Safe Mode

Protecting Yourself Online

Guide for Safe Internet Usage

51730790_10161482318935261_4328599509857730560_o.jpg

This is a free guide and should not be relied upon to make financial or commercial decisions. If you have any questions about anything in these notes or topics discussed feel free to send me an email at t.shannon@macs4u.com.au or give us a call on (08) 9274 7111

Things you should be aware of; (I touch more on these subjects below)

1. Not everyone is who they say they are -  Phishing  Scams are attempts by scammers to trick you into giving out your personal information such as your bank account numbers, passwords and credit card details.

2. Fraudulent Websites - don't believe everything you read on the internet.

3. “Free” dose does not always mean “Free” - When it comes to downloads if you aren't looking for it you don't need it. If you need it, Make sure its what you want.

4. Password Management can be easy.

Phishing

What do I mean when I say “Not everyone is who they say they are” if you get a phone call from someone who claims to be your bank and they want to verify your Identity, how do you know you are speaking to your bank?  Phishing Scams - spelt with a “PH” rather than an “F” are attempts by scammers to trick you into giving out your personal information such as your bank account numbers, passwords and credit card details. Phishing can be done in many different ways, the kinds we see most are:

1. Unsolicited Phone Calls “We have detected a virus on your computer”

2. Emails that look like they are from a bank or delivery service.

3. Pop up adds

I will be going into ways on how to verify the source but you can save a lot of time and effort by going straight to the source. For example, if you get an email from Australia post saying they need to confirm your address to deliver a parcel, instead of replying to the email or click any links, simply go to Australia posts website and log in there. If the email was real you can confirm your address on the website directly instead of potently giving it to a 3rd party.

Same thing if you receive a phone call, ask them who they are, hang up and ring the real company.

What if you’re not sure about an email?

Fake Emails

Ways to identify if an email is fake:

1. You can look at the source. In apple mail you can do this by pressing “option+shift+U”

2. Note the return address. Is this who you expected the email to come from?

3. Check spelling or major grammar errors. Scammers will often use google translate to write emails and it results in incorrect spelling and grammar.

4. Anything that's “Free” that you didn’t ask for. You won the lottery and you didn’t even by a ticket? yeah sorry to say you didn’t.

So what do I do if I get a lot of spam emails?

What to do with Spam Emails?

1. Don’t respond in any way to unsolicited emails who's origin you don’t know. This includes “unsubscribing” as this tells the sender they have a “live one” on the end of their email trail.
2. Use a junk filter or Mail Rules. look for this in settings in your email app.

3. There are also apps that can block emails before they get to your inbox like getunsubscriber.com

So how do you know when I can trust a website with my personal info?

Website Certificates

Website Certificates

Check that there is a lock next to the website address before making online purchases or entering personal information. This indicates if the website is secure. If you are unsure of a website's legitimacy click the lock Symbol and check the country of origin and Date. Do this on websites you trust to get an understanding of how certificates should look. Certificates are widely used to secure electronic information.  For example, a certificate might allow you to sign email, encrypt a document, connect to a secure network, or identify yourself when using Messages.

But what about downloads?

Downlods

Downloads

Downloads can be tricky… 

Some websites get paid when people click on the ads so they make the ads appear like download buttons.

You can check when a download button is fake because they sometimes have the word "advisement" near them.

Often an ad blocker will help but some of these websites will ask you to disable it before they will give you access to the page.

When it comes to these types of websites its best to avoid them but you can use a “mouse rollover” technique to check where that link will take you. 

What if you accidentally downloaded the wrong thing?


Safari and other browser preferences

Once you’ve downloaded a file safari and other web browsers might be set to automatically open it. If it was an accidental click this could be what causes your Mac to get infected so its best to turn this setting off.

While you are in your safari settings you may want to change your “Autofill” preferences, especially if you let others use your Mac or you leave it unlocked.

Trojans

Trojans

Let’s say you managed to find the download you were looking for well your not out of the woods yet. 

A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. 

Trojans can be deployed by cyber-thieves and hackers trying to gain access to users' systems. 

If you find yourself with an adware infection you can try this tip…

Safe Mode

Here is a way to safely boot your Mac if you think it has an adware infection.

Simply restart your Mac while pressing and holding the “Shift key” immediately before you hear the startup tone.

Release the Shift key when the Apple logo appears. If done correctly Safe Boot appears on the Mac OS X startup screen.

Safe mode limits what is running in the background on your Mac, and it will allow you to use what you need to until you can bring the unit in for repairs.

But there are some infections that are not so easily fixed.


Ransomware

Ransomware is a type of malware that prevents or limits users from accessing their system.

This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems or to get their data back. Some ransomware encrypts files (called Crypto-locker) these are particularly difficult to remove but can be done without supporting the hackers who make them. 

One of the easiest was to safeguard yourself against such attacks is by having a good system backup. TimeMachine is probably the best backup program as it will allow you to restore to as little as an hour before the attack occurred. The more malicious of these Crypto locker programs can also encrypt external hard drives as well and if you are worried about that, you can use a network drive such as a Time capsule. 

So how do I avoid Ransomware?

Your mac is already protecting you

Accidentally installing Ransomware and other forms of malware on a mac has become exceedingly rare since the introduction of Gatekeeper in February 2015

Gatekeeper was a new feature in Mountain Lion using existing checks to help protect your Mac from malware and misbehaving apps downloaded from the Internet. But as always the safest and most reliable place to download and install new apps is via the Mac App Store.

So why am I bringing up Ransomware at all?

Fake “tech support”

I briefly mentioned this earlier but ransomware is most commonly install via a Phishing scam or fake “tech support” These cons are designed so you give someone else permission to install a program on your computer.

Most commonly it’s a pop-up add that says they have “detected” a virus on your computer and show a phone number you can call or scammers will call you out of the blue with the same claim.

Then they have someone guide you through installing a malicious program.

But fear not as you won't have compromised your computer until you give them “full access” That would require them to:

1. Have access to your computer - either over the internet or physically.

2. Know your administrator password - This is why it is important to have a strong password and not give it to other people.

So what can you do about popup ads?

Ad Blocker

Ad Blockers

You can download and install ad blockers for almost every browser including iOS devices, they will block most banner ads and pop ad ads and this will prevent most types of “fishing” scams.

Why not use an ad blocker all the time?

When viewing free media on the internet, the people who create that media get paid by the ads, using an ad blocker means that they don't get paid, if they don't get paid they stop creating media.  Some websites go as far as not letting you use them if you have an ad blocker turned on.  They can be easily turned off or you can use a secondary browser for those sites.

Password Managers

Password Managers

Complex passwords are difficult to remember, so you have probably defaulted to passwords like "password," "abc123," or your pet's name and other hacker-friendly naming conventions.

A password manager keeps all your passwords under one encrypted (and password-protected) roof. 

It generates strong passwords for you and automatically inserts them when you log into different sites. It can even store payment information to simplify online shopping.

These tools work on the principle that you create a master password for access to your identity vault, and then the password manager fills in individual user IDs and passwords for the sites and apps you use.

So What's the risk? All your passwords are in one place if a hacker gains access to your master password that would leave all your accounts open to plundering.

Unless you are using…

Two-step verification

Two-step verification

Two-step verification is a process that involves two authentication methods performed one after the other to verify that someone requesting access is who they are declared to be. 

Normally this is done by sending a once use code to your phone or email address.

By itself nether, your authentication code nor your password would give someone access to an account, only when they are used together.

To set it up simply look for the option on the website you wish to use it on, usually its under security settings once you log in.

VPN

VPN

Virtual private network or VPN 

A VPN creates a safe and encrypted connection over a less secure network, such as a public WiFi network.

Because your internet traffic is being put through another server it may be significantly slower than normal.

However, it will prevent your internet service provider from seeing what websites you visit. and it will keep you safe when using public wifi. It also stops websites from knowing your exact location*

If you are interested in trying a VPN try using “Psiphon” it is a free app and easy to use.

Thanks for taking the time to read this blog

As I mentioned at the beginning this is a free guide and should not be relied upon to make financial or commercial decisions and if you have any questions about anything in these notes or topics discussed feel free to send me an email at t.shannon@macs4u.com.au, give us a call on (08) 9274 7111 or comment below your favrout security tips. Also if you found this useful and have time I would greatly appreciate it if you could give Macs-4-U a review on any of these sites as it helps more people discover us: 

Facebook: www.facebook.com/macs4usales

Google: www.google.com.au/search?q=macs-4-u

Yelp: www.yelp.com.au/biz/macs-4-u-midland

ProductReview: www.productreview.com.au/listings/macs-4-u

Here are some other Helpful Programs and Websites to get you started

gmail.com or any other webmail service

scamnet.wa.gov.au - you can report scams on this website.

malwarebytes.org - you can use this free program to remove adware

avast.com - this free Security program will be enough for the average user

getadblock.com - AdBlock removes ads before you see them.

alternativeto.net - Crowdsourced software recommendations

getunsubscriber.com - The easiest way to stop unwanted email.