Eric Baker

Hints & tips

v7.4  01 February 2018  © Eric Baker

How do I get sensible advice?

The getsafeonline site is a good starting point. Don't even think of connecting to the internet without first thinking of which anti virus and firewall software you're going to use from the start. And read up on the differences between viruses, trojans, spyware, keyloggers, encryption ransomware and other nasties. Also remember the paper - identity theft is much easier and more lucrative if you throw away documents that could help criminals to open accounts in your name, falsely tell financial institutions you've moved etc. Get a shredder! Security is basically about being sensible and having multiple defences, including data backups somewhere else - not just on or beside the computer.

How do I keep my files private?

You can set up multiple user accounts in Windows, protected by passwords. But it's a lot simpler having one account used by everyone. If you have multiple accounts all sorts of things you'd hope would be common to other accounts aren't. And multiple accounts can give a false sense of security - it's quite easy to boot up a machine from a Linux CD and grab things from the hard disk without needing to run Windows at all. I once got 200Gb off an ailing laptop that way for a friend before doing a factory reset (and losing all the data on the C drive).

How do I stop my computer getting infected?

It's not easy because there are lots of nasty people out there trying to steal from you. It's not just Windows you need to keep up to date - browsers and their plugins, music players, pdf readers and so on can also provide infection options, even on Macs and Linux machines. Nowadays we've got all sorts of weird security vulnerabilities that might give access to criminals. Krack, Spectre and Meltdown all leave us dependent on suppliers to fix the problem.

Make sure you are getting Windows security updates automatically (it's compulsory in Win 10)and that you have security software active and up to date. There is free security software around and Windows has a basic firewall built in but I gave up on the free stuff ages back, except for tablets and phones. I've only used Kaspersky in recent years but do read the reviews before deciding which to go for - there are lots of security suites. And check multiple PC licences and prices.

Avoid sites that let you download illegal copies of music tracks, films, software etc. They tend to leave your computer in a mess with secretly downloaded nasties of various kinds.

Before you download any software, search its name in Google followed by "problem" - if it's dubious there will be entries from angry people who had to clean up after downloading it. Also stick to reliable download sites such as Some less reputable installers slip all sorts of nasties onto your computer if you're not vigilant. Some, eg CNET, tend to try to install unwanted toolbars etc as part of an unrelated program install.

Quite a common source of infections now is a phone call "from Microsoft" or whatever. If someone you don't know wants remote access to your computer it's probably to infect it, not fix anything. I just ask them if they find it hard getting to sleep, knowing they've got to go to work trying to scam people the next day - they soon hang up.

Another increasingly common problem is where people fall victim to ransomware. Once installed, by whatever nefarious means, it typically encrypts documents and photos and offers to provide the decryption key in exchange for money. It is very important to make yourself immune to this, basically by having up to date copies of your data all over the place. If I found my data files had been encrypted I would detach the computer from the network, eradicate the ransomware and delete all the encrypted documents and photos. Then I'd refresh the data from the nearest uncorrupted source - the laptop, an external drive (never leave these attached) or from the cloud (Dropbox Plus with file version history).

Get Safe Online logo




How do I make sure my passwords aren't being sent to criminals in Eastern Europe?

The firewall built into Windows is quite limited, so get a proper firewall. The bad guys are always trying to take over your PC. Routers contain a firewall that typically hides the computers connected to them from the outside world and also ignores unsolicited incoming traffic.

It's also a very good idea to run a software firewall on each computer, eg as part of a security suite.

Phishing email Remember that banks, eBay, PayPal etc would never ever send you an email asking for passwords. And that strangers asking for your bank details generally want to get money out, not put it in. Giving them login details or transferring money electronically on their instructions is rather like giving your house keys to a plausible stranger at the airport as you leave on holiday.

It can be hard to tell with some emails but in any case never click on an email link to go anywhere sensitive (eg a bank account). Instead go and log in from your browser in the normal way, ideally from a bookmark.

I find an effective way of using lots of different passwords (to confuse the thieves trying to listen in) is to keep a list of them in a text file on your computer. Obviously you don't list the passwords themselves but hints that mean something only to you. Eg if you had a memorable stay at the Hotel Kolping in Linz your password list could show "amazon, main email, linz825!!!", "almeida, gmail, 9732linz%%%" etc. Only you know to substitute kolping for linz when logging into a site. We have several substitute clues like that and a different password for every single site we're registered with.

Nowadays the experts say that the key to a really secure password is simply its length. If criminals steal an encrypted file of passwords from some retailer (as they often seem to) they will go through it with brute force techniques. If your password is 123456 or password it will be cracked very quickly indeed. If it's 721kolping465!!! that's 16 characters and they'll simply give up and move on to the next one. For passwords that really matter, eg for email accounts, use 2 step authentication wherever it is available. Eg nobody can log into either of our main email accounts, even if they knew the password, without entering a code texted to my mobile phone.

Can I trust online banking?

That's a hard one, because potentially it's pretty insecure accessing accounts over the internet and banks are getting tougher about blaming people whose accounts are emptied. I'd certainly not use my tablet or phone for online banking. So the answer is "no".

It is absolutely essential that nobody gets access to sign-on passwords so never write them down and make sure your computer is secure.

A simple way to confuse some keyloggers is to keep clicking on random places on the web login page (not in the data boxes) and typing extra characters as well as moving around the boxes on the form. The web page discards those key strokes but many keyloggers will faithfully record them. If you assume there is a keylogger on your PC which records key strokes and mouse clicks and also takes occasional screenshots you should be able to outwit it with this technique, although my son said it might be possible to intercept just what's actually being sent out by the browser.

Top passwords
Do not assume that the Windows on-screen keyboard will confuse keyloggers - apparently they all log that one too.

Banks are getting much better at asking things like "2nd, 5th & 9th characters from your password". Three of our online accounts now also have little card readers used when setting up new payees etc - that's fairly secure, although it does mean banks are passing responsibility for online fraud to their customers. Eg if you don't have decent security measures in place they'll feel quite happy saying "your fault, nothing to do with us" if your account gets emptied. They'd probably say the same if you were kidnapped on holiday and imprisoned until you'd emptied all your accounts for the baddies.

How do I stop people sharing my wifi connection?

To stop malicious intrusions change the router system password (the one that starts out as "admin", "password" etc). It's amazing how many people leave this unchanged (and highly insecure).

To stop a neighbour using your connection enable WPA2 encryption in the router and use a long passkey with mixed letters, numbers etc. Ours is along the lines of 8Grand7Old6Duke5of4York - not easily guessable or crackable. Because you're going to have to tell the passkey to visitors over time, make sure it's very different from passwords you use for banking and other logins - they're private to you. A while back a friend said her internet had gone horribly slow and might it be the students renting the top floor next door? I put a biscuit tin lid between the router and the party wall and suddenly the internet was full speed again! They'd probably been downloading films etc. Then I changed the passkey from highly insecure WEP to WPA - no more problems.

There is also a possibility of a neighbour on the same phase electricity supply connecting to your Powerline network but most experts say the signal doesn't go past the meter and most Powerline units also offer encryption.
Card reader