The Internet has a lot of things that catch our attention. It may be an interesting application or website, a surprising message saying that we’ve won a prize, a headline for a blog, news, an article or anything that triggers our curiosity.
We’ve all been there before, clicked on something we shouldn’t and the next thing we know, our computer is frozen with a whole heap of things running on our screen which we can’t exit.
Every day phishing attacks and malware gets more sophisticated making it harder to know what is real and what is fake. With a few skills, it will massively reduce your chance of getting Malware.
1. Install an antivirus protection tool.
Trend Micro can give you the confidence to work in the digital world by safeguarding your information. It protects against viruses, dangerous websites and other threats. The security for your remote workers or even branch offices can be managed via the Internet. They help people or companies protect your information from hackers from your business security solutions and for your online security at home.
If you’re running an older operating system that hasn’t got Windows Defender installed, you could look at other antivirus options. There are many on the internet up for grabs. BE AWARE, when you are looking for these, there are fake websites advertising for “antivirus protection” which gets you to click a link to install what you think will protect you, however, it actually will infect your computer.
Do your research before you impulsively install something quite the opposite to what you’re looking for. Malware protection options I would recommend are:
2. Browse Smart
Sometimes people allow the infection of Malware to be just a little too easy. If you’re browsing websites such as Free movie downloads, Spin to win $3 million dollars, or Click Allow to win a prize, you’re almost asking to get infected.
If you think you’ve clicked on a dodgy link, here is a tip to remove it:
- Click on Chrome’s main menu button represented by three vertical dots in the top right corner.
- Click on “Settings”.
- Scroll to the bottom and click on “Advanced”.
- Look for the Privacy and Security section and click on “Site Settings”.
- Click on “Notifications”.
- Look for the sites that are sending you unwanted notifications and click the three vertical dots button next to those sites.
- Click on “Remove”.
3. Never click links in a suspicious email
Firstly, check the email that it is sent from. If you’ve received an email from apple support requesting you to update your password, and the sender’s email address is firstname.lastname@example.org this could ring alarm bells. Being aware of the subtle differences in an email address from the sender is key.
The next test you can do is to hover over any external links within the email. If the link is a fake, you’ll see a series of random letters or perhaps a similar domain, but not a valid domain eg. applecomputers.com rather than apple.com.
Your family, friends, and employees should also be trained to look for an illegitimate email address before anything else happens. Encourage them to always take a second look at the sender’s email address before responding to the email, especially about giving their sensitive information or clicking on any links.
4. Pull the plug
If you think you’ve clicked into something that could be infecting your computer, take no risks. Pull the power plug out of your computer and contact your tech support immediately. It pays to pull out the ethernet cable as well – just to be extra safe that your computer won’t be on the network and potentially infect other computers.
There is no time to be wasted when it comes to Malware, you’re better to be safe than sorry.
5. Use strong passwords
Strong passwords are a must when it comes to technology. NEVER have the same password for multiple logins. Passwords need to be long and contain capital letters and numbers. Do not have anything that can be linked to you i.e birthdays, addresses, etc.
Applications like Bitwarden or 1Password are secure ways to manage your passwords. These apps can generate random strong passwords for each site and store them safely so that you do not have to remember them.
6. Take care in recognizing who’s calling you
These days hackers have become more and more common in the Telemarketing and Social Engineering side of things. Hackers will commonly target elderly people who are more inclined to believe them.
Never give out credit card details, bank accounts, passwords or anything of this nature to an unrecognized source over the phone. Be cautious about who you are talking to.
These scammers pose as everyday services such as phone providers (Vodafone), IT companies (NZCS), electricity companies, anywhere that you could potentially be a customer.
They will usually tell you that you have an outstanding amount to pay or a problem with your computer and ask you for your details to pay the bill.
If you’re ever uncertain whether you’re talking to the correct person, ask if you can ring them back. If they say no you’re certainly not speaking to who you think you are. Most companies will understand if you want to call them back due to security reasons and ringing them back is the best solution to finding out who you’re speaking to. Don’t redial the number on your phone, look up their number on their website and go from there.
7. Log out of websites when finished
This one’s super important. However safe you may think you are being while browsing, we will always pose a risk of getting malware. Logging out of a website once you’re finished is a MUST. Do not save passwords on your browsers (Google etc have an option to “save password”) It is a better idea not to.
If you’re ever hacked and you have all of these passwords saved, you could potentially lose everything. You want to keep your risk as minimal as possible. If you think there is a chance someone has your password make sure you change it as soon as possible and turn on two-factor authentication if there is an option.
8. Use Two-Factor Authentication (2FA)
At first, we used only one password for everything including social media accounts but that wasn’t good enough nowadays that’s why many people are now using 2FA. The 2FA adds a second method of identity verification to secure our accounts.
First, the thing you know is your password, then something unique that you have. It can be your phone or your fingerprint. Attackers can’t access your account even if they have your password because they cannot have your fingerprint.
You can also use a code. Whenever someone attempts to log in to your account, you will receive a text message or an email with a randomized 6-digit number.
If you want to enable two-factor authentication in your Google account, follow these steps:
- Go to Google Account and log in to your account.
- Click on the Security tab on the left.
- Click on 2-Step Verification.
- Click the Get Started tab.
- Enter your Google password to verify it’s you.
- Click Try It Now.
- Tap Yes on the Google pop-up that appears on your phone or tablet.
- Confirm your phone number. It serves as the backup option in case Google Prompt doesn’t work.
- Enter the 6 digit code that you received to your phone number and click Next.
- Click Turn On to enable the 2FA.