Basic Online Security for Non-Techies!
Everyone is on the internet these days be it from their smart phone, TV, tablet or computer. Either at work or in their spare time.
Most employees get a security course to go on when they start their jobs if they work for a large-ish company but the rest of us have to just cope with the ever changing risks of being connected online.
So here is a super basic and, hopefully, down to earth guide to keeping yourself safe online.
Let’s start with:
In the year 2054 we will still be using passwords. I hope not! But no doubt we will!
The current recommendation is to have three entirely unrelated words separated by a random symbol and to include a number somewhere. Where, exactly is up to you. You should not write this down. I know… The best place to store your passwords is inside of some kind of well-established password manager like BitWarden or KeePass which will store all of your passwords for you. If you have to write it down then please, please, please, please, please keep it in an extremely safe and unlikely place and not on a post-it note stuck to the monitor of your PC or under your mouse mat. If it’s there right now then throw it away! Literally, imagine it to be like your house key.
Also, do you have a router to access the internet at home? I imagine you do. This is a bit more advanced, but I highly recommend changing the password on that thing especially if it is very old, as there are tables of passwords for old routers floating about in the corners of the internet. This means someone else could use your internet for nefarious purposes if they really wanted to. Unlikely! But you never know. To change the password, look on the router itself or the manual that came with it, for instructions.
Always lock your computer or mobile device with a passcode or password when you leave it unattended.
Changing your password occasionally is always recommended especially when you think your account has be compromised. But if you aren’t taking steps to make your password secure in the first place then this is a pointless task. People will use computers to crack your passwords or check against lists of commonly used passwords. If it is a single word and a number of up to 8 characters (as was suggested a decade ago) then this will be crackable in no time at all. Test out some made up passwords here: Password Checker.
One more thing to note. Most IT professionals use something called MFA or multi-factor authentication or sometimes just plain 2 factor authentication. This just means there is an extra layer to accessing a website or service. For instance, the service may text you or use an app with which you can copy a code from to prove that you are really you. This is a great step in adding an extra layer of security to your private information.
OK. Now on to:
Emails! We still use them. If we’re still using them in 2054 then blah, blah, blah.. Anyway, in case you don’t know, email is a super insecure way to communicate. That’s right. Don’t trust emails. Full stop. Don’t open an email from someone you don’t know. Don’t open emails from people you think you know. And never click on links in emails from people you don’t know. Ever. When links in emails are used to scam you, this is referred to as Phishing. If you are unsure then look at the email address that the message has come from to see if it looks unusual. If you have a preview mode on your email client (Gmail, Outlook) then you need to turn that off too. And preferably find a setting that stops images loading in emails too.
Don’t or at least try not to send sensitive information over email. And report all suspicious emails. Even if they turn out to be legitimate, it pays to be suspicious and better safe than sorry. Usually there is a report spam or report junk button on your email somewhere that you can use. This will stop emails arriving from that address in the future.
In the blue corner we have:
Text Messages (SMS)
The year is 2054 and we’re still using SMS text messages to communicate. enough already!
Similarly to emails, don’t ever click on links in text messages. Don’t respond to messages from people you don’t know and don’t assume the text is from someone that they purport to be. They could be using a technique similar to Phishing known as Smishing. If you know the person’s number, then call them directly to check if they are really texting you. Look at the language of the message. Does it sound like them? Are there any unusual mis-spellings? If you’re feeling unsure about a conversation that you are having with someone, be it in email, text or even on the phone, then just get in touch with someone you know to get a second opinion.
A lot of us use social media to keep in touch with friends and family. We’re talking Facebook, Instagram, Twitter etc etc. If you are able to, ensure that your information is kept private and that any information that has to be public is of the bare minimum. If a website asks you for some detailed information about yourself then ask yourself if you really want to be handing that level of data over that particular organisation.
Try your best to remain savvy and visit the security section in the settings of any website you log in to to see if you can secure your data to a better extent. I would possibly get someone to assist you with this if possible.
Remember, anything and everything you post online will exist permanently somewhere. If you want to share personal images or information, don’t rush into it and think twice before you share anything.
These are handy but don’t put all your hopes and prayers into them. Anti-Virus software is just a list of nasty stuff (Malware/Spyware) that it will try and notice if it were ever to land on your computer or mobile device. You can’t rely on it to stop everything. You have to be responsible yourself. Which is why I’m writing this guide. Also, some anti-virus software will drive you crazy with spam notifications and other such delights. So pick carefully. Some well known ones are Avast, Norton, BitDefender and AVG.
If you’re reading this then you have heard of:
Google Chrome and Bing are very popular browsers. Do you know you can add extensions to stop adverts? They are easy to add and there are many extensions that can stop websites spying on you too. You can install from the Google Extensions or Bing Web Add-Ons web sites. Apps like Ghostery and AdBlock Plus are highly recommended.
Remember that web browsers are a bit like operating systems on their own (Windows/Mac OS) so they are much more sophisticated than they used to be. Stay safe and only visit websites that are reputable and you are aware of. I can’t stress that enough.
If you want to check the legitimacy of a website, something you can do to be sure is to click the address (maybe a couple of times on some browsers) and check that it starts with https://. This will ensure that it has what is called an SSL certificate and can be trusted for the most part. This is really important if you’re visiting a website like your bank or a shop.
Google is by far the most popular search engine probably followed by Microsoft’s Bing but one thing to mention is that the top few results are usually adverts. Double check that the posts don’t have the work Ad or Promoted next to them. This also applies to posts on social media. In fact, misleading promoted posts on social media have caught out the most savvy people I know. So always think before you click. If it seems to good to be true, it probably is.
If you would like to use a search engine that is a bit more friendly and less intrusive than Google I would suggest using DuckDuckGo, StartPage or Brave search. There are others but those are the most popular at the time of writing.
Most people use Windows on their PCs or laptops (I don’t. I use Linux. More on that later!). Just one thing to note here. Don’t EVER open anything that ends in .exe that has been sent to you. This is a program that will run on your computer. A picture usually ends in .jpg and an audio file with .mp3.
If you throw away a device or computer then ensure you have wiped the device thoroughly. You may need some assistance to do this but trust me. Hard drives, even after deleting and formatting (clearing away) all the data, it can still be retrieved. It isn’t even very difficult. Take the hard drive out and keep it as a backup, if I were you.
If you ever think you have been a victim of fraud or an attack on your personal data then contact Action Fraud if you live in the UK. I can’t guarantee they will do anything but they need to be told or nothing will ever happen. At all.
I really hope this guide has helped you. If it has then feel free to Buy Me A Coffee or if there’s anything you think I have left off or you want to know a bit more about something just let me know by clicking here.