging, newsgroups, e-mail, or peer-to-peer (P2P) hosting. The latter is often used for file exchanges.

These filters aren't perfect and it's next to impossible for a database to be completely up-to-date because new web sites come onto the Internet all the time, but they help.

Another type of software records all your child's computer activity - sites visited, e-mails sent or received, programs run, even individual keystrokes in some cases.

Another option is to install software which restricts computer use to certain times during the day. The computer shuts off at scheduled times or when a certain amount of data has been downloaded from the Internet. Actually Windows has built-in facilities for doing this, but configuring it requires a level of expertise beyond the average user.

Software exists which can block your child's name, address or other personal details as specified by the parent from being sent.

BROWSERS - Some browsers are specifically designed for children that incorporate many of the filters discussed above. They're easier for children to use than Internet Explorer or Firefox but don't rely solely on this type of browser, however. Internet Explorer can't be un-installed from the Windows operating system and any net savvy kid will probably find out how to gain access to it.

Many home users have unknowingly become computer geeks. Not too long ago using the terms 'router' or 'wireless' signaled the presence of the enthusiast or professional. No longer. Now, routers, hubs, switches, Ethernet cards, firewalls and a bewildering array of other network related buzzwords have entered the home.

What users didn't get is what every networking and computer professional has early on - training in how to secure that gear from hackers.

But, don't panic. The settings from the vendor are often quite good. Now, for some guidance...

RFM is a common acronym known to computer professionals. For the sake of propriety I'll ignore the middle letter, but the first and last stand for Read the Manual. It'll give you common useful settings and configuration information. Now read it again.

ROUTER PORTS

First, change the password and if possible rename the administrator account. The person who bought the same model you did has that information, and he may not be as trustworthy as you.

Port 80 is the standard for HTTP, needed for any web browsing. 'Ports' are network numbers used by software to distinguish traffic. Open that, but only for specific IP addresses or ranges going out. That way, only known computers can generate traffic out of your home network.

That tip is imperfect if you acquire an IP address automatically. I.e. use DHCP, as most do. But many providers allow you to purchase one static address for your router. That's the one that should have access out.

Why do you care about traffic going out? Because you can infect others. Practice safe networking. Don't spread viruses. Also, if you have wireless - see below - you may not know who's on your network. Even if you don't and you're not home, no one can sneak in with a laptop and get out of your network. Yes, it's happened.

You'll have to open Port 80 for all incoming traffic, unless you want to try to track which sites have which IP address - nearly impossible.

If you use a desktop e-mail client, rather than being entirely browser based, you need to open Port 25 for outgoing mail (SMTP) and 110 for incoming (POP3, ignore the acronym meanings).

And that's ALL... usually.

Manual or desktop FTP clients, which you should avoid because of their weak security, will need another, and specialized programs will require a few others. In most cases you'll find their numbers easily discoverable. Keep them to the bare minimum. The rule of thumb with network security is: everything closed by default, allow only those truly needed and only to those who need it.

By the way, if these sound a lot like firewall settings it's because routers and firewalls have some overlapping functionality. Routers route traffic, firewalls prevent or allow it.

WIRELESS NETWORKS

If you have wireless gear, you have more to do. Some, by default, allow anyone nearby to use them to access that network and hence the Internet. That means not only the teenager in the upstairs bedroom, but the neighbor next door and the hacker parked at the curb can access resources inside your home. Yes, that does happen.

Lock down your wireless gear by, you guessed it, reading the manual to learn how to configure passwords and implement any other security features available.

It isn't necessary to dedicate your life to becoming a network or security expert in order to safeguard your resources. But having a home network connected to the Internet via a home router, puts you at extra risk compared to dial-up or single-connection users. If you don't spend a modest amount of time to take simple steps today, someday you may spend much more after you've been hacked.

Personal firewalls offer a selection of protection levels depending on whether they're connecting to a private network or the Internet. Computers in a home network, for example, will usually be allowed to share files and access common resources like printers without restriction. In this case, the firewall will allow more access than when connecting to the Internet.

Since Internet access is riskier, it should be more strictly controlled. In this case, firewalls should be configured to restrict more types of incoming and outgoing data and close unnecessary ports. 'Ports' are standardized numbers used by network software to route traffic.

Not to worry about any need to become a computer geek. Things are usually configured well by default. When they need modification, alerts are generated to allow making the change.

Most personal firewalls have two basic components. The first examines data as it arrives at your computer to determine whether it should be allowed through. The second sets up rules ('a policy') for specific applications. This second component may be very lax — it simply allows a particular program to access the Internet.

The first component, the packet filter, analyzes each data packet and either allows it to pass or drops it. Data routed on networks is grouped into chunks called 'packets'. Packets must comply with a set of rules ('the policy') in order to pass, and those that fail to meet the rules may signal an alert or simply be dropped, depending on the firewall settings.

The second component, the application filter, determines whether specific programs can send and receive data through certain ports. For example, a browser needs access to the Internet, so the policy is configured to allow sending and receiving data through Port 80, the standard number.

Since your web browser is only using port 80, and the personal firewall is blocking all other ports, your computer is secure, right? Well, not exactly.

Application filters are usually set up for specific programs and not the components they are made up of. Each program may use several modules and these individual modules can become infected. In Windows, they often take the form of DLLs — dynamic link libraries — but that's more info than you need.

Your antivirus program will typically be able to detect an infected module, but a brand new virus which is not yet in the antivirus database could remain hidden. If this happens to your web browser and your personal firewall is allowing traffic to pass based on the application filter, your system is open to attack.

Firewalls don't provide absolute protection from hackers or viruses. They're effective at keeping average hackers out, but should be supplemented with up-to-date antivirus software and safe file sharing practices. Remember, the rule of thumb for firewalls: If you don't recognize the visitor, treat them as risky.

Hardware firewalls are commonly used between networks — for example between a corporate network and the Internet. The Internet is nothing more than a large set of mutually cooperating networks. Incoming traffic from the Internet is restricted to public access areas or to particular computers on the corporate network. Computers in the corporate network 'behind' the firewall access each other and the Internet.

Internal firewalls within corporate networks are also used, typically to keep resources restricted to certain groups, or to prevent viruses infecting some groups from spreading to others.

Software firewalls — called 'personal firewalls' — are more often used in personal computers which connect to the Internet. They're slower than hardware firewalls, which are specialized for that function, and they use resources on the individual's PC.

Firewalls help prevent unauthorized access to systems by hackers or viruses. They control both inbound and outbound traffic according to a 'policy' established when the firewall is installed, or later configured. The policy determines which programs can access the Internet and what kind of incoming or outgoing traffic is allowed.

Browsers, e-mail programs and some auto-updating programs (such as antivirus software) all require network access. A personal firewall can be set up to allow this kind of traffic, while disallowing others.

Firewalls 'learn' which programs can access the Internet freely. The first time a program tries to connect to the Internet the firewall signals an alert. The user modifies the firewall policy by (dis)allowing that particular program to access the Internet. The rule of thumb is: if you don't recognize the program, don't allow access. Most installation software will specify what firewall settings are needed to run common programs properly.

Hackers routinely scan computer networks looking for open 'ports' (numbers used by network software to distinguish traffic) through which they can gain access to your computer. Ports are individual entry connection points between the computer and the Internet. If a hacker can find an open port, it can be used to transmit a worm carrying a payload which can give the hacker control over your computer. Firewalls can close all unused ports.

The best personal firewalls not only close ports, they hide their very existence. This means a hacker program scanning for open ports won't receive a reply to scan requests, rendering the system 'invisible'.

That doesn't mean, unfortunately, that personal firewalls are invulnerable. Unlike hardware firewalls, personal firewalls are part of the computer system — they're just another program — and are just as vulnerable to virus attacks as any other. Some viruses target firewalls by modifying the policy file. If this happens your computer may become vulnerable to hackers even when you thought it was secure.

Nevertheless, connecting to the Internet without using a firewall is ill-advised. Open ports are a vulnerability that can be easily exploited by hackers. To protect your firewall integrity be diligent about scanning incoming files for viruses, by using antivirus software and avoiding unexpected e-mail attachments.

Fighting spam — like countering any illegitimate activity — is a battle fought best on multiple fronts. There are simple steps end-users can take to minimize the impact of junk mail (outlined in Part I), but the webmaster or e-mail provider has even more tools available.

Foiling them by raising the spammer's cost, without turning your efforts into a full-time job, is the most effective way to shift the equation in your favor. Some of the end-user techniques discussed in Part I are even more useful to the webmaster.

CAMOUFLAGE

Spambots can only do what they're programmed to do. Often, disguising a publicly visible e-mail address is enough to cause the spambot to bypass you. They're frequently programmed to look for character strings like John_Example@somecleverdomainname.com. A change to John_Example_at_NOSPAMsomecleverdomainname.com is enough to fool them.

Even if your disguised e-mail address is still harvested, at minimum the address has to be 'scrubbed' in order to be used. Scrubbing routines are even harder to write than spambots, because there are so many possible variations. (NO_SPAM, NOSPAM, no*spam, and many that are much more clever. Be creative!)

The method has a drawback: users have to strip out the extra letters and insert the @-sign (in the above example) — something they sometimes fail to do.

E-mail addresses can be made un-harvestable by embedding them in a graphic, rather than using mailto: or other plain-text options. Very few bots are sophisticated enough to read a graphic and translate the pixel pattern into usable text — particularly since the graphic can have an infinite variety of shapes. Here again, users can't simply copy-and-paste or reply to, so there's some inconvenience for them.

An alternative option is to eliminate visible and accessible e-mail addresses entirely. Instead, provide a feedback form that stores user information in areas unsearchable by spambots. Or, store the information in easy to encode but difficult to crack encrypted formats by using for example javascript.

BARRIERS

Banning visible e-mail addresses, or hiding them in graphical form, makes communication between trusted parties more difficult. Put the burden back on the spammer by blocking known spambots.

They often have an easily spotted signature, in the form of a known IP address or process name (or both), or by looking for non-browser User-Agents.

IP address blocking is a simple matter for any webmaster, but blocking unwanted processes isn't difficult either. Just start a cron job that periodically scans for a process name and uses kill to terminate the associated process ID.

The more sophisticated webmaster can have a daemon that sleeps until a process name is instantiated, wakes up instantly and kills the process before it can do any harvesting. Only slightly more difficult to implement, sample programs are available by searching your favorite engine.

It's possible to set a spambot trap that blocks incoming requests based on excessive search behavior or other pattern. The technique is a little more difficult to implement and administer since it requires defining patterns and altering them for different bots. Again, sample perl scripts and how-to guides are available by a brief search.

RAISE THE PRICE

Eventually, even determined spammers get tired of programming variations to bypass the hurdles thrown in their way, deciding the effort isn't worth the reward. The trick is to make the cost of their effort much higher than the reward, while making the cost to you low and the reward high.

Spammers won't surrender until the profit is taken out of their efforts. Even legislation, such as CAN-SPAM in the U.S., seems to have deterred mostly legitimate businesses who were not the guilty parties.

But junk mail filters are getting more sophisticated, penalties for sending spam are having some effect and there are new proposals being discussed (such as "mailer id") that will eventually reduce the problem to a negligible annoyance.

That's bad news for spammers — which is welcome information for the rest of us.

Most people are familiar with the legend of the Trojan horse. During the siege of Troy, the Greeks left a large wooden horse outside the gates, allegedly as a peace offering. The Trojans brought the horse inside the city walls only to discover it was full of Greek soldiers who quickly sacked the city.

A computer Trojan horse is similar. It looks like a benign or useful program but actually contains hidden code that can destroy data or install spyware. A Trojan horse is often referred to as a virus, but unlike a true computer virus doesn't replicate itself. It's simply designed to gain access to your system and wreak havoc - like the mythical Greek soldiers.

Many Trojan horses (or simply 'Trojans') are spyware, used to monitor your computer activity and send information to a third party without your knowledge or consent.

Spyware can be used to deliver unsolicited pop-up ads, or to log private information such as credit card numbers and passwords, or even reroute your browser to a commercial site. The unscrupulous vendor at that site usually paid the spyware creator to do just that.

Another common use for a Trojan is to install a 'backdoor' - an access point to your computer which bypasses the normal login procedure. Hackers use backdoors to gain control of your computer to send spam or to wreak malicious damage. Since the damage appears to originate from your system it can be hard to combat.

Geeks make a distinction between 'crackers' who gain access to a system to do harm, and 'hackers' who just want to understand the details of how a system works. We'll stick with the more common, though less accurate, term.

How Trojans Are Distributed

Trojans are hidden in programs which appear useful. You visit a free utility site, download one and run the program. Your system is infected.

They can also be spread by e-mail attachments. If the attachment contains an executable file, that program can also contain a Trojan which will infect your computer as soon as it is run.

Executable files have extensions such as .exe but sometimes the extensions are hidden to make the file look like a harmless text file. An example of this would be a file named 'look_at_me.txt.exe. The user may not notice the '.exe' part of the filename (the extension) and think it's a text file. Some operating systems allow users to hide extensions, so in this case the user would simply see 'look_at_me.txt'.

Newer tactics involve embedding them in certain image files. The lesson is: never open a file from someone unknown, or when its arrival is unexpected. Even well-meaning individuals pass on viruses this way.

It's common for Trojans to be spread through operating system vulnerabilities. An operating system controls the basic functions of the computer. Computers connect to the Internet through 'ports', some of which present security risks. Malware takes advantage of these vulnerabilities.

One well-known Trojan is called Sub7. Some claim it has legitimate uses (such as remotely controlling your own computer), though it's often used for illegal activities. Computers with Sub7 installed are accessible from a remote location and can be used to steal credit card numbers by logging keystrokes for example.

Fighting Trojans - The modern way

Most antivirus software will detect and remove Trojans. Keep your virus database up to date to provide the best protection. Some antivirus programs require you to manually scan attachments or other incoming files. Get one that does it automatically. The cost difference is negligible.

Always use caution when opening email attachments, even if they come from a known source. If the attachment is unexpected it should be suspected.

Firewalls should also be used to close vulnerabilities when using the Internet.

E-mail has become an essential mode of communication in the modern world. Unfortunately, that means it's also one of the most common routes for virus infection and fraud. Protecting yourself from these kinds of threats is necessary for everyone.

Viruses - Viruses often arrive in the form of e-mail attachments, so exercise care when opening any attachment - even from a known source. Some viruses infiltrate address books and send infected e-mail to everyone listed, so it's possible to receive a virus from a friend or colleague. Ideally, you should communicate beforehand to expect an attachment.

The best protection against e-mail viruses is virus protection software that automatically scans each attachment as it arrives at your computer. Every computer connected to the Internet should have antivirus software, to protect your own system and the Internet as a whole. Some viruses start on an individual system but spread to entire networks, engulfing the equipment essential to run the Internet.

Phishing

Frauds are another security risk posed by e-mail. One type, called 'phishing', tries to trick the recipient into disclosing personal financial information or passwords. These e-mails use logos of well-known institutions like banks or online retailers and ask you to update your password or financial information.

They provide a link which looks legitimate but in reality directs you to a phony web site. Providing personal information leads to becoming the victim of credit card fraud or theft - sometimes called 'identity theft'.

Tipoffs can be gleaned from the subject line or the content. Rather than using your personal name, they may say 'Dear valued customer'. But finding some variant of your name isn't difficult these days. Beware, in either case.

A more subtle tipoff is a link which doesn't correspond to the text describing it. This can be verified by checking the status bar when you highlight the link. If the text says something like "Microsoft", but the URL is "www.somebadplace.com" you know the message is not from the folks in Redmond, Washington.

Specialized software can detect phishing, though it hasn't reached maturity - it often identifies legitimate e-mail as fraud. Always treat requests for passwords or credit card numbers with suspicion. Remember, no legitimate financial institution will ask you to verify your password or sensitive data in an e-mail.

E-mail Backups - Like any other kind of data, e-mail can (and should) be backed up. It's easy to do with most e-mail programs - simply export the messages to a folder, then backup the folder with a backup program onto a removable disk, writeable CD or DVD or other media. Specialized backup software can be purchased at modest cost to backup e-mails directly, eliminating the export step.

Backup programs can usually be automated to occur at a convenient time without requiring further intervention. Granted, configuring them is one more thing to do in a busy schedule. But the first time you lose one that's badly needed, you'll be much busier trying to replace it if it wasn't backed up.

Fighting spam - like countering any illegitimate activity - is a never-ending battle. You devise a strategy and there's a counter-response. But taking low-effort steps that make spammers actions ineffective or difficult puts you at an advantage.

Two can play at that game.

Since spam is made possible by programs, programs can fight it - and, fortunately, there are many already available. Before learning how to use them, it's helpful to know how spammers do their dirty deeds and what simple actions a user can take to counter them.

One of the most effective tools spammers have are spambots - programs that automatically browses websites looking for e-mail addresses, which it then "harvests" and stores into large lists. The lists are then either used directly for marketing purposes or sold, often as CDs listing millions of addresses.

There aren't yet perfect mechanisms for foiling spambots, but there are several effective techniques.

MISDIRECT

If you don't expose an e-mail address to harvest, you can't get harvested. But in a time when blogs, forums and other public sites are heavily used - and most require providing an e-mail address to post if not to read - it's difficult to avoid.

So for those public venues, define and use an address where you intend to get no personal e-mail. After responding to the sign-up confirmation you don't have to care what goes there. Keep another for personal use and give it only to trusted individuals and vendors.

A word of caution: Hotmail, Yahoo and other large providers have often been used for this purpose. Some sites are wise to this and won't allow addresses with @hotmail.com, for example. Fortunately, there are dozens of free e-mail providers and you don't have to use the same one every time.

CAMOUFLAGE

Spambots are clever, but they're not human. They can't make subtle distinctions or inferences unless they're programmed to do so. Often, disguising a publicly visible e-mail address is enough to cause the spambot to bypass you. They're frequently programmed to look for character strings like John_Example@somecleverdomainname.com. Programs only do what they're instructed, so even so simple a change as John_Example_at_NOSPAMsomecleverdomainname.com is enough to fool them.

Even if your disguised e-mail address is still harvested, at minimum the address has to be 'scrubbed' in order to be used. Scrubbing routines are even harder to write than spambots, because there are so many possible variations. (NO_SPAM, NOSPAM, no*spam and many that are much more clever. Be creative!) Those variations are usually simple for humans to decipher, but again programs only do what they're instructed.

The method does have potential drawbacks. Humans have to strip out the extra letters and insert the @-sign (in the above example) - something they sometimes fail to do out of failure to understand the need to, or because they simply hit Reply To. Also, since many e-mail confirmation systems are themselves automated (by software, naturally), they too will fail to deliver to the desired address.

A variation on the technique can be used not only by web site designers but (to an extent) users. You can usually configure your e-mail account to make the receiver see your e-mail address as anything you wish, regardless of the actual address. After all, that's how spammers often disguise themselves, too.

FILTERS

Once you make the effort to create an e-mail account and 'advertise' it to your friends, business associates and trusted vendors changing (or even disguising) it can be undesirable. That puts you in the position of making high cost efforts for low reward - exactly the role you want the spammer to be in, not you.

Spam or Junk Mail filters to the rescue.

Filters examine every e-mail before it's delivered and apply complex algorithms to determine whether one is junk or not. They're configurable so that e-mail from senders listed in your address book pass through to your Inbox, with others directed to a Junk folder.

Though imperfect, those algorithms are reviewed often by e-mail providers and evolve to capture more junk and fewer valid messages. And, when reviewing the junk mail folder, some allow you to specify whether they 'guessed' correctly. Your answers allow the algorithms to make better guesses.

RAISE THE PRICE - Eventually, even determined spammers get tired of programming variations to bypass the hurdles thrown in their way, deciding the effort isn't worth the reward. The trick is to make the cost of their effort much higher than the reward, while making the cost to you low and the reward high.

Spammers haven't surrendered, but progress to date has been impressive.

For many people, computers have become a daily necessity. We use them for work, for correspondence and for entertainment. Many of the files are important documents and losing them would cost us time and money. Backups are the best way to prevent their permanent loss.

On that day, one of two things will happen. You'll either suffer the grief that comes with losing financial information, passwords, music collections, personal photographs and all the software you've purchased. Or, you can repair or replace the computer and restore from the backups you've been making regularly. The latter is an annoyance, the first a disaster.

There are, unfortunately, an infinite variety of ways to lose data. Besides hardware failure, computers can be destroyed in fires or floods. Hard drives can be damaged by power surges caused by lightning strikes or data lost by a child randomly hitting the keyboard. Viruses can infect systems and erase hard drives.

But there's only one way to get it back - by having it available to be restored.

What to Backup?

For the average user, it's usually not necessary to backup every file on the computer, which would require large storage space. But at bare minimum home users should backup personal files and irreplaceable software. Spreadsheets with financial records not easily available from other sources, legal documents, work-in-progress... the list is large.

But backups needn't be.

The easiest way to do backups is to use the backup software that comes with the operating system. Windows has a free, usable backup program while similar ones are available for Mac, Linux and others. The software is easy to use and backing up is a simple matter of selecting which folders to backup. It even has a scheduler so backups can be automated to occur at convenient times.

For a modest sum backup software can be purchased that will only backup files changed since a certain date, or since the last backup. Alternatively, new files could be copied daily to a backup folder where they can be backed-up by your backup program. To ease the task of identifying which, use the Search option to list files 'newer than X'. Once the list is complete, copy them into the backup folder and run the program for just that folder.

Some data, such as e-mails are only slightly more difficult to protect. Some e-mail clients can be configured to keep copies of received and sent e-mails on the e-mail server. When that's not an option, most can export messages to a file, which can then be backed up.

Backups can be done to any kind of removable media - writeable CD's/DVD's, removable hard drives or even the newer 'keychain' devices that plug into a USB port. Even floppy disks can still be used in many cases. Documents often take a small amount of space. Just set aside 7 disks and rotate them from week to week.

Daily backups are one more thing to do in a busy schedule. But the day you lose that file you need and can't restore, you're going to be a whole lot busier.

Along with spam advertisements hawking prescription medicines, 'cheap' mortgage rates and online gambling sites, there are a number of common scams whose sole goal is to separate you from your money.

Some Internet scams offer investment opportunities with huge paybacks. They usually claim to be risk-free, but once they have your money, you're very unlikely to see any return. Another common scam involves offering credit cards for those with bad credit ratings - just send a security deposit and processing fees. In return you get - that's right - nothing. And by the time you start to investigate, the scam artist has disappeared.

Then there are the multilevel marketing schemes (MLMs), urging you to buy large quantities of the 'latest new product' - which you can resell for an easy profit while receiving a commission on each sale from the greater fool down the line. Once you've bought the merchandise, however, the distributor will have disappeared - sometimes without even sending the goods.

Remember these offers are worse than even ordinary spam. Legitimate businesses do not promote their products by spamming. They e-mail selected groups, generally those who have purchased from them before or voluntarily offered an e-mail address. Other offers should usually be ignored. Simply hit your delete button. However, even highlighting the e-mail in order to delete it can signal a spammer that you received one. To fight that, see the article 'Fighting Spam' in this series.

Never reply to spam. Doing so simply indicates to the spammer that your e-mail address is valid, and you'll receive more spam than before. Some spam contains a message offering to remove your e-mail address from their mailing list. Don't use even this service - it's nothing but another method for verifying e-mail addresses.

Above all, never give your credit card number, bank account details or private data to anyone unknown over the Internet. PayPal, for example, and other legitimate online businesses will never ask for your password in an email. One common scam is to fake return addresses and tailor subject lines and content so the message appears to be from them or another financial institution 'confirming' your information. Don't fall for them.

How do you know whether it's spam? Since, one man's spam is sometimes another's welcomed advertisement, there's no perfect answer. But there is one good rule of thumb: if you don't recognize the sender, it's probably not someone you want to hear from. After all, how many former dictators in Nigeria are you likely to know?

Spyware can be more than an annoyance. Poorly programmed spyware can interfere with other programs and can even cause system instability. Privacy issues are at stake as well.

The first line of defense against spyware is to be careful installing software. Know what's being downloaded. A large percentage of freeware or shareware programs have spyware embedded in them. Sometimes that's disclosed in the user agreement, but often not.

Before downloading any new software, look for guarantees that it's spyware free. Even so, be on your guard — the file-sharing program Kazaa has been claiming to be spyware-free for years. Anyone who installs this software soon has an opportunity to test this claim.

How can you tell if you have spyware on your system? You may see pop-up advertisements even when you aren't browsing the web. Your homepage may have been changed without your consent. New toolbars are installed on your web browser which you didn't request. Your computer may be sluggish or mysteriously reboot on its own. Though, the last effect is usually a virus.

If you find your system bogged down with spyware, don't give up hope. There are several utilities specifically designed for removing spyware from your computer. They rely on frequently updated databases which contain signature files of all known spyware and adware. They scan all the files on your hard drive and alert you if 'uninvited guests' are found.

Many are free, though sometimes the paid versions have more automation features such as removing spyware on receipt rather than requiring a manual scan. None will find every piece of spyware on your system, since they rely on a database which has to be populated according to someone's judgment. And, one man's spyware is sometimes another's welcomed advertiser.

Some spyware is notoriously difficult to remove. They may make several alterations to your system settings and install files in different places. Often the only way to remove this type of spyware is to find the locations of all the files and manually delete them.

Needless to say, this should be performed only by skilled users. Deleting the wrong files can damage your programs and even your operating system.

One software tool that can help you remove difficult spyware is called 'HijackThis'. It creates a list of files which could have been altered with spyware. The list is very comprehensive and also includes system files and files installed by legitimate software, so take care.

HijackThis wasn't designed to be a spyware removal tool, but it can be used to locate persistent and hard to remove spyware. It requires knowledge of various system settings and you must be careful when changing them. It's possible to disable your system with the wrong setting. Fortunately, there's a community of HijackThis experts on the Internet willing to give free advice about suspicious entries.

Once your system is spyware free — help keep it that way. Some of the spyware removal tools include utilities that can protect your computer from being exposed to spyware. Much like virus scanners, they monitor changes to your system files and alert you of any suspicious activity.

And, of course, beware those tempting looking free offers. You may get more than you bargained for.