Reducing Your IM Risks
Many of the steps you can take to protect yourself against IM attacks are easy to accomplish and free. Most of them involve common sense, including using an antivirus scanner, deploying a current IM client, not accepting default directories when you install your client, and hiding your personal identifying information.
Use an antivirus scanner. Make sure you use a good antivirus scanner with an up-to-date signature database. Enable the software's auto-protect feature so that the software can recognize and block any known malicious programs that a remote computer might send. Make sure that the antivirus protection covers your IM client; also make sure the product addresses malicious threats no matter how they enter the PC.
Deploy a current IM client. The latest IM clients usually close the known holes. For example, after vendors saw that IRC viruses and worms commonly spread by overwriting script.ini, they started renaming the default configuration file to other names. If your IM client has an automatic upgrade feature, select it.
Don't accept default directories when you install your IM client. Many crude attacks are successful only if the IM client software is installed in its default directories with default configuration names. Change the default installation directory name. In most cases, you won't need to refer to the file again, and you've just added some protection.
Hide personal identifying information. When you install IM software, the software often requests that you provide personal identifying information, such as name, email address, mail address, phone number, gender, and age. Whenever possible, offer false information. If someone needs your real information, you can send the data to that person only.
Remain invisible. Several IM networks (e.g., Yahoo! Messenger, IRC, ICQ) let users choose invisible mode. When you're invisible, other participants don't know when your client is active. Even if you're on other users' buddy lists, your nickname remains shaded. Some clients let you send and receive messages while in invisible mode. On IM networks with mostly public channels, make invisible mode your default.
Use caution when you accept file transfers. Never set your IM client to automatically accept file transfers, even from trusted sources. If a trusted friend that you're chatting with wants to send you a file, make sure he or she means to send it. IM worms and viruses will exploit a remote user's contact list and initiate conversations to send you infected files. The malicious program won't respond to your additional queries. Never accept files sent to the whole channel at once, even if the file is apparently a security patch or antivirus program.
I recommend that you load only those files you receive from commercial vendors and security-minded sources and that you always scan files with an antivirus scanner first.
Install a Personal Firewall
Intruders troll IM channels and collect participating machines' IP addresses. Intruders can place the IP addresses into a sweep list, then feed them into another program to automate attacks. Although intruders might not know where your computer's weaknesses are, they know it's online and will probe your machine. A personal firewall, such as Zone Labs' ZoneAlarm, Internet Security Systems' (ISS's) BlackICE PC Protection (http://www.iss.net), or Symantec's Norton Personal Firewall, will alert you to the attack. And if the attack is persistent, the firewall will automatically cut off all future traffic from the remote computer. Although a personal firewall might require a modest investment, many of the best are free to home users.
Safe IM
IM is a great communication tool, and people will use it increasingly in the future. If you follow the commonsense procedures I've outlined and you use a personal firewall, you can significantly reduce the risk of malicious attacks.