Category Archives: internet behaviour

Keeping private on Google

Google is very good at many things, but also keeps lots of tabs on you that others can see. To check what they know and share with others, go to myaccount.google.com.

Next click on ‘Manage your data and privacy’. This takes you to a page where you can see what they know about you. One important thing is to click ‘info that you can share with others’ to examine your profile and location sharing.

Under profile you can see what can be shared. A people icon shows everyone can see it, whilst a padlock shows that it is restricted. In this age of identity theft I have my gender and birthday kept private.

The security tab will show you what devices are logged into your google account. You may see old ones so use the ‘>’ symbol and sign out on those. You may also see ones that you don’t recognise which may be hackers. Sign out on those as well, then change your google password and ideally set up two-factor authentication.

Passwords – again

To mark World Password Day, I thought I’d run through some statistics and hints:

  • 76% of people use the same password up to 14 times;
  • The average password has 8 characters or less;
  • 68% of people are worried that they will forget their login information;
  • 92% of passwords include readily available information.

Which means if a hacker gets hold of your simple password they could get into every on-line account you have!

So use a combination of UPPER and lower case, numbers and symbols, like 0C^7G0xSaqoqB9st. OK, quite hard to create or remember yourself but password managers generate and remember them for you.

So use a password manager like bitwarden (free) or lastpass (mostly paid for).

And if you can, turn on 2FA (two-factor authentication) where after login you are, for example, sent a code by SMS that you enter to prove it is you. Some people say 2FA by SMS is insecure but it is better than nothing.

Scammers are still succeeding

Nearly a million people fell prey to scammers over the summer according to OfCom research. 45 million people were targetted by emails, phone calls or texts between June and September.

So we still need to be on our guard. One new service is the 159 number. Calling this from a different phone will get you through to the customer services department of your bank (nearly all major ones are signed up). So if you get a call from your bank, the police, HMRC or any financial matter call 159 to check it out.

Avoid getting hacked

Well, it’s only just 2019 and already new threats are being rolled out. So here are a few thoughts:

emails

Always a favourite! But now the bad-guys can make emails seem more genuine. There have been so many data breaches that your name, address and many other details are floating around. So hackers can put your name and address into an email (that looks like it is from someone you trust), or even a password that you use – or have used – into those blackmail emails to make it look like they have got into your computer

As ever, do not click on links or open attachments as even worse things will happen.

Chatbots

A lot of us are quite used to ‘talking’ to customer service staff via a pop-up window. It’s better than hanging on the telephone. Online chatbots are similar but use a machine at the other end. Hackers are now starting to insert their own into genuine websites that have been hacked in an attempt to get personal information and data about users.

In both cases be aware what you are telling them and if you get uncomfortable, just close the window and get on the phone.

Dangerous websites

It is always good to use secure websites (the ones that start ‘https://’) but it is less and less a guarantee. About half of all phishing sites use HTTPS already.

So protect yourself. Good internet security packages come with a website scanner built in. Google Chrome comes with ‘Safe browsing’ built in to warn you. Otherwise Norton Safe Web is a good free add-in for your web browser. Look in the add-ins or extensions page.

Ransomware

This is still out there and becoming more sophisticated. Again, good internet security packages will protect your most important files but as ever, there is nothing like a good backup and system image held on an external system like a USB HDD or cloud backup. It is unlikely to happen to you if you take basic internet precautions but I have seen it strike and the effects are always devastating.

Programs and packages can help, but in all cases the best protection is you. If you get a gut feeling that something is wrong or you don’t like what you are about to do, then just stop.

It really is better to be safe than sorry.

Stay alert for malicious emails and calls

We’ve covered this before, but the bad guys just get more and more subtle. They are mostly after money and passwords

Most attacks by email rely on people having Windows PCs. They encourage you to open an attachment, from say a delivery company or the taxman. This will install something on your Windows PC that will go looking for passwords (for example in your emails) or maybe a ‘keylogger’ that records your typing and sends it off. To computer the latter I’m trying ‘Antilogger’ by Abelssoft that lets you whenever a program opens and starts accepting keyboard input. Then you can approve it or block it.

Or a link may send you to a website that asks you to login. It looks like the webpage that you normally see for that company. But all that happens is that you give the bad guys your login details. If you do want to find out whether what they are saying is true, go direct to the company website yourself and login there.

Clues to both of these are odd spellings or a lack of personalisation: but be aware they are getting better and will often include personal details.

Another common attack is to send you an email claiming the bank details for a supplier has changed. That’s highly unlikely. Best to ring and check.

Then there are phone calls. The most common is to let you know that your computer has a fault. There is no way that they can know this and Microsoft certainly isn’t going to ring you up to tell you. Nor is your internet provider. They will try to convince you and will even ring you back if you put the phone down. What they want is remote control of your PC to get banking details and other secrets.

There are similar calls claiming to be from the bank or the police.

Last on my list is calls from your bank or similar that say they have to take you through some security questions first before they can continue the call. But you have no idea who you are actually talking to! Actually, most of these are from the actual company, who don’t realise what a mistake they are making.

Put the phone down and if you think it is genuine, look up the number yourself and call back. Never ring the number the caller gives you.

Google getting more personal

You may not remember, but Google bought the online advertising company DoubleClick in 2007. DoubleClick used your activity on DoubleClick enabled websites to deliver personalised adverts to your computer screen.

Now Google is giving DoubleClick access to your activity on gmail, youtube and other Google services to send you even better targetted ads.

Some find this great but that’s why I stay signed out of my Google account on my PC. As my Android phone needs to be connected to my account to work, I’ve gone to my account settings and under ‘activity controls’ I’ve unticked ‘include Chrome browsing and activity from websites and apps that use Google services’

Whatsapp gives your phone number to facebook

WhatsApp has decided to share some user data, like your phone number, with its new parent company Facebook. It claims that this will ‘improve your Facebook ads and products experiences.’

If you don’t want this, there are two ways to prevent it.

If you have yet to accept the new terms and conditions, press the smaller ‘read more’ option below the ‘agree’ button, and uncheck the box that reads ‘Share my WhatsApp account information with Facebook…’

If you’ve already accepted those new terms, however — you’ve still got 30 days to opt out. Head to WhatsApp’s settings menu, and press the account tab. Now uncheck the box reading ‘Share my account info’ to stop sending your user data to Facebook.

SMS ‘phishing’ attacks for bank details

A new way to get details out of people has been seen, using text messages about unusual or suspicious activity. Alarmingly, these messages are attached to the same ‘thread’ as real messages from your bank, so are more easily taken as genuine.
As ever, stay alert and never click a link in the message. If you are unsure, phone your bank from another phone.

Avoiding ‘free’ offers when installing programs

So much software these days comes with other stuff we don’t want, but that still ends up on our PCs – Ask! Toolbar, McAfee scans, etc.

I’ve tried various things in the past, but a new assistant is Unchecky from www.unchecky.com. It claims to untick all those boxes that dump all these extras onto our hard drives. It’s important to keep your eyes open but unchecky could be a useful assistant in case you miss one!