Andy Taylor, one of our Volunteer Digital Champions, has over 35 years of experience in information security. In his first blog post, he provides practical and easy-to-follow advice on how to stay safe online.
The internet world is essential for many aspects of everyday life – we all really need to use it, to some extent, if we are to take advantage of the best prices, widest shopping choices, best energy deals, government benefits, and the like. Unfortunately, there are far too many people in the world who would like to steal your information and then, usually, take some (or all) of your money.
Taking security seriously is very important and being mindful of some basic checks, rules and processes can reduce the risk of an unfortunate event causing great embarrassment and distress. We should be concerned about the risks but equally, we should be confident and feel able to use the internet wisely, safely and securely. All the things I mention here apply to desktop computers, laptops, tablets and smartphones and even to devices like the Amazon Kindle Fire. Any device that connects to the internet (including the increasing number of home devices like dishwashers, heating systems, doorbells and many more) can be, and is, used as a way of trying to get information and money from you.
I have been working in information security for over 35 years and have been closely involved with a number of schemes which have been designed to improve information security and, in particular, cyber security over the years. And there is plenty of good advice available but of course, much of it is online! So, in the first of occasional blogs, here are a few basic tips and suggestions, as well as some links to other sources of information, to help you to use the internet safely and with confidence and to your best advantage.
Don’t panic
My first tip is not to panic! This may seem strange but panic is what many criminals are
hoping to generate in you when they pose as police, banks, computer companies, courier companies or in any other guises. The internet can be used safely and securely and taking your time is a very good start. Often the first line of defence is to stop and think. Perhaps ask someone else, “Does this seem right to you?”. The (very) old adage ‘if it is too good to be true it probably is not’ still holds true. Recently, I myself very nearly fell for a scam survey about my broadband provider and got as far as selecting a prize when I thought, “They are never going to give away £1,000 shopping vouchers for doing this!” and stopped. It can happen to anyone because criminals are learning fast about the things we look for. Emails, texts and other types of communications that are looking to entice you to provide personal information (spam, phishing, vishing, etc.) used to contain a lot of spelling mistakes, poor grammar and the like, but Google and Microsoft are helping those criminals with poor grammar to improve their language skills to be more convincing with their messages.
Check if your connection is secure
My second golden rule is to make sure the connection you have with any website online is secure, notably when making transactions that involve financial or personal information. The easiest check is the padlock at the front of the address bar where you type in a web address. If the website is secure the padlock icon will be shown locked shut. Never do any serious business if the padlock is open, and actually, most reputable web browsers will now stop you or at least warn you about unsafe websites. You can click on the padlock icon to see more information if you wish. The secondary check is that the web address should always start https:// with the “s” standing for secure. If that isn’t there I would leave fairly quickly!
Update your device
My third tip would be to ensure all the software installed on your device is always up to
date. Most devices today have settings to check regularly for updates and to install when available. The reason for these updates is principally two-fold. Firstly, and most importantly, to block or disable any security holes in the software which have been discovered by the experts. Secondly, they are often used to provide a better service or experience when using the software. Be aware though that many smartphones and tablets will tell you that software updates will be installed automatically but in reality, in an effort to conserve battery life and for other reasons, you may need to check that they are actually being installed. A quick check through Google Play store (for Android devices) or Settings and App Store (Apple devices) can ensure all your software has the latest version installed. Take note of the indications, notifications and other warnings that there is a newer version available and don’t put it off until tomorrow – that might be too late!
Don’t be afraid to seek advice
My final tip today is perhaps a little odd… Tell people when you have had a problem, most importantly when you have actually succumbed to some form of criminal activity. All scams, however, they are enacted, are crimes and should be treated as such. Dorset Police Service have a specialist cyber-crime unit and will be interested to hear about it and help if they can. Dorset Trading Standards are also keen to hear about any criminal activity within their remit and can often help to recover money that has been lost. Embarrassment is too often the problem but it is not the right way to go. If no one talks about the crimes that have been committed against them then little will change. It is only through hearing about others’ misfortunes that we can all improve and help protect ourselves online. If you have any concerns or doubts, before taking a critical step talk to a partner, or trusted advisor or even call the Dorset Council Digital Hotline at 01305 221048 who will put you through to someone who can help advise on what is and isn’t likely to be valid.
Useful resources
Some useful sources of information about how to stay safe online are given below. Be wary of advice provided by some commercial companies who might only really be interested in getting their hands on your hard-earned cash or data.
The National Cyber Security Centre
The National Cyber Security Centre (NCSC). As the UK’s lead organisation for cyber-security, they provide loads of advice for every type of user. They run a campaign called Cyber Aware. They also ask everyone to report to them any scam emails, texts, websites and calls.
https://www.ncsc.gov.uk/section/information-for/individuals-families
Get Safe Online
Get Safe Online is a charitable organisation set up to do as the name suggests. They provide independent security advice and tell you how to take the steps necessary to stay safe with all your devices and for all users from the very young to the not-so-young.
https://www.getsafeonline.org/
Action Fraud
Action Fraud is the organisation run by the City of London Police who are responsible for taking the appropriate action when a cyber crime has been committed. If you have fallen for a scam or have had a material loss due to some cyber activity, Action Fraud will take your report and help to deal with it in partnership with the local police force and other organisations.
https://www.actionfraud.police.uk/
Citizens Advice
Citizens Advice have a wealth of experience in all matters relating to the use of the internet and can help with advice on security.
https://www.citizensadvice.org/
Trading Standards
Trading Standards run a scheme called Friends Against Scams with the aim of reducing the scams and more importantly the damage caused by them. You can join their scheme for free and help to spread the word and they also provide good advice on all scams not just those enacted on the internet.
https://www.FriendsAgainstScams.Org.UK
My next blog will include some specific information about how to protect yourself against criminals and how to spot the danger signs.
