I recently spoke with a local organization about how to stay safe online. While answering the group’s myriad questions and seeing the interest in this topic, I wanted to share the same thoughts on privacy with you. Staying safe online is becoming more difficult because bad actors are devising new ways to skirt the safeguards built into our computing devices. Increasing our diligence and being able to recognize a fake email or phone call is our best defense against getting into trouble while online. In 2022, the online fraud industry was over $20 BILLION! And most of this was from individuals, just like you and me. This article has some tips to help you stay safe while online. If you have some additional tips based on your personal experience, please add them in the comments section below.

Staying safe online is all about common sense. I say this because regardless of what you do to prevent bad things from happening, what ultimately gets us in trouble is a wrong decision…even if in our hearts…we know it’s a wrong decision, we often do it anyway. So, if you take anything away from this article, I hope it’s a little visual sign in your mind’s eye that flashes and says, “Should I really do this?”. If you ask yourself this a few times before making a questionable online decision, you’ll be fine because your more competent self won’t let you make that wrong decision.

Speaking of bad decisions, the #1 wrong decision that gets folks into trouble is allowing someone on the other end of the phone to take control of your computer. Above anything else…do not let anyone control your computer unless you know who it is. A friend, a relative, or someone in your local computer club – that’s fine. If you use a Mac, then someone from Apple Care (as long as you know you’re actually speaking to an Apple employee), but if you use Windows, understand NO ONE at Microsoft will ever remotely take control of your computer to help you. So, if someone is on that phone and telling you they’re from Microsoft… hang up!

I know you’re thinking, “Hmm…I’d never do that,” but I talk with several people each month who’ve inadvertently gotten into trouble by letting someone take control of their computer. So don’t say this won’t happen to you… promise yourself you’ll do everything possible to stay diligent and not make that wrong online decision.

We get into these situations invariably by trying to get help. Help with a software app, help with your computer, help with your TV, etc. You bring up Google and start looking for support for something. Out of the search results that populate your screen…I’ll bet over 70% are bogus. The first indication they’re bogus is they offer a toll-free number. That’s just not going to happen. The second indication is that someone offers to help you…for free. That’s rare today. Companies go to great lengths to make it nearly impossible to contact them by phone. You have to figure out how to separate the wheat from the chaff because when you dial that number for free support and hear someone with a strange accent promising to help with your problem…that’s when you need to visualize that mental sign. “Should I do this?” And the answer is NO!

Here are some other simple pieces of advice regarding online safety.

Keep your internet browser updated.

The latest versions have many built-in protections against fake websites and web-based viruses. But be diligent, and if you use Chrome as your browser (and most folks do), make sure you close Chrome occasionally so it can update to a newer version if one is available.

Get a Password Manager

If you use a Windows PC, I recommend 1Password, Bitwarden, or RoboForm. If you use a Mac, I recommend 1Password or Bitwarden. Create a memorable passphrase to open your password manager. An example of a passphrase is several words separated by special characters, including capital letters and numbers – such as Sporty-Crown-Tarmac-Imaginary7 (this example passphrase would take approximately 87 years to crack, yet it’s easy to remember). Whatever you use for your passphrase, it must be memorable to you.

 

Shred all your sensitive paper documents.

Bad actors can use information on paper statements to steal someone’s identity. Yes, many people are sifting through landfills, looking for valuable information.

Learn to spot fake emails and websites.

Criminals use these to con people into giving away passwords and bank details – the technical word is ‘phishing.’ Here are six things to look for in an email that may indicate it’s fake.

1. Emails That Demand Urgent Action. Emails that threaten something terrible will happen unless urgent action is taken, and these are usually phishing emails. Bad actors use this approach to rush you into taking action before you can fully diagnose the email for flaws.
2. Too Good to Be True Emails. Emails that purport things too good to be true are usually not true. Such emails invite you to click on a link or open an attachment by stating there will be a reward of some nature (typically large sums of money).
3. Emails with an Unfamiliar Greeting or Salutation. Emails exchanged between friends and work colleagues typically have an informal salutation. Salutations that begin with Dear, Mister, Madam, etc., or contain phrases not typically used in casual conversation should make you think twice.
4. Suspicious Attachments. Don’t open if you don’t recognize the sender, especially if the attachment is a .zip, .exe, or .scr file. If you’re expecting a file from a friend or co-worker, you’ll probably be fine opening it, but stay diligent if the attachment looks suspicious.
5. Emails with Spelling and Grammar Mistakes. This is one of the biggest giveaways that an email is bogus—bad grammar and spelling mistakes. Most valid companies apply spell-checking tools to outgoing emails by default to ensure they are grammatically correct. Those who use browser-based email clients apply autocorrect or highlight features on web browsers. Why hackers don’t use these tools is beyond me, but most often they don’t.
6. Emails Requesting Login Credentials, Payment Information, or Sensitive Data. Another absolute indicator is that an unfamiliar sender who requests login credentials, payment information, or other sensitive data should always be treated cautiously. Phishers can forge login pages to look exactly like the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page or told a payment is due, they should stop and go to the known login page directly from their browser or password manager.

Venmo Privacy

While some of you may like the social aspect of using the Venmo app to transfer money, others may not, and there are downsides to this. If you’re bothered by the Venmo home screen, which displays the transactions you’ve made and in your Contacts app, here are some steps to protect those from other privacy while using Venmo.

1. Open Venmo and tap the Me icon at the bottom right.
2. Tap the Settings icon at the top right (the gear-shaped icon).
3. Tap Privacy.
4. Check Private. (The other two choices are Public and Friends.)
5. Tap Past Transactions.
6. Tap Change All to Private. Tap the Back arrow.
7. Tap Friends List.
8. Tap Private. (Again, the other two choices are Public and Friends.)
9. That’s it…you’re done!

One last reminder to help you stay safe online – whenever your sixth sense presents you with a question mark regarding something you’re about to do online – remember that little sign in your mind’s eye…”Should I do this?”