Introduction to online privacy
In this day and age, online privacy is integral. As the Internet has grown and developed over the last 15 years, the risk of fraud or identity theft has become greater. When you combine the threat of bank fraud, viruses, malware and the rise of social media, it’s more important than ever before to safeguard your personal information on the Internet.
Unfortunately, it’s now very easy to inadvertently give away your personal data. With fraudsters now targeting victims in a variety of ways and using scams on email and social networking to gain access to your details, you need to know the best practice ways of reducing the risk.
Who is tracking your personal data?
On the whole, most people now use the Internet in some capacity. Perhaps you take advantage of online banking to set up direct debits. Maybe you post regularly on Twitter or keep up with your school friends on Facebook. Possibly you’re only surfing the web for the latest news and sports results. Whichever way you treat the Internet; your personal data is there for all to find online.
This is a scary thought in itself. Even if you’ve never touched a keyboard, signed up to a newsletter or opened a social media account, there’ll be bits and pieces others can still access online. What’s more, this information is likely changing hands without your consent.
Of course, you’ll probably want your data to be protected from companies out to use information for their own personal gain. However, there are also instances where stored data can make it easier for you to browse and shop using the web.
For starters, information related to your credit history or car insurance will be shared between various parties and the Internet allows this to happen quickly and efficiently. If you apply for a loan, the lender will check your credit score, which assesses all the information available on your financial history (from the number of credit cards and missed payments, all the way through to files of bankruptcy).
However, not always is this sharing of data to your best interests. Whether you’re using your laptop, a tablet or even a smartphone, your online behaviour will be tracked and monitored to determine your characteristics. Your location, the websites or advertisements you click, the ones you ignore and much more will all be stored.
This information is then effectively sold to the highest bidder – so theoretically could end up anywhere. In today’s world web users will even be ranked, depending on the likelihood of them being potential customers.
For these reasons alone, it’s clear why you’d want to protect your personal information.
However, there are also times when this sharing of data can be of benefit. Take Facebook for instance. Because of the data stored online, Facebook is able to suggest new friends, upcoming events and even products you may find of interest.
The thing is, for the most part you’re able to opt out of data sharing, either by changing your settings and preferences or making sure to tick the right boxes. Throughout this resource we’ll talk in-depth on the best ways to keep safe on the web, whilst avoiding Internet scams and reducing the risk of being targeted by fraudsters.
Keeping safe online with tablets & mobile phones
In 2016 it’s estimated there’ll be two billion smartphone users worldwide. In the UK alone, over 97% of people own a mobile phone and as such, are likely to be using the Internet in some capacity.
The funny thing is though, people don’t tend to safeguard their mobile device as they would a personal computer. The chances are your laptop or desktop is equipped with antivirus software, so why wouldn’t you take the same preventative action for a smartphone?
Not only are mobile phones an easy target for thieves, but they’re also prone to attacks from malware through text messaging, email and even social media. In order to better protect your smartphone and with it, your personal data, look to follow the tips outlined below:
1. Always keep your handset locked
Whether it’s a smartphone or tablet, the chances are you’ll have applications and webpages with the password automatically saved. This could be Facebook, Amazon, eBay or even your personal banking. Keep your password safe and always lock the handset. If you haven’t already, change the settings to enable automatic locking when inactive for a certain period of time – 30 seconds or so.
2. Install location finding software
There are apps available to help you find and locate your smartphone in the event of theft. These could be standalone or even part of a larger security package, so take a look at your options. Find My iPhone is particularly popular and helps you locate the handset’s exact whereabouts.
3. Install an antivirus
There seems to be an odd misconception whereby people believe a mobile phone or tablet is immune to viruses and malware attacks. This simply isn’t the case though, with Android smartphones particularly susceptible. Consider installing an antivirus and update this as and when required.
4. Carefully consider your apps
When downloading and installing any updates, make sure to do so through the correct channels and avoid third party software. What could appear as genuine, may very well be an attempt to lure unfortunate victims into downloading malware files. Also, don’t authorise apps to conduct strange behaviour, such as sending text messages or accessing your camera.
5. Jailbreaking isn’t advised
Jailbreaking has been around for years and involves manipulating a device to remove the constraints put in place by manufacturers. This technique is common with computer consoles and allows users to play multiple video games without purchasing. However, the same can also be applied to smartphones. With jailbreak though, there’s the risk of removing security features that’ll leave your handset vulnerable to an attack.
6. Use cloud to back-up your data
All information stored on desktops, smartphones and tablets can be stored on a cloud-based service, whereby it’s kept safe. This allows you to remove data from your handset without losing it for good.
7. Avoid risky Wi-Fi connections
Your personal Wi-Fi is fine. So is 3G and 4G. However, if you’re traveling abroad or using a Wi-Fi you can’t fully trust, it’s heavily advised to avoid bank transactions, purchases or accessing of emails.
8. Don’t click email attachments willy-nilly
Modern smartphones allow you to access your emails at the touch of a button and push notifications even let you know the instant you receive new correspondence. Whilst this is great for both personal and business use, it also puts your handset at risk. In the same way you wouldn’t respond to spam emails, don’t open attachments from risky senders and beware of phishing (which will be explained in greater depth later in this resource).
How to shop safely on the Internet
Internet shopping is a big deal. For evidence, you only need to look at Black Friday, where over £1bn was spent online in just 24 hours. Of course, there are many reasons for this meteoric rise in popularity, with the ability to quickly and easily compare prices, whilst finding hard to track items, all from the comforts of your living room.
Whilst we’re not suggesting to steer clear of Internet shopping completely, it’s important to be aware of how best to buy both safely and securely. For instance, shopping with well known companies online is about as safe as it gets.
As a general rule of thumb:
- Steer clear of companies you don’t recognise, especially if they’re based overseas
- If in doubt, search them with Companies House
- Search for genuine reviews to determine the site’s reputability and customer satisfaction. This could raise alarm bells
- Keep a printout of all correspondence
- Check with your banking to ensure the correct amount of money has been withdrawn
- Avoid transferring money directly to someone’s account
- Try to use a different password for each site, rather than a generic one-fits-all that could compromise security.
How can I check a website is secure?
When inputting bank details online, you’ll want the trust and confidence the website is both genuine and secure. If it’s not either of these, there’s a huge risk your details could be stolen and used for fraud – losing potentially thousands of pounds.
Fortunately though, there are a number of ways to check a website’s reputability, so you never have to take a risk again.
1. The padlock symbol
A padlock symbol on the left-hand-side of your address bar indicates the webpage is secure. It has to be in this location, not anywhere else on the page.
2. The web address starts with https://
https:// as opposed to http:// is your safe bet, as the S stands for secure. This offers you a little more peace of mind when shopping online.
3. A green address bar
On some (not all) secure websites, part of the address bar will turn green as a show of trust. By clicking this part of the browser you’ll be able to find out more information on the security.
4. Valid certification
To check a website is valid, you can inspect its certificate. Either clicking on the padlock or to the left of the address bar allows you to see which name the site is registered under. If a warning sign appears, it would be advised to avoid using the website.
Guide to strong passwords
Almost every website in which you enter personal information, will require you to make an account. As part of this process, you’ll be asked to choose a password, which will be entered each time logging in. When it comes to cyber fraud, a strong password is the first line of defence.
As such, you should choose different passwords for each account that are not only memorable to you, but not easily guessed by others. It’s also advised to change these from time to time.
However, what’s the best way for setting a password for each account used online? Take a look at the following tips to get a better understanding of online passwords and how to protect your personal information.
• Choose a unique password
This should be the same for all of your important accounts, including online banking, email and social media.
• Keep passwords in a safe location
As you’ll be creating multiple passwords, it can of course be difficult to remember each. Writing these down would be useful, but don’t leave them around in an easy-to-find place.
• Use a combination of characters
Ideally, you’d use a combination of uppercase letters, lowercase letters, numbers and symbols to ensure it can’t be easily guessed. Also, the longer the password the better. Avoid using personal information as a password too, such a mother’s maiden name, your phone number or even favourite sports team.
• Make up a phrase
Struggling to come up with unique passwords that are memorable? Then consider making up a phrase and using the characters from this. For instance, ‘Premier Choice Internet offer bespoke solutions for your business’, could be shortened to PcIoBs4yB.
• Set-up password recovery options
It’s common for people to forget their passwords and as a result, become locked out of their account. In order to regain access, you’ll likely be emailed as a way to reset the password. Therefore, ensure to update your account should your email address change. You could also have a code messaged to your mobile phone, so it may also be worth syncing your handset to each account.
Many prefer the option of a mobile phone as it’ll likely always be in your possession – whereas emails can be accessed and a security question guessed. If you take the route of a security question though, customise this so it’s unique and not something that has been shared online or is well known.
Essentially, the more memorable and unique the password, the better protected your online accounts will be. Use the tips outlined above to increase your web security and ensure you’re never the victim of fraud.
Phishing & fake online webpages
Online phishing just doesn’t seem to go away and every day thousands of people are targeted by fraudsters sending fake emails and links to webpages. Popularly, fraudsters will create fake websites to mimic famous brands and then send emails to promote a click through. The sender could pretend to be from Amazon, eBay or even your personal bank.
Typically, the email will be phishing for your details. They’ll try to tempt you into inputting card numbers or logins, under the pretence there has been unusual activity on your account or you’re required to verify a transaction.
However, once you have provided these fraudsters with your details, they’ll be able to make purchases on your behalf, clear your bank account and even max out credit cards.
As such, any communication received by text or email from a number or address you fail to recognise should be treated with caution. The chances are you have received these in the past and treated them as spam, but you may well have landed on a fake ‘phishing’ website in the past, by simply mistyping a web address.
The trouble is, fraudsters are doing a good job of creating websites to look like the real deal. These could be complete with logos, advertisements and even articles and tips. If you’re in anyway unsure if the website is genuine, close the browser and retype the address. Never login to your account if you can’t fully trust the site.
To help you avoid falling victim to phishing websites, try following the tips outlined below:
• Lookout for misspellings
Phishing websites may look the real deal, but the chances are there’ll still be an obvious flaw – especially in the web address bar. Check for a common spelling mistake, such as a ‘1’ in place of an ‘L’. An example of a website to avoid would be www.paypa1.co.uk
• Check for https://
Most legitimate websites where it’s possible to make transactions will start with https:// and not http://. Double check both forward slashes are present, as well as the ‘s’ for secure.
• Don’t trust pop-ups
Recently, there have been a spark of phishing campaigns linking victims to real addresses, but then using a pop-up window for people to enter their details into. You should avoid entering your login information at all costs.
• Use fake information
Not sure if a website is genuine? Enter fake information and see what happens. Should the site log you in, you’ll know it to be a phishing site. Just bear in mind, some fraudulent websites will display an error warning regardless of what details are entered.
• Consider an anti-phishing web browser
Some browsers will detect phishing websites and warn you. Plug-ins are available for browsers including Firefox and Internet Explorer.
5 tips for keeping safe when shopping online
The chances are you’ll spend a considerable amount of time browsing online and shopping for goods. You don’t have to turn away from the method of shopping through fear of falling victim to fraud either and these tips are designed to give you confidence to shop safely and securely.
1. Use the household names
Want to shop safely online? Then choose household names with secure websites. Everywhere you can think of now has its own website, from John Lewis and Debenhams, to Marks & Spencer’s, Next and Matalan. Just ensure to spell the URL correctly, including the .co.uk or .net
2. Check for the padlock symbol
We’ve mentioned this earlier in the resource, but its importance can’t be overstated. The padlock symbol on the left of the address bar suggests the website is secure and can therefore be trusted.
3. Check your bank statements
Most people receive a bank statement through the post once a month, but you don’t have to wait 30 days to view yours. Instead, set-up online banking and regularly check your outgoings. This will help you catch unauthorised transactions early, so you can block the card and limit the damage.
4. Protect your desktop
Surprisingly, many still don’t protect their PC with the most basic form of antivirus software. This is simply asking for trouble. Antivirus solutions don’t have to break the bank and give you an extra layer of protection should you accidently install something untoward.
5. Always choose a strong password
By the time you’ve finished this resource you’ll likely be sick to death of us talking about the importance of strong passwords. But for any online banking or shopping, these are crucial to keeping your personal details safe and secure. A combination of characters is best and websites will often let you know the strength of a password as you type.
Online theft, viruses & malware
It’s not just through phishing techniques you may fall victim to identity theft or have your details stolen. In fact, by downloading certain files, you may unwittingly put malware onto your system, which will capture all usernames and passwords and steal other valuable information.
In this section we’ll aim to run you through how viruses and malware can attack your computer, as well as provide the best tips for avoiding problems.
Understanding viruses and malware
If you’re going to counter the threat of an attack, the first step is to have a complete understanding of the risk itself. For those not in the know, they believe a virus and malware to be one and the same. The truth is though; malware is simply one form of a computer virus – it just happens to be the most common.
• What is Malware?
Malware, like any other form of computer virus, is software written to harm your computer system, whilst having the ability to steal information and commit fraud. Other types of software that could attack your computer include Trojan horses, worms, spyware and adware.
• Common types of malware
Viruses: A virus will infect your PC once run and can even be spread to other computers. It’ll attack the PC’s software and dramatically reduce its operating speed.
Adware: Adware is designed to show adverts on your computer, which in turn can generate revenue for the creator. The malware tracks how you use the Internet and which sites you frequently visit. Not all Adware is malicious in nature, but it’s likely to reduce performance levels.
Spyware: As the name would suggest, spyware will track your usage, gather information and steal this for the creator’s fraudulent activities. Spyware is typically difficult to detect and you likely won’t be aware it’s in place.
Worms: This malware type is continually replicating itself and destroying your computer files and data.
Trojan Horse: Named after the famous Greek invasion, Trojan viruses disguise themselves to the user as safe-to-install. However, once run they’re able to steal personal data and can take full control of the system. For businesses, it can prevent your complete access to the network.
Ransomware: This advanced form of malware can take over your system and won’t release it until a fee has been paid. Therefore, it’s a type of blackmail. A well known version of ransomware is Cryptolocker.
Protecting yourself from online threats
Malware usually infects your computer system because you unwittingly installed it. What’s more, it can only affect your system when being run – rather than shutdown or deleted from the PC.
Essentially, the chances are you’ll be conned into installing malware thinking it to be something else. Not only will fraudsters need a knowledge of coding therefore, but also the ability to persuade victims to download their malware. Unfortunately, even those who’ve never fallen for a malware scam before, can still make the mistake of downloading.
So, where will this malware file be? Sometimes it’ll be packaged in with other legitimate software. Other times, clicking on a fake link can start the downloading of malware – This could be from an email attachment, for example.
The good news is though, it’s not difficult to safeguard your PC and have that extra layer of cushioning, in the event of making a mistake and accidently downloading malware. Bear the following tips in mind.
1. Protect your computer and regularly update software
Most PCs and laptops have security holes, which need to be filled with antivirus software in order to provide a 360 safety net. If left unprotected, these security holes can be targeted by malware. Not only should you keep your system updated, whether it’s Microsoft or Apple, but also install an antivirus software.
2. Beware of attachments and pop-up messages
Modern browsers now have the ability to block pop-up windows, reducing the chances of falling for a scam. However, when accessing certain pages the pop-up will imitate Windows or Apple messages and be difficult to close down. You’ll have to force quit where necessary. If you ever notice software downloading on its own accord, ensure to cancel this and remove any foreign programs, before running a full antivirus scan.
Likewise, email providers have become a lot better at filtering messages to send spam to the junk box. Some may still find their way through to your usual inbox though. If you ever feel uncomfortable about the origin of an email, avoid opening the attachment.
3. Report spam emails
If you start to find your email clogged up with spam, don’t just ignore it and report the emails to your provider. Avoid unsubscribing as these have been known to on occasions spark a malware attack. Social media is also a common hunting ground for malware, so if you notice suspicious postings from friends, the chances are their account has been compromised. Let them know, so they’re able to take action.
4. Be careful when installing software
Malware needs to be downloaded by the user to have an effect on your computer – so think twice before downloading new programs. Before downloading, Google the product and check it’s legitimate. This will certainly safeguard you from downloading known malware files.
5. Use your common sense
As with any walk of life, one of the crucial parts of keeping safe from malware is to simply use common sense. If you’ve an uneasy feeling about something, avoid downloading the file or clicking the link. Common sense should prevail.
The most common Internet scams
It seems the moment the Internet was born, scams became prevalent. The unfortunate fact is, millions of people have been affected over the years, becoming victims of fraud. For that very reason, criminals continue to create new malware and come up with novel ways to access PCs.
With that said, let’s take a look at five of the most common Internet scams.
The royalty email: Often known as the Nigerian Scam, this concept has changed over time and is nowadays rarely fallen for. Essentially, it’s one of those too good to be true offers, whereby the victim thinks they’ll be in receipt of a large sum of money. Typically, this will be in email form as a cry for help. By aiding (and providing your full details and bank account numbers), the sender promises to transfer cash as a thank you. The email will likely be from someone claiming to be regal, or a damsel in distress.
The bank account scam: Another email you may receive claims to be from your bank, or monetary service such as PayPal. They’ll say there has been unusual activity or your account will soon be locked – Unless logging in. The email link will likely take you through to a phishing website and by entering your details, you’re handing over the keys to your money.
Lucky iPhone winner: Or any other product to be precise. When browsing online, a pop-up could suggest you’re the 1,000,000 visitor and as such, entitled to receive a free iPhone. By entering your details, you’ll then have this shipped to your home. Of course, you’ll have to pay a processing fee – Again, goodbye money.
Foreign lottery winnings: Can you believe your luck? You just checked your emails and you’ve won a foreign lottery based on your email address. Can’t remember entering? That’s because you didn’t… To receive the millions of pounds though you’ll need to submit your card details. Don’t expect your bank to fill up though. Instead, prepare for the opposite.
Malware infection: A crafty trick this one – malware applications telling the user they’re already infected. This normally takes the shape of a pop-up and suggests you download the antivirus to remove the problem. The catch? You’re now downloading the malware.
Social media security
We’ve spoken in some length about the importance of safeguarding your information when shopping online and generally browsing the web. But what about social media? This is the latest craze and as such, fraudsters are starting to turn their attention to Twitter and Facebook to dupe unwitting victims.
Personal privacy tips for social media
Social media is everywhere and the chances are you have accounts on multiple websites. From Twitter and Facebook to MySpace and Instagram, people use these social media accounts to connect with friends, share videos and upload images. However, the rise in popularity of social media means you should be on guard.
If you want to keep your personal information safe when using social media websites, take advice from these tips:
• Take caution with private messaging links
Just because a private message claims to be from a friend, doesn’t necessarily mean they sent it. In fact, a common social media scam is to infect one user’s account and then send out multiple messages to all friends, advising them to click the link attached. Do so with caution though, as it could very well result in your account being infiltrated. Without clicking the link, hold your cursor over it and more information will be displayed at the bottom left of your webpage – This should help you determine if it’s safe to follow.
• Be careful what you post online
Security questions help you to access your account if you’ve forgotten any of the usual login details (username or password). Usually you’ll be required to set a secret answer to a question only you’ll know. Avoid using commonly known information or personal things you’ve posted in the past – This can include birthdays, mother’s maiden name, hometown or even first pet’s name. A hacker trying to access your account could activate the secret question and type in the correct answer
• Don’t click through from webpages or emails
Say you’re trying to access Facebook. Always type the full address into your browser rather than clicking through from an email. The email or webpage could be used for phishing and by entering your login details, you’ll quickly lose access to this social media.
• Don’t accept all friend requests
Your social networking should be reserved for friends, family or at least people you know. Avoid accepting requests from random strangers, as these could be fake accounts designed for phishing purposes. If a stunningly attractive female adds you, don’t take this the wrong way – But they’re probably not interested.
• Treat all posts as a permanent Internet footprint
Even by later deleting posts, the chances are they’ll still remain online in some capacity. Therefore, don’t expect to post something you can later remove. Photos and messages can be saved and printed – so avoid posting anything you could regret later on.
• Watch out for social media add-ons
There are plenty of games and add-ons to take advantage of with social media, but there’s the chance some could be criminals trying to access your personal data. Don’t allow applications to post on your account or share details.
• Educate your children on the dangers
If you have children, make sure to take the tips included throughout this resource to educate them on the dangers of shopping online and using social media. Help them to use these websites safely, without compromising their own personal details.