Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

Three easy steps to (hopefully) stay safe online

Friday, 23 August 2019

OPINION: Let's start with a hard truth. There is no single way to stay safe online. If you've got an email address and a credit card, you're going to get targeted online sooner or later.

The best thing you can do is educate yourself about what the threats are and how not to fall into traps set by scammers.

Start by following the three steps below. 

**READ MORE:

* MBIE customers hit by emails containing malicious software

* Air NZ's Air Points data breach test for cyber insurance

* Customers could face long-term privacy issues after Air New Zealand data breach**

Get good antivirus

It's boring. But it's still the simplest and most effective way to protect yourself online. Get good antivirus software (AVs). 

Yes, Windows now ships with decent built-in security in the shape of Windows Defender. And Macs don't really get viruses - not as much as Windows devices anyway.

The best free advice I can give anyone is to always always always double-check email addresses and URLs. You can do this by simply hovering your mouse over a link and then performing a web search for the correct URL.
The best free advice I can give anyone is to always always always double-check email addresses and URLs. You can do this by simply hovering your mouse over a link and then performing a web search for the correct URL.

But these home-brand security options don't offer as much protection as high-end security suits. Windows Defender, for example, scores a respectable 7.5 stars (out of 10) in most independent antivirus groups tests.

A fair score, you might think. But when premium AVs are scoring 9+ points in the same tests, the risk you're taking by not having paid-for AV is clear to see.

Good antivirus software will provide you with real-time protection against malware, malicious URLs, phishing attacks, adware, PUAs (Potentially Unwanted Applications) and more.

To pick an antivirus that's right for you, I recommend checking out https://www.av-test.org. Here you'll get free access industry-leading AV test scores.

David Court: The information from some data breaches ends up on the Dark Web, available for anyone with a Bitcoin wallet to buy. And use.
David Court: The information from some data breaches ends up on the Dark Web, available for anyone with a Bitcoin wallet to buy. And use.

Double check URLs

The best free advice I can give anyone is to always always always double-check email addresses and URLs. You can do this by simply hovering your mouse over a link and then performing a web search for the correct URL.

Phishing attacks work by tricking users into entering login, or credit card, details into websites - often lured in by an equally legitimate-looking 'phishing' email.

Everything designed to look as similar to the genuine thing as possible, thus tricking users into thinking they're using the real thing.

That's why you need to train yourself to perform this simple task. Do this, and you'll never be caught out by a phishing attack ever again. Ever.

No matter how sophisticated they are. A phoney email address or URL is the one thing attackers can't fake.

Tip: Email addresses can sometimes be disguised. So its always worth clicking to see more info on the sender's email address.

Install the Password Checkup extension on Chrome

Yahoo, LinkedIn, Uber, Sony Playstation, Facebook all share one thing in common. They've all suffered data breaches.

Data breaches are bad news for these companies, but they're worse news for us, the users. That's because it's our data (emails, usernames and passwords) that have been compromised.

Worse still, the information from some data breaches ends up on the Dark Web, available for anyone with a Bitcoin wallet to buy. And use.

For a few digital dollars, cybercriminals can literally buy your email address and password. Which is particularly bad news, if you (like most people) don't regularly change your password or use two-step verification.

Downloading the Password Checkup extension for Chrome will passively check if any of the sites you visit have recently suffered a data breach. If one has, you'll receive a notification, prompting you to change your password(s).

Create regular backups 

Until recently, the bad guys who used to design and spread computer viruses didn't make money from their efforts. Instead, users with an infected computer would hand money over to antivirus companies, who would fix the problem. Read into that what you will.

However, things have changed now. 

Ransomware provides online attackers with a direct way to monetise their viruses and trojan horses. Forcing users with infected files to pay a 'ransom' to unlock their encrypted files.

Running a good antivirus offers decent protection against ransomware as it will alert you to any suspicious background activity - preventing the problem at the source. However, no AV software is 100 per cent safe. 

Which is why you need to create multiple backups of important files.

Annoyingly, the nature of trojan horses and ransomware means you might be creating backups of infected files. The only way to combat this is to create multiple backups.

Both Microsoft and Apple offer excellent ways to automatically, and regularly, back up your files to their respective clouds (OneDrive and iCloud). For a monthly fee, this is a great way to back up important files.