1. Beware Phishing Scams – Don’t Open Attachments Without Thoroughly Vetting The Sender;
Phishing scams; emails that purport to be from a known and trusted source but are actually sent by hackers trying to persuade you to open an attachment, are commonplace today.
Email is a favoured means of attack for hackers because it is so universal, and we tend to open emails and attachments without thinking twice. In the past year, phishing scams have sent highly convincing fake Apple iTunes purchase statements and HMRC notifications, and then there are emails from friends’ accounts which have been hacked, inviting you to open attachments which contain viruses.
So, it always pays, before opening any attachments or clicking on any links, to read the message thoroughly.
Did I really buy this film or album on iTunes? Was I expecting email from HMRC? Can I speak with my friend before I open their attachment.?
It’s worth exercising extreme caution. If you weren’t expecting it, don’t open it. And always check the sender’s email address – it may look familiar, but on closer inspection it will be convoluted and not what you’d expect a company email address to look like. If you are still in doubt, check the IP address of the sender.
2. Do not disable Firewall’s or grant remote access;
Unless you work in IT, it’s best not to tinker with your computer’s security settings – leave it to the experts. Firewall’s are there to protect you – if you feel that your Firewall settings are set to too high a level and are impacting on your work, raise the issue with IT.
If you are not happy with the level of protection offered by your windows or other Operating Systems Firewalls, you can invest in anti-virus software that will help to beef up your security.
Likewise, sometimes you will find yourself asked to give somebody else access to your computer remotely – there are many apps that will allow you to do this, but unless it’s really pressing, its best to avoid granting others remote access to your computer, as you are essentially giving that person the green light to make any changes they wish to your computer.
Only grant remote access to people you know and trust, or organisations like Microsoft and Apple – provided you are sure that is who you are dealing with. Many online repair services claim to represent Apple and Microsoft but in fact have no affiliation to them whatsoever. Beware.
3. Do not run files unless you know and trust the sender;
Similarly to phishing scams, hackers will send innocuous looking emails, or subject matter that makes you want to open and run files. “Watch this hilarious video”, “Congratulations – click here to open your prize”; make sure you don’t fall for this kind of sting.
How likely is it that you have won a competition you do not even recall entering? Not very. Your best bet is to delete the file, and then empty the junk folder and the recycle bin.
If you must run the file, do so within a virtual environment. Again, it’s best to liaise with your IT department before doing this, however much you back yourself as an IT whizz.
4. Do not run older versions of software you have been warned to upgrade;
This was a large part of the reason for the success of the WannaCry virus. Many organisations were using older versions of Windows, such as Windows XP, which Microsoft stopped offering support for back in 2014!
If you are using old software, try to upgrade – it is worth the usually small fee and drastically reduces your chances of being attacked. There is a good reason software companies are continuously releasing updated versions – it isn’t just to make money off you.
If you have been running older Windows software you can use this patch to help protect yourself against the WannaCry virus and other similar forms of attack. But doing this is really just papering over the cracks. It’s unfortunate that the underfunded NHS, for example, had not upgraded its systems, but for personal users, it should be far easier to upgrade – not to do so could even be said to be irresponsible.
5. Don’t switch off automatic updates.
Again, some people who like to think of themselves as IT whizzes will tinker with the way their systems update software, and sometimes with good reason – to make their systems more private, for example, or because they do not want to upgrade to a buggy new operating system.
By and large, however, automatic updates aren’t designed to spy on you and don’t tend to be too buggy – if they are, you will doubtless hear about it pretty quickly from a member of the IT press!
Better to upgrade, experience a problem, and have a big organisation work around the clock to fix the bug, than not to upgrade, and be hacked by a group that doesn’t do customer service and doesn’t play nice.