Internet and email security – five steps to keep yourself safe online.
1. Never respond to emails that request personal financial information.
- If you receive an email you suspect isn’t genuine, delete it.
- Even if you think the email may be legitimate, don’t respond or click on any links or images in the email – contact the company by phone or by visiting their website.
- Avoid opening or replying to spam emails. Don’t download images, or click the ‘unsubscribe’ link. You will give the sender confirmation they have reached a live address, and they’ll send even more spam.
2. Only visit banks’ websites by typing the URL into the address bar.
- If you suspect an email from your bank or online company is false, do not follow any links embedded within it.
- Banks will not ask you for your account / card details in an email. If in doubt call them straight away.
3. Be cautious about opening attachments and downloading files from emails, no matter who they are from.
- Some phishing emails may contain software that can record information on your internet activities (spyware) or open a ‘back door’ to allow hackers access to your computer (Trojans).
- Watch out for fake invoices, bills or receipts. (Especially if they don’t include your name – “Dear customer” means they are sending the same email to thousands of people.) Scam emails may say that you owe money to a bank, or you need to pay a bill in advance, usually with something that looks like a Word document attached. Or they may send you a receipt: “Thank you for your payment, for more information please see….” Don’t be fooled: don’t click on the link, and don’t open the attachment.
- Promotional and marketing scams – if the offer looks too good to be true, it usually is.
- Do not allow anyone remote access to your computer.
- If you get a phone call claiming from ‘Microsoft’ or ‘Windows tech support’ regarding issues with your computer, hang up immediately.
4. Check the website you are visiting is secure.
- Check the web address in the address bar. If the website you are visiting is on a secure server it should start with “https://” (“s” for security) rather than the usual http://
- Look for a lock icon on the browser’s status bar / address bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor.
- Note that the fact that the website is using encryption doesn’t necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.
5. Be careful with passwords and data.
- Never let anyone know your PINS or passwords. Do not write them down, and do not use the same password for all your computer and online accounts.
- Most of the popular email services let you choose two factor authentication for logging in – use it if you can.
- Change your passwords regularly.
- Recommended best practice for passwords is to have a minimum of eight alphanumeric characters plus some special symbols (!”£$%^&*_?).
If you follow these steps, you have the best chance of keeping yourself safe online.
For more information, see Action Fraud UK.