You survived the scares of Halloween. But how about the nightmares lurking in the digital dark: "Rogueware," "SEO poisoning" or the truly creepy "Koobface?" These are the real monsters security firms such as Symantec (SYMC), McAfee (MFE) and Trend Micro are trying to protect us from.

And for good reason. These are dangerous times. Users must manage a new generation of Web-enabled threats, such as antivirus software that itself is a virus. At last year's LEET '10 security conference in San Jose, Calif., an analysis of 240 million Web pages found a shocking 11,000 of them distributed fake anti-virus code.

These are dangerous times, and users must manage a new generation of Web-enabled threats -- even antivirus software that itself is a virus.

Just a few days ago, Telenor SOC, the Norwegian-based communications and security firm, reported that the Nobel Peace Prize site was hacked and malware was installed on some user's computers who searched for Liu Xiaobo, this year's winner.

It even looks like Mac users' days of being security carefree are over: A "Windows-style" executable computer worm called Koobface (Facebook sideways -- get it?) exploits Windows and Apple Mac OS X users via Facebook.

"We are seeing a hacker or scammer getting you to sign onto a mobile social site, gain personal information and then turn it around and use it against you," says Tom Powledge, vice president and general manager for PC Tools at Symantec, the Mountain View, Calif.-based security firm.

To keep you safer this week when scariness abounds, here is my annual roundup of security tips and tools:

Nothing is free, especially security software.
Yes, major security firms such as AVG, Panda Security and F-Secure offer powerful online tools for free. But what business person has the time to make these tools work? None. And why bother? Perfectly reasonable integrated security code from, say, PC Tools (the off-brand product from Symantec), starts at just about $30. Now come on, we are talking about $30 a year to save you hours of hassle and protect your one and only identity. Buy some real protection, for crying out loud. And buy it right now.

Read it and weep: Mac users need security software now, too.
Those glory days when Mac users could blithely do as they please online, secretly mocking their security-addled Windows cousins, are over. While I firmly believe Mac OS X code still is more secure on average than Windows technology, it is no longer fully secure. Look around and you will find a new generation of Mac-based security tools that agree with my assessment. My pick of the new Mac security litter is Intego of Austin, Texas. For $50 -- yup, Macs are pricier to secure as well -- you get an impressive security suite with a sweet interface and some excellent security definitions. I also like Little Snitch ($30 per seat), which is an effectively bombproof firewall for the Mac. And let's not forget Norton Internet Security for Mac for $80, which offers effective -- if a bit bland for Mac-heads -- security.

Be smart with the smartphone.
The big security story now is the complete lack thereof on mobile smart devices. People don't seem to think twice about carrying around all their personal information -- unsecured, no less -- on their Apple ( AAPL) iPhones, Motorola ( MOT) Droids and BlackBerrys ( RIMM). At the very least, keep critical stuff such as Social Security numbers, bank account info and other must-not-lose info off your phone. Then use long, rugged passwords -- with lots of weird numbers and punctuation marks -- on your mobile device's security settings. But there is no substitute for beefed-up security apps such as Keeper ($30) from Callpod for Android phones or 1Password from Agile Web Solutions ($10) for the iPhone. Both encode your information and protect it with high-quality passcodes and improved levels of security.

Bottom line: Whatever you do, folks, be smart. These days, you really do need your raincoat on out there.

>To submit a news tip, email:


Follow on Twitter and become a fan on Facebook.

Jonathan Blum is an independent technology writer and analyst living in Westchester, N.Y. He has written for The Associated Press and Popular Science and appeared on Fox News and The WB.