e Safety Facts & Tips
Recent ransomware attacks on thousands of computers in the UK remind us of the importance of protecting yourself and your data. These days, our lives are more connected than ever – and online safety has never been more necessary.
That’s why we’ve put together this comprehensive guide to staying safe online, bringing together everything you need to know in order to stay safe online.
- Malicious software and viruses can take many forms – and while their removal can be troublesome, our guide should have your computer back to rude health in no time at all.
- In our section for kids and parents, we reveal how to keep the youngest and most vulnerable internet users safe on social networks, YouTube, the World Wide Web and beyond.
- In the passwords section, you'll find out everything you need to create secure, practically unbreakable passwords – and how to keep them safe from prying eyes.
- Our email safety guide will show you how to spot the worst scammers, fraudsters and malware, keeping your most valuable information safe from cyber criminals.
- Our safe web browsing tips cover all you need to know to stay safe on the web – from online shopping to virus protection.
- Social networks like Facebook and Twitter can be full of hazards – but our Agents will help you manage your online presence, protect your privacy and avoid some of the worst scams.
Viruses and other malicious software, or 'malware', can come in many forms – and the risks can vary depending on exactly what your machine has come into contact with.
Avoid most ransomware or malware by keeping your devices up to date! Microsoft have released necessary updates for Windows XP, Windows 8 and Windows Server 2003 that should prevent ransomware from appearing on your computer.
Sometimes, it's obvious when your system has been infected: nasty viruses called 'ransomware' will lock access to your computer and charge a fee to restore it, while other examples might bombard you with pop-up ads or redirect your browser to unwanted web pages.
Other examples are more subtle: the first clue that your computer has picked up an infection might be that it's simply running much more slowly, or producing odd error messages from time to time.
But if you suspect your computer has picked up a virus or other infection, how should you deal with it?
Prevention is better than cure
Of course, the best way to deal with malware is not to get infected in the first place – although this is easier said than done!
But there are a few steps you can take to stay safe. First and foremost, follow the advice below about safe email use and safe web browsing. Most viruses and malware come from dodgy email attachments or unsafe web downloads, and being aware of the risks here can save you a lot of headaches in the long run.
You should also make sure that you're running the latest software for your gadgets. Apple's iOS v10.3 will protect your iPhone or iPad from 'fake' ransomware attacks that use Java to lock you out of your devices. Likewise, Microsoft recently announced an update to their older and generally unsupported operating systems like Windows XP and Windows 8 - the most common victims of ransomware. Open your Start menu, click on Control Panel and type Windows Update into the search box in the top-right corner of the Control Panel window. You will now be able to search for and install any available updates for your computer.
The other big preventative measure is simply to run an up-to-date, reliable antivirus program.
More recent versions of Windows come with either Windows Defender or Microsoft Security Essentials, which are both pretty decent – visit Microsoft's site here for more information on how to use them.
But for more thorough protection, it might be worth checking out a third-party antivirus program:
Avast Antivirus has a full-featured free version and has a great reputation for security, while Bitdefender Antivirus Plus costs £29.95 per year, but comes with some great extra features like an anti-phishing module that scans your Google search results for dangerous links and automatically blocks websites that are known to be dangerous.
What to do if you're infected with malware
But let's say the worst has happened, and your machine has picked up a virus. What next?
Well, the first step is to diagnose the problem. Even if you can't fix it yourself, knowing the name of the malware can help point you in the right direction.
For that reason, if you don't already have one installed, grab one of the antivirus programs mentioned above and run it, if at all possible. Some trickier malware may actually prevent well-known antivirus programs from running – in which case, it might be worth trying an alternative. This list from TechRadar is regularly updated and should point you in the right direction.
Assuming you're able to run the software, it should tell you what kind of malware you're dealing with. Make a note of this somewhere safe: it's extremely useful information if you need to take your computer in for repair.
If you're really lucky, the antivirus software will be able to fix your malware problem at the touch of a button. This may be a lengthy process, and might require you to restart your machine and run the software again once or twice – but for less serious infections, it might be all you need to take care of the issue.
But unfortunately, it doesn't always work out that way. A malware infection can be an extremely complex problem to solve – but if you can't take care of it yourself, a professional can almost certainly help.
What to do if your antivirus software doesn't work, or you can't run it
Sometimes, antivirus software just isn't an option: you might be entirely locked out of your machine due to a particularly nasty piece of 'ransomware', or the malware might be preventing your antivirus program or web browser from running altogether.
In this case, there's not much more you can do by yourself – and it's probably time to call in a professional to help.
Naturally, we'd recommend our own Geek Squad technical support: our Agents are standing by in store to help with any number of tech support issues including virus removal, and they're also on the phones 24 hours a day, seven days a week, every day of the year! Click here to find out more about the one-off tech support services we offer.
But whoever you choose, if malware is giving you a headache, you can save yourself a lot of hassle and heartache by turning to an expert.
If you're a parent, carer, teacher or other adult who's responsible for looking after children, keeping them safe online can be challenging and confusing – but we've got some tips and advice to help you out.
The internet can be a great resource for learning and education – but there are significant risks for young children. These include:
- Inappropriate content, including pornography and age-restricted sites
- Sharing personal information with friends or strangers on social media
- Grooming and sexual exploitation
- Running up bills on in-app purchases
Keeping children safe online
First and foremost, the number one way to keep your children safe online is to talk to them about their experiences. These guidelines come from children's charity NSPCC – their full online safety guide for kids makes for absolutely essential reading.
- Explore sites and apps together: ask them what they like, what they use, and what their friends are into. If you think something is inappropriate, discuss it with them and be prepared to explain your reasons. If you haven't heard of a particular site or app, NSPCC NetAware can provide useful information.
- Ask about things they've seen that make them uncomfortable: and make sure they know they can talk to you about anything they've seen online that unsettles them. Likewise, make sure they know how to block or report anything troubling that they've seen.
- Make sure they know what's OK to share: emphasise the importance of never sharing personal information, like names and addresses, with strangers online – no matter how friendly they are. Take particular care to let them know about the dangers of sending selfies and personal pictures – 'sexting' is a particular danger for underage children.
- Supervise children wherever possible: in reality, this might not always be easy – but it's the single easiest way to make sure your kids are following the guidelines and practices you've laid out for them.
- Take particular care with social media: kids are particularly succeptible to scams, impostors and worse on social networks like Facebook, Twitter and Snapchat. See our section on social media safety below for some specific tips.
Ultimately, you need to make sure you children are comfortable talking to you about the things they experience online. This means being prepared to explain things – not setting arbitrary boundaries for kids to rebel against.
If your kids do behave inappropriately online, try not to overreact: getting angry might be a natural response when you're worried about your child's safety, but it will make them less likely to bring their concerns to you in future.
While it's crucial to talk to kids about their online behaviour, it also makes sense to use 'parental control' software that restricts access to certain risky sites or apps.
We've put together a selection of guides to help you do just that on various platforms:
- How to set up parental controls on iPhones and iPads
- How to set up parental controls on Android smartphones and tablets
- How to set up parental controls on Windows 10
- How to set up parental controls on Windows 8
- How to set up parental controls on Windows 7 and Vista
- How to set up parental controls on Mac OS X
Child safety is a crucially important issue, and we've only given a brief overview here. If you're responsible for kids, there's some extremely useful information available with the following resources:
- The NSPCC has a very detailed guide to child safety online, packed with practical advice and tips on everything from games and social media to the risk of grooming and child exploitation.
- CEOP – the Child Exploitation & Online Protection Centre – from the National Crime Agency offers particular advice on grooming and exploitation, with advice aimed directly at children of different age groups as well as guidance for parents and carers, and you can also report suspected online exploitation to them directly.
- InternetMatters.org is a not-for-profit organisation offering a number of very useful guides – covering cyberbullying, online grooming, sexting, inappropriate content and more.
Reading through these is a fantastic use of your time if your responsible for childrens' welfare – don't miss them.
While it's crucially important to supervise your kids online, there are a number of apps and services which make things safer for young users.
Our Agents have a fantastic article on the best games and apps for young kids – but here are some specific options to consider:
- YouTube Kids (iOS / Android) is a fantastic way for youngsters to seek out videos they'll love – and you can rest safe in the knowledge that they won't encounter anything inappropriate. The app also allows you to disable certain functions, like search, and even lets you set a timer. This is a brilliant alternative to the 'grown-up' YouTube app!
- BBC iPlayer Kids (iOS / Android) is essentially a very similar proposition – except that here, the content is drawn from the BBC's vast range of child-friendly content.
- Sesame Street Go (iOS / Android) comes from the team behind the long-running kids' TV show, and it's packed with clips and educational games to keep young minds safely occupied.
Passwords are everywhere on the web: from your social media accounts and email to that terrible eCard website you signed up for back in 2003.
And because we have more passwords than ever these days, it’s never been more important to make sure you’ve got good password habits.
In fact, we’ve put together an entire article on the subject, which you can read here – but here are the most important points to remember:
- Never use the same password across multiple sites, especially for your most important accounts like social media, email and online banking. That way, if one account is breached, you other data is safe at least.
- Make your password as long as possible. Many people stuff their passwords with numbers and special characters like ‘!’ – but in fact, the best way to improve them is simply by making them longer! A longer password is much more difficult to crack – consider using a memorable phrase or sentence so that it’s easy to remember.
- Avoid personally identifying information, like birth dates or years, or the names of children or pets. All of these things make it easier for people who know you, or can find the information, to work out your password.
- Finally, consider using a password manager app. These apps, like LastPass, 1Password or Intuitive Password, help you generate unique, secure passwords and fill them in automatically on the websites you visit. Ultimately, this is probably the single best way to ensure password security.
Email has been around for far longer than Facebook and Twitter – and we still see variations on email scams that have been around for more than a decade! But your inbox doesn’t have to be a minefield – here are our tips for keeping it safe.
Beware of attachments – especially from unknown senders
Generally speaking, you’re not at any particular risk just by opening an email on your computer, whether that’s in a dedicated email program like Outlook or a web-based provider like Gmail. But attachments – files attached to emails which you’re asked to download – are another story entirely.
Email attachments can contain all manner of nasties: from relatively innocuous but annoying programs that’ll email themselves to everyone in your address book to serious viruses that can access your most valuable and sensitive data. And it’s not just programs and executable files that put you at risk: even Word documents can be powerful vectors for cyberattacks.
For that reason, never open an attachment that you weren’t expecting – even if it appears to comes from someone you know and trust. Sometimes, when dodgy attachments come from your contacts, it means their account has been compromised – and some cybercriminals go to great lengths to make it seem like their messages are coming from a legitimate source, like a bank. In fact, we’ve more on this below!
Watch out for 'Phishers'
Aside from dubious attachments, ‘phishing’ is the other great threat lurking in your email inbox.
The term refers to email messages that seem to come from sources you trust: generally a social media platform like Facebook or your online banking provider. But in reality, the messages are sent by criminals – and the aim is to steal your password or other personal details.
These messages will often try to scare you into action by telling you that your account has been compromised, or is at risk of being deleted – and to stop this from happening, you need to reply with your password or visit a certain link.
But doing so is a mistake: responding with your password will send it straight to the scammers, while clicking the link will often take you to a fake login page, where your personal details will be harvested.
It goes without saying this opens you up to all sorts of trouble, from losing control of your social media accounts to having your online bank account raided. So how do you spot the dodgy emails?
Very often, the scammers will make it obvious by littering their messages with misspellings, unofficial-looking images and other errors. These are a sure-fire sign that you’re dealing with a phishing message.
Some, however, are more sophisticated, and replicated the official emails very closely. In any case case, you should always look closely at the destination of any link in an email before you click it. For most web-based email accounts, you can do this by hovering your mouse over the link: you’ll see the web address the link points to at the bottom of the browser window. If this is anything other than what you’d expect – ‘Facebook.com’ or ‘HSBC.co.uk’ for example – don’t click! And do make sure to look closely: savvy scammers will often try to make the address look similar to the one you’d expect.
Finally, a rule of thumb: neither your bank, email provider or social media accounts will ever ask you to send your passwords or other sensitive personal data over email. If you see a message requesting this kind of information, you can safely ignore it.
Most websites are safe – but not all of them! Visiting the wrong page can be just as risky as opening a dodgy email attachment, and could expose you (or your kids) to some seriously inappropriate content.
That’s why we’ve put together this collection of tips to help you stay safe online – read on to find out more.
Avoiding imposters and scammers
As with email, ‘phishing’ – malicious web pages that pretend to be the login pages for sites like Facebook or your online banking provider – is major threat on the web.
Sometimes you’ll see a phishing site because you’ve clicked the wrong link, or simply been the victim of a malicious pop-up ad – but if you ever see a login page when you’re not expecting it, be on your guard!
These pages can be very convincing, but they do have some obvious giveaways. Most telling is the web address, or URL, which you’ll find at the top of your browser window. Always look at the web address before you enter your personal details – if you see anything other than, say, ‘Facebook.com’ or ‘HSBC.co.uk’, leave well alone. Keep a close eye out for misspellings, unusual characters or numbers.
Beyond phishing, web users are increasingly falling prey to online scammers who pose as legitimate online shops – but then vanish along with your money.
To avoid these, always make sure you check for physical addresses, phone numbers and other contact details before you make an online purchase – particularly for items like toys and concert tickets which are routinely the objects of scams. If in any doubt, get in touch with the company or seller by phone or email before placing an order to check the website is genuine.
Finally, be very careful with any sites featuring offers that are too good to be true. This is good advice in any consumer situation, but it’s particularly important on the web. Beware of any sites which claim you can make big money from a small investment – from currencies, shares or anything else.
Likewise, take care to avoid sites which encourage you to recruit other people or send or receive payments: these are pyramid schemes, a long-established but really convincing scam that’s found a ready home on the web. Check out this link for more information on these scams and how to stop them from Action Fraud.
Always check for the 'HTTPS lock'
If a website’s asking for your personal details, it should be using a secure or ‘encrypted’ connection. Most genuine websites should use these – but some don’t, and those are best avoided if you want to keep your data safe!
So, how do you know if a website is using an encrypted connection? It's simple: keep an eye out for the padlock icon in your browser's address bar.
An encrypted website's address begins with 'https://' rather than 'http://', but this can be hard to spot – which is why most modern browsers add a padlock symbol to the left or right of the page address to indicate that it's using a secure connection. If you can't see a padlock, you probably aren't connected using https!
Modern browsers like Google's Chrome and Mozilla Firefox will typically redirect you to the most secure HTTPS version of a website automatically, so you don't have to worry about typing in the 'https://' before every website you visit. However, it's always worth checking to see if the padlock is there before you enter any sensitive information into a website – and if you don't see it, you might want to visit an alternative page!
Scary pop-up message? Don't panic!
Sometimes when browsing the web, you might see a particularly frightening pop-up message that looks a lot like an official Windows notification.
Often it’ll say something like ‘Windows Security Alert’, and will present a dire warning about the state of your PC: it’ll claim that your system has been infected with malware or viruses, or has been otherwise compromised. It’ll then ask you to click a button or link in order to ‘fix’ things – often by downloading an ‘anti-spyware’ program of some description.
But in truth, these messages are almost certainly fake. They’re designed to panic you and make you respond straight away by downloading the software in question – but the bitter irony is, this software itself is usually a virus, spyware or other malicious program.
No matter how convincing an error message looks, or how urgent it appears to be, always take a step back and think before you respond.
An official error message from Microsoft will never ask you to download anything, or announce in capital letters and exclamation marks that your system has been compromised. And the message itself isn’t actually coming from your computer: it’s actually part of the website you’re on.
So, if you see a threatening or worrying message when browsing the web, the first thing you should do is simply close your browser window – and avoid the offending website in future.
Sometimes, though, these messages can be more troublesome, and they might appear every time you open your web browser. In that instance, it’s likely your computer has already been infected with some sort of malware.
This can be alarming, but there’s still no need to panic – check out the section below for some advice on how to deal with it.
Social networks like Facebook and Twitter are immensely popular – and, generally speaking, very safe! But there are still risks out there, and it's important to be aware of them.
Our top tips for staying safe on social media
- Regularly review your privacy settings. On Facebook especially, it's easy to share too much personal information with practical strangers without realising it, especially as the site often makes changes to its security policy. Agent Lee has put together a regularly updated guide to Facebook privacy settings – take a look and make good use of it!
- Be careful about who you add as a friend. You friends on social media have access to all kinds of information about you, and you might not want to share it with all comers – always carefully consider who you're adding as a friend, and avoid anyone who you don't know or who makes you suspicious.
- Protect your logged-in devices. If you leave your phone, laptop or other device logged in to your social media accounts, take extra care not to let anybody else have access to them. At best, your mates might make an annoying post – but there's also the potential for anyone who comes along to dig through your messages and personal info with potentially very serious consequences.
- If your account is compromised, change your password straight away. If you start seeing status updates you didn't make, or your friends receive spam messages from you, your account has been compromised: change your password straight away to prevent any further chaos.
- If you can't change your password, contact site security. On Facebook, this means clicking the 'Help' link at the bottom of any page, then clicking 'Security'.
- Report any suspicious behaviour. If you suspect that you or a friend has fallen victim to a scam, or have been the targets of abusive or malicious behaviour, make sure to report it using the 'Report' button. On Facebook posts, this can be accessed from a drop-down menu in the top-right-hand corner of each post.
- Watch out for scam messages. As with email, Facebook messages are often used as a way of scamming users – see below for more info on how to avoid them.
Avoiding Facebook scams
Sadly, there are many unscrupulous scammers using Facebook as a platform to scam, swindle and otherwise mislead the public! The threats range from serious identity theft to account-spamming nuisances – but they're all to be avoided.
Our information on email safety above should help you stay safe from 'phishing' attacks, but keep a particular eye out for messages that claim to come from Facebook themselves – often threatening that your account will be shut down or suspended if you don't follow a certain link and enter personal details, like your password or other sensitive information.
In reality, these are inevitably attempts to steal your password, account information or other personal data. Delete them and move on!
To help you beat the scammers, Agent Lee has put together a regularly updated guide to spotting and defeating Facebook scams – check it out today for up-to-date info on staying safe on Facebook.
Staying safe on Snapchat
Snapchat is one relatively new social app that's taken the world by storm, with more than 10 billion short videos viewed on the service every day – but it's also home to some unique risks.
The app's unique selling point is that it allows users to send photos or videos to their friends which are then automatically deleted after a few seconds.
For that reason, some users have used the service to send nude photos or other inappropriate content to their followers – assuming that the offending content will swiftly vanish forever.
But in reality, that's not the case. It's trivially easy for malicious users to save copies of images and videos sent over Snapchat – often without the original sender even knowing.
For that reason, it's important to consider very carefully what you're sending and who you're sending it to. A good rule of thumb is, if you wouldn't be happy posting it on your public Facebook wall, don't post it on Snapchat!
That's it for Geek Squad's e-safety guide – but if you've got any comments or questions concerning these issues, drop us a note in the comments below and we'll do our best to respond as soon as possible.