You can configure Gmail to always use HTTP by clicking Settings from the main Gmail window. In the General tab under Browser Connection (at the bottom), select “Always use https.”

Other email services like Yahoo and Hotmail don’t allow this option. Your most secure option is to download your email using a program like Mozilla Thunderbird instead of viewing it on the Web. (In my opinion Outlook and Outlook Express won’t do anything to enhance your security because they have their own problems.)

For small businesses, orphaned server accounts can be an unseen hazard. Imagine you’ve let an employee go but haven’t deleted their account. They could log in and grab sensitive data or rig the system to self-destruct; these days you don’t need to be a computer whiz to do it. It’s wise to make deleting accounts part of your standard personnel procedures. Avoid sharing accounts and passwords; set up individual IDs with specific access instead, and don’t be tempted to leave post-its with passwords in your office. That deliveryperson could be a hacker in disguise.

Consumers should be aware of the orphans they may leave while visiting online sites. If you set up an email or web account somewhere but aren’t using it, contact the site and ask them to delete it. Ironically, you may find some sites don’t have a procedure for doing so. Talk to their tech people and request written confirmation that your account has been deleted. Otherwise you never know what someone else might be doing in your name.

Next month we’ll talk about Alternate Web Browsers. Don’t forget to subscribe to the email version of Tech Tips for the latest computer news.

Because it may be a phony web pop-up, trying to convince you that your computer has an error. These pop-ups look remarkably like regular system alerts, but they’re really Web ads trying to get you to click and infect your computer. The notorious WinAntiVirus scam (aka Winifixer or the Smitfraud trojan) uses this ploy to convince you that your computer is at risk unless you install their purported product.

Other Web pop-ups may try to get you to click on seemingly legitimate ads or offers. It can be extremely difficult to tell the difference between a real ad and a fake one, or even between a real Web site and a malicious clone. You can test your Web savvy through the McAfee SiteAdvisor spam and spyware quizzes, which will show you just how deceptive these phony pop-ups can be. (I also recommend you install the SiteAdvisor plug-in for your browser.)

Worse, there’s the practice of clickjacking, which allows a malicious program to force your browser to click any link. This means you could get infected without any interaction on your part.

How can you protect yourself? Be sure to run the latest version of your antivirus software (see the Windows Help and Mac Help sidebars for suggestions). Windows users, don’t use Internet Explorer, try Mozilla Firefox instead. Using IE can increase your risk of infection. I also strongly recommend that you not click on web pop-ups, ever. Use Firefox’s pop-up blocker or a similar tool to keep the pop-ups away, and ignore the ones that do slip through.

Next month we’ll go over my Holiday Computer Gift Guide. If you have any computer questions, click Comments below this article, and be sure to sign up for the email version of Tech Tips for bonus tips and product reviews.

Common SQL attacks involve directing unsuspecting PCs (often owned by home users) at malicious Web sites. These sites infect the PCs with code that infects other web servers, and the vicious cycle repeats.

If you host your web services and are unsure if this affects you, contact your Internet provider. Consumers can help by keeping their web browsers up to date, and being aware of the prevalence of phony sites.