How to stay safe online continues to be a hot topic in the media and in general. When we use the phrase “online safety” many people automatically jump to the concept of protecting kids online and whilst this is a very important area, I want to address the other component on this which is how to keep your content and computer safe online.

Last week I was on social media and noticed that a close relative had posted over 20 images for a weight loss program to their social media account. I instantly knew that the account had been hacked. The post had tagged all 168 friends in the images and so I quickly jumped on the phone to help sort out the issue. Not only did I need to fix the hacked account and secure it but we then needed to change passwords for a variety of other accounts which were using a variation of the password which was compromised.

This is happening on a regular basis with many users across the globe so I want to take this opportunity to outline some fundamental steps you can take to keep yourself and your data safe online.

Use a Firewall

When people hear the term “firewall” they generally have no idea what that means, much less how to get one.

A firewall is a security feature which protects your device from the outside world by creating a barrier between you and the rest of the Internet. A firewall can come in the form of an actual device you install on your computer, or software which is installed like other apps on your device.

Think of this analagy, your computer is like a house. It has a front door and a bunch of windows which if left open can let anyone inside. If you put up a firewall, like a 10ft high fence around your house, this blocks people from getting even remotely close to your front door or windows.

So how do you get a firewall?

The good news for those with a Microsoft Windows based computer is that you have one already installed. Microsoft Windows comes with the Microsoft Windows Defender Firewall by default. All you really need to do is check that it is on and running.

Click the Start button and choose Settings

Click Update & Security
Now select Windows Security

Select the Firewall & network protection option
A separate Windows Security window will open

Ensure that the firewall is shown as on for your active network.
If any network firewall is showing as off, click the Turn on button to activate it.

Use strong passwords

Please use strong passwords. It’s as simple as that. A strong password means that you use a combination of letters, numbers and symbols. A great idea is to use a phrase as your password rather than just a “word with some numbers”.

E.g. UseAPhrase&Symbols&Numbers!_

I’ve heard it a million times, “I use the same password for everything.”.

While using the same password for everything makes it easy to remember, it also makes it easy for a hacker to access ALL of your accounts.

Let’s think about this for a second. Let’s say I have an account with Facebook, Instagram, LinkedIn, my online banking, my online grocery shopping, my Microsoft account, my Netflix and Stan accounts and many many more. Of course you signed up to all of these services using your one email address. So if you also used the same password for every single account then it will only take a hacker to work out your password on ONE platform and then they’ll go and try all these other platforms to see if the same email address & password combination works there also. Chaos then ensues.

If you currently use the same combinations let’s take a moment to see what you need to do:

Make note of your online accounts.
Go through and log in to each and use the change password function which they will all have, and change your password to a unique passphrase with letters, numbers and symbols.
Record the new passwords in a safe place.

Keep your antivirus programs up to date

One of the crucial programs you should have installed on any computer it an antivirus program. Antivirus, or antimalware, is designed to be able to detect and block potential infection of your computer by known sources such as email viruses, malware and other online nasties.Not only do you need to have antivirus installed but you need to ensure it is kept up to date. The software should receive regular updates to the virus definitions that are used. This is like a big list of virus threats so that it knows what to look for and block.If you DO NOT have any antivirus program on your computer then here are some good ones to choose from:

Most of these programs offer multi-device licence options so that if you have multiple computers in your household or business, you can purchase one licence to include all devices.Now it doesn’t stop there. Once you have an antivirus program installed you need to ensure they update regularly so you get the latest updates to ensure any new virus’ can be detected etc.To check for updates:

Click the Start menu and scroll till you find your antivirus program listed. (P.S. I’m using Malwarebytes)

Locate your antivirus program in the start menu.

Click the program to launch it.
Most programs will show you some type of status such as identifying that you need to Update, or that you are due to Scan your computer.

Check the status of your antivirus program.

Follow the prompts until the antivirus program shows you that everything is good.

Back up your data

Should the worst happen and your computer is infected with a virus, your data will almost always be affected. If you don’t have a backup of your computer then you potentially may loose some content whether that be documents or treasured photos.

I have written some extensive articles on my training blog about how to backup your computer so be sure to check those out and implement a backup for your computer ASAP.

Security precautions when using email

Email is a wonderful thing. For many of us we rely on it daily. But along with the amazing benefits you also need to remember that email is a source of hoax emails and scams.

Just opening my deleted items right now I can find a hand full of hoax emails which would cause issues on my computer if I were to open them. Take a look at just some of the examples below.

The example above shows an email which looks business related. It has a cheerful message and looks to be for an order this month.

If I didn’t pay close attention I could quickly double click and open the file attachment. However, I’m always cautious when it comes to attachments and look to see what the Sender email address is. In this case it says “account@monishea.shop”. I have never heard of this business.

I also note that the attachment is not a common file type. It is a .GZ file format. Not a common one and certainly not one that would normally be sent for invoices etc.

I know that this is a hoax email and delete it immediately.

This next example is pretty clever. It looks like a legitimate email. The website mentioned is one of my clients. It says it has almost run out of disk space and I can use a tool in order to prevent data loss. The URL link looks like it goes through to my clients website. But when I hover over the actual link I can see the REAL link address which is shown below.

If I had’ve clicked the link it would have taken me through to a completely different website where it may ask me to enter the username and password to login. If I enter it then that website would then have the username & password to access my clients website.

I know this is a hoax so I delete it immediately.

Does it sound suss?

One important point to remember is that NO Australian company will ever email you asking for you to update your password via email, or confirm your bank account details, or click a link to claim a long lost inheritance. Links and attachments should always be approached with caution.

A few simple tips will help you here:

Do not open attachments if you don’t know the sender OR don’t know what the file is.
Do not click on links asking for you to do anything which asks for usernames or passwords or your personal information.

Hackers are getting more and more clever. As an example my husband received an email with my Mum’s name as the sender. The email had a link to click on. On closer look, although my Mum’s name was in the From field, the email address listed was not one he recognised.

All in all if you aren’t sure about the link or attachment, locate a legitimate phone number for the business or person online (don’t use phone numbers provided in the hoax emails), and call and ask if it is legitimate.

Security precautions when browsing the web

Now that we’ve covered your computer and email, let’s talk about how you can stay safe when browsing the web.

Unfortunately there are many ways that the simple process of browsing a website can end up with nasty results. There are some simple precautions you can take when browsing:

Avoid downloading files from websites you don’t know or trust.
Avoid high risk websites such as adult sites, online gambing sites and file sharing sites.
Keep your computer up to date.
Keep your antivirus software up to date.
Bypass links in emails and search for the authentic websites URL you need to access.
Check your web browser security.
Be cautious if you encounter a pop-up window – do not click on it or any links in it.

When making online purchases make sure you are purchasing from a reputable company. Perform a quick google search on the company to see any online reviews.

Always make sure online purchased are made via encrypted or secure websites. The best way to tell is to look for the pad lock in the address bar.

Other Scams

A really popular scam which has been happening for several years is a phone based scam. I LOVE it when they ring me for this one. I play along for a little while and then BAM they get an earful.

It goes something like this.. “Hello Ma’m, I am {InsertName} from {InsertBusiness} and we have identified a virus on your computer via your internet connection. If you have a moment I can connect into your computer and remove the virus.”.

They do change up the company they work for but the idea is the same. “Unusual activity on your computer” and “we will fix it”.

They then step you through connecting your computer to them where they take remote control and begin “troubleshooting” your computer for you. What they actually end up doing is upload a virus to your computer, which they then in turn tell you they can remove for the low cost of $InsertAmountHere.”. You’d be surprised how many people actually get caught out by this one. If you say “Oh I’ll get my daughter/grandson/friend to fix it instead” they will often get irritated and then if you hang up, get ready for the repeated phones calls to try and get you back on the phone to pay them.

Let’s make one thing very clear. NO internet provider is monitoring your internet connection to see if you have a virus infection. If your computer has a virus THEY DON’T CARE and certainly won’t contact you to let you know.

Never allow ANYONE to connect into your computer to do anything unless it is a friend or family member/computer guru you personally know or someone associated with your place of business.

Australian Cyber Security Centre

The Australian government has a dedicated website to help you stay safe online. The Australian Cyber Security Centre has a wealth of information to help individuals, families and businesses alike.

Now that you have a good idea of some basics, I highly recommend you check out what the ACSC has to help you further.

The ideas outlined here really only touch the surface of what online security can encompass.