In today’s world, the internet plays a big role in how we live and connect. It shapes our daily lives in countless ways. From chatting and shopping to working and studying, it’s an integral part of our world.

Amidst the convenience, there are potential risks that can compromise our safety.

In this blog post, I’ll guide you on how to stay safe online and provide practical tips to ensure your online experiences are secure and enjoyable.

Last week I was on social media and noticed that a close relative had posted over 20 images for a weight loss program to their social media account. I instantly knew that the account had been hacked. The post had tagged all 168 friends in the images. I quickly jumped on the phone to help sort out the issue. Not only did I need to fix the hacked Facebook account and secure it but we then needed to change passwords for a variety of other accounts which were using a variation of the password which was compromised.

This is happening on a regular basis with many users across the globe. Let’s look at some fundamental steps you can take to keep yourself and your data safe online.

Use a Firewall

When people hear the term “firewall” they usually have no idea what it means, much less how to get one.

A firewall is a security feature that protects your device from the rest of the internet. A firewall can come in the form of a physical device you attach to your computer, or as software you install.

Think of this analagy, your computer is like a house. It has a front door and a bunch of windows which if left open can let anyone inside. If you use a firewall, it is like having a 10ft high fence around your house. The firewall blocks people from getting close to your front door or windows.

How do you get a firewall?

For those with a Microsoft Windows based computer, you already have one installed. Microsoft Windows comes with the Microsoft Windows Defender Firewall by default. All you need to do is check that it is on and running.

If you are using a Windows 10 computer, follow these steps to check that the Windows Defender Firewall is active.

Click the Start button and choose Settings:

Click Update & Security.
Now select Windows Security:

Select the Firewall & network protection option.
A separate Windows Security window will open:

Ensure that the firewall is shown as on for your active network.
If any network firewall is showing as off, click the Turn on button to activate it.

If you need more information about how to turn on Microsoft Defender Firewall, check out this Microsoft artcile which outlines both Windows 10 and Windows 11 steps.

Use strong passwords

Use strong passwords.

It’s as simple as that. A strong password means that you use a combination of letters, numbers and symbols. A great idea is to use a phrase as your password rather than a “word with some numbers”.

E.g. UseAPhrase&Symbols&Numbers!_

I’ve heard it a million times, “I use the same password for everything.”.

Even though using the same password for your online accounts makes it easy to remember, it also makes it easy for a hacker to access all of those accounts.

Let’s think about this for a second. Let’s say I have an account with Facebook, Instagram, LinkedIn, online banking, online grocery shopping, a Microsoft account, a Netflix and Stan account and so on. Of course you sign up to all these services using your one email address. So if you used the same password for every account, then the hacker only needs to work out the password for ONE account and they’ll then try all the other platforms to see if you used the same email address & password combination for all. Chaos then ensues.

If you currently use the same combinations, let’s take a moment to see what you need to do:

Make a list of your online accounts. Either on paper (if you want to go ‘old school) or in a program such as Microsoft Excel.
Go through and log in to each online account. Find the option to change your password and make each one a unique passphrase with letters, numbers and symbols.
Record the new passwords in your new safe place.

Keep your antivirus programs up to date

One of the most crucial programs you should have installed on any computer it an antivirus program.

Antivirus, or anti-malware, is designed to detect and block potential infection of your computer from known sources such as email viruses, malware from the Internet and other online nasties.

Not only do you need to have antivirus installed but you need to ensure it is kept up to date. The software should receive regular updates to protect you from the latest virus to hit the internet.

If you DO NOT have any antivirus program on your computer then here are some good ones to choose from:

Most of these programs offer multi-device licence options so that if you have multiple computers in your household or business, you can purchase one licence to include all devices.

Now it doesn’t stop there. Once you have an antivirus program installed you need to ensure they update regularly so you get the latest updates to ensure any new virus’ can be detected etc.

To check for updates:

Click the Start menu and scroll till you find your antivirus program listed. (P.S. I’m using Malwarebytes)

Click the program to launch it.
Most programs will show you some type of status such as identifying that you need to Update, or that you are due to Scan your computer.

Follow the prompts until the antivirus program shows you that everything is good.

Back up your data

Should the worst happen and your computer is infected with a virus, your data will almost always be affected. If you don’t have a backup of your computer then you potentially may loose some content whether that be documents or treasured photos.

I have written some extensive articles on my training blog about how to backup your computer so be sure to check those out and implement a backup for your computer ASAP.

Precautions with email

Email is a wonderful thing. For many of us we rely on it daily. But along with the amazing benefits you also need to remember that email is a source of hoax emails and scams.

Just opening my deleted items right now I can find a hand full of hoax emails which would cause issues on my computer if I were to open them. Take a look at just some of the examples below.

The example above shows an email which looks business related. It has a cheerful message and looks to be for an order this month.

If I didn’t pay close attention I could quickly double click and open the file attachment. However, I’m always cautious when it comes to attachments and look to see what the Sender email address is. In this case it says “account@monishea.shop”. I have never heard of this business.

I also note that the attachment is not a common file type. It is a .GZ file format. Not a common one and certainly not one that would normally be sent for invoices etc.

I know that this is a hoax email and delete it immediately.

This next example is pretty clever. It looks like a legitimate email. The website mentioned, is my husband’s website. It says it has almost run out of disk space and I can use a tool in order to prevent data loss. The URL link looks like it goes through to my husband’s website. But when I hover over the actual link I can see the REAL link address which is shown below.

If I had clicked the link it would have taken me through to a completely different website where it may ask me to enter the username and password to login. If I enter it then that website would have the username & password to access my husband’s website.

I know this is a hoax so I delete it immediately.

Does it sound suss?

One important point to remember is that NO Australian company will ever email you asking for you to update your password via email, or confirm your bank account details, or click a link to claim a long lost inheritance. Links and attachments should always be approached with caution.

A few simple tips will help you here:

Do not open attachments if you don’t know the sender OR don’t know what the file is.
Do not click on links asking for you to do anything which asks for usernames or passwords or your personal information.

Hackers are getting more and more clever. As an example my husband received an email with my Mum’s name as the sender. The email had a link to click on. On closer look, although my Mum’s full name was in the From field, the email address listed was not one he recognised.

All in all if you aren’t sure about the link or attachment, locate a legitimate phone number for the business or person online (don’t use phone numbers provided in the hoax emails), and call and ask if it is legitimate.

Precautions when browsing the web

Now that we’ve covered your computer and email, let’s talk about how you can stay safe when browsing the web.

Unfortunately there are many ways that the simple process of browsing a website can end up with nasty results. There are some simple precautions you can take when browsing:

Avoid downloading files from websites you don’t know or trust.
Avoid high risk websites such as adult sites, online gambing sites and file sharing sites.
Keep your computer up to date.
Keep your antivirus software up to date.
Bypass links in emails and search for the authentic websites URL you need to access.
Check your web browser security.
Be cautious if you encounter a pop-up window – do not click on it or any links in it.

When making online purchases make sure you are purchasing from a reputable company. Perform a quick google search on the company to see any online reviews.

Always make sure online purchases are made via encrypted or secure websites. The best way to tell is to look for the pad lock in the address bar.

Other Scams

A really popular scam which has been happening for several years is a phone based scam. I LOVE it when they ring me for this one. I play along for a little while and then BAM they get an earful.

It goes something like this.. “Hello Ma’m, I am {InsertName} from {InsertBusiness} and we have identified a virus on your computer via your internet connection. If you have a moment I can connect into your computer and remove the virus.”.

They do change up the company they work for but the idea is the same. “Unusual activity on your computer” and “we will fix it”.

They then step you through connecting your computer to them where they take remote control and begin “troubleshooting” your computer for you. What they actually end up doing is upload a virus to your computer, which they then tell you they can remove for the low cost of $InsertAmountHere.”.

You’d be surprised how many people actually get caught out by this one. If you say “Oh I’ll get my daughter/grandson/friend to fix it instead” they will often get irritated and then if you hang up, get ready for the repeated phones calls to try and get you back on the phone to pay them.

Let’s make one thing very clear. NO internet provider is monitoring your internet connection to see if you have a virus infection. If your computer has a virus THEY DON’T CARE and certainly won’t contact you to let you know.

Never allow ANYONE to connect into your computer to do anything unless it is a friend or family member/computer guru you personally know or someone associated with your place of business.

Australian Cyber Security Centre

The Australian government has a dedicated website to help you stay safe online. The Australian Cyber Security Centre has a wealth of information to help individuals, families and businesses alike.

Now that you have a good idea of some basics, I highly recommend you check out what the ACSC has to help you further.

The ideas outlined here really only touch the surface of what online security can encompass.