Read through the sections below to make sure you are doing everything you can to protect yourself and your family when using a computer and the internet:-
Often when repairing a computer for a customer or performing an annual health check I report on various "dodgy" items of software that have to be removed.
Apart from giving misleading information tools such as this often also contain spyware, adware, or viruses. Some of them also harvest personal information from your computer, or persuade you to purchase them so that they can obtain financial information such as bank details or card numbers which are then used for other fraudulent purposes.
Below I cover some of the most common types of these tools (often referred to as Potentially Unwanted Programs or PUPs), explain what they do (or purport to do), along with some example product names to be aware of:-
System Optimizer
These so-called tools use intentional false positives, and misleading information to convince users that their systems have problems, quite often exaggerating the seriousness of these so called problems.
They then try to sell you their software, claiming it will resolve all of these problems.
Examples: TuneUp, Advanced SystemCare, PC Mechanic, PC Booster, PC Speedup, System Clean Pro
Registry Cleaner
You should never have to optimize, defragment, organize, clean or compress your registry.
The potential performance enhancements resulting in the use of these programs are at best miniscule and unperceivable.
At worst, they could cause so much damage to your computer that it would require a complete re-installation of the operating system to get it working again, often resulting in the loss of data.
Examples: WinFixer, Max Registry Cleaner, PerfectRegistry, WinZip Registry Optimizer, PC Optimizer Pro, Wise Registry Cleaner
Driver Updater
Like the tools above these products use false information to tell you that your drivers need updating.
If your computer is functioning correctly then there is usually no reason to update the drivers. If a driver does need updating to fix a security or performance issue then this will in most cases be handled automatically by Windows or by the relevant manufacturers updater e.g. Intel Driver Assistant. And if not then drivers should only ever be downloaded from the official website of the company who make the product.
Examples: Driver Support, DriverUpdater, Driver Booster, Driver Toolkit, DriverWhiz, WinZip Driver Updater
Privacy Optimizer
These type of tools are not always malicious, but in a lot of cases do show false information to scare you into buying the product offered to protect your privacy, or protect you from a problem which never existed.
There are also a lot of adverts and pop-ups suggesting you should purchase and install VPN products to protect you whilst browsing the internet, now for a general user as long as you have reliable and up-to-date security software installed then you do not need a VPN product, unless you intend to browse unsafe websites, access content that should not normally be accessed e.g. accessing foreign satellite or TV broadcasts, or have something to hide!
Examples: Secure VPN
Browser Hijacker
This section encompasses items such as browser extensions (add-ins), and search extensions
These manipulate your browser(s), for example to change your start page or search provider, so that the affected browser visits their site or one of their choice. They often result in pop-ups and malicious adverts that don't originate from the sites you are actually browsing. And in some cases they can capture information that you are entering into websites such as personal or financial information.
Examples: FromDocToPDF, PackageTracking, Search Extension by Ask, My Flight Finder, PDF Converter, Search Encrypt, MyTransitGuide, OnlineMapFinder, Free Live Radio, CouponXplorer, Fast File Convert, GetFormsOnline, HowToSimplified, MapsGalaxy
Browser Notifications and Pop-ups
These are pop-up messages which appear over the website you are visiting, or down the bottom right hand corner of your screen, they can often contain malicious, dubious or misleading content and are designed to entice you into clicking them at which point you will be taken to a scam website which will attempt to get personal or financial information from you
Some show messages (and make alarming sounds!) to make you think your computer is unsafe or has been hacked and try to trick you into phoning a fake Microsoft support line so they can take control of your computer remotely (this is a variation of the telephone scam covered in more detail below)
Some example screenshots are shown below:
The cause of these is often because a browser hijacker (above) or other malicious tool has been installed, or because you have allowed notifications from a particular website by clicking "Allow" when a pop-up similar to those shown below has appeared whilst browsing
Unless you are certain it is a site you trust and you wish to receive notifications from then I recommend always clicking "Block" or "Deny"
If you are ever unsure then just ask! |
It is highly recommended that if you use the internet on your computer that you install and keep up-to-date a reliable Anti-Virus / Firewall package, without this you will soon become infected - advice on the best protection can be found here
Some uses of a PC are more likely to result in virus infection than others, for example if the PC is used to download music from non official sites or file sharing sites then it is more than likely that you will be downloading more than just the music you wanted!
A brief summary of some of the most common types of infection can be found below:-
Virus
A virus is a computer program written to alter how a computer operates - some viruses damage the computer by altering settings or deleting files which causes strange behaviour, crashing and error messages, other more serious viruses can leave the computer inoperable - viruses spread via files over the internet or as email attachments and can quickly replicate across multiple computers
Trojan Horse
A trojan horse is a file that claims to be something that it isn't and is often passed to your computer as an email attachment - it infects the computer when you click on the file and creates a backdoor so that hackers can access your PC and delete or steal your data and personal information
Worm
Computer worms infect through email, the internet or a network (without any user interaction), usually finding a security flaw or loophole in your software and quickly spreading from one computer to another - they can usually easily be prevented by making sure you have a reliable firewall package and that you regularly install any updates for your software which are released to fix these security flaws
Spyware
Spyware is any software installed on your PC that collects your information without your knowledge, and sends that information back to the creator so they can use your personal information - this could include keyloggers which can capture passwords or personal information such as bank details - most spyware doesn't cause any obvious damage to your PC and a lot of people do not even know they are infected - it simply runs in the background recording and capturing anything that you do
Scareware
This is a relatively new term and refers to software that installs on your computer and fools you into handing over your credit card details or other personal information - it is often in the form of a fake antivirus product that tries to fool you into thinking your PC is infected and offers to clean it for you for a fee - basically holding your PC hostage and stopping you being able to use it properly until you pay
Malware
Which stands for "Malicious Software" is a generic term used to describe a virus, trojan, worm, spyware or in fact any infection that is designed to cause harm to your computer or to steal your information
Ransomware
This is a type of malware that is being seen more and more lately - it is a piece of software that criminals install on your computer without your consent. The software then locks your computer and displays a screen purporting to be a warning message from the FBI or Police accusing you of downloading illegal music etc - and demanding that you pay a fee before your computer will be unlocked
Other variants of ransomware such as CryptoLocker encrypt all your personal files (documents, music, photos etc) so that you cannot open them and then demands a payment for decryption |
A firewall is traditionally a piece of software (sometimes a hardware equivalent would be used for businesses) installed on an end-user's PC which controls communications to and from the user's PC and is mainly used to prevent hackers and malware from gaining access to your computer |
Most software companies regularly release updates that either fix security flaws or make improvements to the software
You should always be very careful when installing any software or updates on your computer and only install those that you know are genuine
Microsoft regularly releases security updates and fixes for its products (Windows, Office, Internet Explorer etc) - these updates are delivered automatically through Windows Update - for more details on Windows Update and to make sure it is enabled and configured to automatically install updates read the section relating to the version of Windows you are using (Windows 7, Windows 8, Windows 10 or Windows 11)
Other products that regularly release important security fixes that you should always install are Adobe Reader, Java and Adobe Flash Player - more details on identifying these updates can be found here
And of course you should always keep your antivirus/firewall program updated regularly along with your internet browser (Firefox, Google Chrome, Opera and Safari) - Internet Explorer is kept updated using Windows Update as above
Regular updates are also released to keep devices such as your mobile phones and tablets secure, always ensure you device is on the latest software version |
Backing up your files is a very important part of maintaining a PC and can save a lot of hassle if ever the PC has a problem
Computers have a tendency to go wrong from time to time, these days total hard drive failure is rare but it does happen
One of the more common problems nowadays is the threat from viruses, with some of the more serious infections wiping your hard disk, encrypting your files so you cannot access them or infecting the master boot record of a hard drive's file system. Any of these could result in the data on the drive being lost (or at least making it very difficult and expensive to recover)
Operating system failure and bad software installation are other things that can cause problems when it comes to recovering files
How frequently you back up will depend on how often you use your PC and what you use it for
The average home user will probably just have to back up any important files as and when they are changed and do a full back-up once a week/month (depending on PC use, and how important your files are to you)
When PCs are used in a home office scenario then backing up should be done more frequently
For more information on how to backup your computer read my Data Backup guide |
It is very important that if you have any form of wireless network that it is secured correctly, as if not others could access both your internet connection and the contents of your computers from outside your house
The best way to secure your network is to use the built-in encryption features that most internet modems/routers include:-
Public Wi-FI Networks - if you connect to any public networks i.e. in a cafe, railway station, hotel etc, remember that these are not as secure as your wireless network at home, as a lot of people have access and they are prone to being hacked, so I would recommend you avoid doing tasks such as online banking or entering personal/banking details on any website |
Sites such as Facebook, Twitter, LinkedIn, Google +, Instagram etc are classed as social networking websites, and can be great fun for kids (and adults) to use for keeping in contact with friends and family, as can Chat Rooms and Instant Messaging programs such as Skype and Windows Live Messenger.
However they do also have a negative side and are sometimes used for bullying, scams, people trying to trick you and in extreme circumstances by predatory paedophiles, so both parents and children need to be aware of a few basic rules to keep themselves safe online
•ALWAYS use a nickname when joining a chat room or social networking website, NEVER give out your real name
•NEVER give out any personal information such as home address, what school you go to, mobile phone number etc - real friends will already know so won’t need to ask!
•NEVER arrange to meet up with someone you have met online
•ALWAYS enter your correct age when using these sites, if you lie and say you are older, you may get adults trying to contact you
•If possible always have the computer in a family room so that you can keep an eye on what the computer is being used for - most predators would realise if you have a webcam that other people are around and would stay away from your child
•Think carefully about what information you enter in your profile and remember to keep your profile private so only people you know can see it
•WATCH OUT for scams - Facebook especially is full of people and companies who are not what they seem, if you get a message about winning an iPhone/iPad or similar then most times this is not a genuine competition and by liking or sharing the page you are allowing them to access all the personal information stored in your profile
•A lot of the links and adverts that appear on sites like Facebook are not always safe and clicking them can take you to websites that try and get personal information from you or contain links to dodgy or virus infected websites - be very careful what you click on and what you share with others
Useful websites:-
www.ceop.police.uk - The Child Exploitation and Online Protection (CEOP) Centre is part of the UK police and is dedicated to protecting children from sexual abuse
www.thinkuknow.co.uk - Detailed advice for children and parents to stay safe online. It explains different terminology, explores some of the specific dangers that children could face and provides practical advice and guidance that should make the online experience safer for all
www.getsafeonline.org - This website is a one-stop-shop for reliable, up-to-date information about online safety, to give home users and small businesses the advice they need to use the Internet safely |
File Sharing websites and programs such as Limewire and BearShare (often called Torrents) use a system called P2P (Peer to Peer Networking), basically all the users share out files on the computer for other users around the world to download, the problem with this is that you don’t really know what you are downloading. Firstly it could be copyrighted material such as music, videos etc, it can also contain viruses or spyware that will then infect your computer and also sometimes what you think you are downloading may not be what you end up getting, some users have reported downloading files which then turn out to contain indecent pictures etc
Using the P2P Networking also opens up your computer so that other users can access your shared files, and also if they know what they are doing can then exploit this and access other personal files etc on your computer |
As reported in the news more and more lately identity theft is a big problem so be very careful where you enter personal information on the internet - in the past people have had their identities stolen just because they posted too much information about themselves on a social networking website; it doesn’t take much for a criminal to put a few pieces of information about you together to defraud you in some way
This also applies to other websites such as when buying online, if you have not used the company before make sure you know who you are dealing with, check contact details etc before ordering and it is also a good idea to type the companies name into a search engine like Google and see what information comes back on them, certainly if they are a dodgy company you will soon find other people warning you about them on the internet
Remember fraudsters need just three pieces of personal information to steal your identity, most of which can be found on your social media profiles
All it takes is your name, date of birth and address for fraudsters to be able to steal your identity and access your bank accounts, take out loans or take out mobile phones in your name
A high proportion of social media users risk identity theft by giving fraudsters easy access to this type of personal information, as they include their full name and date of birth on their profile pages
Even if you don’t publicly show your age on your Facebook profile, fraudsters can still work out your age from people wishing you well on your timeline. Once they have your date of birth, they can find out where you live too
Also remember that photos you post online also contain sensitive information, photos taken using a modern smartphone (and many digital cameras) embed GPS location information in them and using this information it is easy to work out where the photo was taken - so an innocent photo of you in your back garden can easily be used to work out your exact location
Fraudsters that get hold of this type of information can impersonate an individual, either by setting up accounts in their name or accessing existing accounts and stealing from them. The extent of damage can run to thousands of pounds worth of debt being racked up in your name
My advice is to be social savvy - avoid unnecessarily sharing personal details and risking your identity on platforms that can so easily be exploited |
Most version of Windows come with built in Parental Controls, this allows you to restrict your children from using certain websites, programs, limit the hours they can use the computer and also what games they can play
You can also log all activity to see what your children get up to on the Internet
More information on Family Safety can be found at the following website
account.microsoft.com/family/about
More details on how to configure Parental Controls / Family Safety can be found in the Reference Guide for your version of Windows (Windows 7, Windows 8, Windows 10 or Windows 11)
More useful advice for parents on keeping children safe online can be found here = http://www.internetmatters.org/ |
This issue is not so relevant nowadays as most users now use Broadband (ADSL) to connect to the internet - but if you are still one of the few who use dial-up internet then please be aware of this issue
A number of viruses have been known to change the number that your computer uses to dial the internet to a premium rate or international number. Your internet connection would still work as normal and the first you would know about this is when you receive an extremely high phone bill from BT (or your phone supplier)
To prevent this happening BT offer a free service to allow you to block all premium rate calls being made from your phone line so that even if you do get infected with a virus it cannot cost you money!, this service can also be extended with BT for a charge to include all international phone numbers as well
If you have changed from dial-up internet to Broadband then make sure you have properly disconnected your dial-up modem from the phone line |
Buying and selling on eBay can be great fun, but you do need to be very careful, auction scams account for a high percentage of online fraud reported
Follow these simple tips to make sure your eBay experience doesn't turn into a nightmare
•Always check the sellers feedback ratings carefully, read several comments from previous buyers - ideally you should only buy from someone who has a positive feedback rating over 95%
•Always pay using PayPal and make sure you use a credit card not a debit card
•Regularly change your eBay and PayPal password and make sure it is a secure password and not something that can easily be guessed
•Never give out your password to other people
•If you receive an email from PayPal or eBay never reply - these emails are often fake to try and get your details - instead log in to My eBay where any genuine messages will appear
•If the price is too good to be true then it is most likely a fake or misrepresented item
•If selling make sure the payment has cleared before sending the goods - if paid via PayPal then wait a couple of days to make sure the payment is not retracted or cancelled
•When sending goods only send them to the buyers verified address as it appears in PayPal |
Phishing email messages are designed to fool you into clicking links or giving out personal information which a hacker can then use to steal your identity or to access your bank or other personal accounts.
There are several different types of phishing emails:-
Spam - these are mass emails sent out to extremely large mailing lists and are usually irrelevant to the vast majority of recipients, for the hacker it is a very low cost / high return method. Examples would be emails stating you have won a prize or a gift card, or have a parcel which couldn't be delivered - they contains links which if clicked can download a virus to your computer which can collect personal information or encrypt your files and demand money from you, or will ask for personal information.
Deceptive - these are the most common type of phishing email which are sent out to a smaller group of people and target people with common interest such as being users of a specific site or service. These emails usually come with an urgent action such as stating your account will be locked out in x hours if you don't respond. The emails often appear to be from banks, credit card or utility companies asking you to update your account or similar - they contain a link which if clicked will take you to a spoof website that looks just like the normal website - and when you then try to login they will capture your username, password and other account details so that they can hack your account.
Spear Phishing - these are sent to specially crafted mailing lists or individuals. They are customized specifically for each recipient mentioning your name, company, phone number and other personal information to attempt to trick you into thinking the email is genuine.
Whaling (a.k.a. CEO Fraud) - a method used to target specific senior staff at a company such as sending an email to a secretary which appears to be from a manager asking them to urgently transfer money on behalf of a client or to make a payment.
Lures - these are becoming more common and are emails that are sent before a deceptive email is sent to try and trick you into thinking that the emails that come next may be genuine e.g. an email advising that you have a payment due in two weeks time, this email would contain no malware and just text and is designed simply to get this payment in your mind, then two weeks later you get a second email saying payment now due and this would then be the deceptive email containing a malicious link.
Double-barreled attacks - similar to above, the first email would contain a link to a genuine website for example to reset your password. Having gained your confidence the second email would then tell you that your recent password reset failed or you needed to reset it again due to a recent account issue or similar and contain a link to try again, but this time the link would be malicious and this time lead to malware or a spoofed website.
Homoglyphs - using shapes that appear identical or very similar to letters in URLs or email addresses so that at first glance they look genuine when in fact they are not e.g. www.pcαssist.co.uk instead of www.pcassist.co.uk - in this case the a in pcassist has been replaced with the greek letter α.
Always check for "red flags" in any emails you receive:-
•Incorrect wording/spelling/grammar •Has the email been sent at a time which is not consistent with the senders usual practices? •Has the email come from a different email address than the sender usually uses? •Incorrect links - hover (don't click!) the mouse over any links to see where they are going to take you, are they pointing to a completely different domain / website than you would expect? e.g. an email is from amazon.co.uk but the link leads to xydyf.co.uk •Has the email got a strange attachment you don't recognize?
Never click any links, open attachment or respond to these emails if you are unsure - your bank or any other company you deal with WILL NOT email you asking for personal or account information - if you are suspicious then contact the sender by another means e.g. phone or in person to verify the information. Always take the most cautious approach to email attachments, links or instructions!
Examples of recent phishing emails can be found here |
There are several different types of mobile phone phishing:-
Smishing - just like a phishing email a smishing text message / SMS message attempts to fool you into clicking on a link or to respond with personal information, often the message incites a sense of urgency such as your account is going to be locked or you have won a prize and you have to respond in x hours to claim.
Vishing - this is where criminals phone you posing as a company often financial services such as your bank, a service provider such as your mobile phone company, or a software or computer support company - this type of scam is covered in more details under telephone scams below.
Always check for "red flags" in any text messages you receive:-
•Incorrect wording/spelling/grammar in the message or senders name •A sense of urgency •Suspicious sender •Lack of phone number being displayed •Intriguing content trying to persuade you to click or reply •Incorrect links - press and hold on a link to see where they are going to take you, are they pointing to a completely different domain / website than you would expect? e.g. an email is from amazon.co.uk but the link leads to xydyf.co.uk
If you think a message is not genuine then before replying or clicking any links verify it is genuine by contacting the company concerned by another means such as the email address or phone number which appears on their website or paperwork you have, or via social media. DO NOT reply to the message and if still unsure then DELETE the message. |
Phishing emails (above) often link directly to phishing website - that is websites designed to look genuine but which are actually imitating the real website.
Look for the following clues:-
•Suspicious URL's - often names misspelt or changed slightly, the first example below is simply a misspelling of online, the second using two letter v's instead of a w for the word row - both can easily be missed if not checked carefully
•Different domain extensions - amazon.xyz instead of amazon.co.uk
•Using HTTP rather than the more secure HTTPS - this alone is not a guarantee that website is secure but is always something to check for - HTTP means any information you enter will be sent in plain text and can be intercepted easily, whereas HTTPS means it will be encrypted before it is sent making it much more secure
•Hover (don't click!) the mouse over any links on a website to see where they are going to take you, are they pointing to a completely different domain / website than you would expect? e.g. the website is amazon.co.uk but the link leads to xydyf.co.uk
•Shortened URL's - sometimes website links can be shortened so you can't easily see where the link is taking you e.g. https://tinyurl.com/abc124hz rather than https://www.pcassistonline.co.uk/helpandadvice |
You receive a phone call most often from an international or withheld phone number, but sometimes it can also even appear as a local number
They use various different names to identify themselves (such as Windows Technical Department, Windows Helpdesk, Microsoft Tech Support or Windows Service Centre) and nearly always say that they are working on behalf of Microsoft
My customers have encountered several different variations of this scam:-
1) They ask you to open a program on your computer called Event Viewer and then try to tell you that the errors and warnings that appear means your computer is unprotected or has a serious problem that needs fixing. What they tell you is incorrect, even a fully working computer has some errors and warnings shown here and this is quite normal and does NOT indicate you have a problem
2) They state that there is a problem with some software on your computer (often Microsoft Silverlight)
3) They tell you that Microsoft will cancel your Windows licence as your computer has been used by other people for illegal activity, they then proceed to give you a very long number which they say is your new Microsoft licence
4) They offer to help you upgrade your computer to Windows 10/11
With nearly all the variations of the scam they then ask to connect to your computer saying they will fix the problems for you - at this point they can access any personal information you have on your computer such as bank details, infect your system with viruses and lock your system so you cannot gain access - they then demand money to unlock your computer and to fix the problems
They are very persistent and several customers have reported getting multiple calls from them
DO NOT ALLOW THEM TO CONNECT TO YOUR COMPUTER OR GIVE THEM BANK/CREDIT CARD DETAILS - THIS IS A SCAM - MICROSOFT DO NOT CALL CUSTOMERS OFFERING SUPPORT
More information from Microsoft on this scam can be found here
If you get targeted by these criminals you can report it to ActionFraud by clicking here |
Browser toolbars are add-ons for your internet browser that add additional functionality
Some of these toolbars are useful such as Google toolbar or the toolbar installed with AVG which helps protect your security, BUT there are a lot of toolbars which are certainly not useful and in some cases quite dangerous to use - some collect personal data from your computer, some bombard you with advertising, and others even contain viruses which infect your PC and causes other issues
Be very careful which toolbars you install, and read carefully when installing any software as often you have to untick boxes during installation to stop these toolbars being installed
Install toolbars only if you really need them. Basically, any software installed on your PC and - in this case, launched every time you open your browser - is a security risk |
Online gaming, multi-player gaming or MMORPG is a very popular past time for children, and as much as it can be good fun it also comes with several risks that you need to be aware of
Whether it be games such as World of Warcraft or Minecraft played on a computer, or games such as Call of Duty or Battlefield played on a games console (XBox, Playstation and Wii) the same rules apply
•Think about where you locate the games console (or computer) so you can monitor and supervise what your children are doing
•Enable parental controls when you setup the console - instructions available for PS4, Xbox One and Wii U
•Set limits to how many hours a day you children can play on the console
•Check the games rating - this will indicate in the same way as a movie what age range it is suitable for - some games are not suitable for young children and will have a 16+ or 18+ rating - see here for more details
•Don’t give out any personal information that might identify you. This could be your full name, home address, phone number or the name of your school
•When creating an account for gaming online always use a nickname, never use your real name
•If the game you are playing allows the option to have an image of yourself, never use an actual picture - try and use an animated avatar image instead
•There has been cases in the news recently where terrorist groups have been trying to use online games to recruit youngsters - make sure you know who your kids are playing with and chatting too when gaming online
•Bullying is another big problem with online gaming - if you are being bullied then tell your parents and report it to the company that runs the online game - most of them have built in tools to report cyberbullying
•A lot of games allow the use of microphones, headsets and cameras so that you can talk to (and see) other players - be careful what you say and never give out any personal information |
Hackers and some viruses have been known to access your webcam without your knowledge, and use it to spy on your activity
I would therefore recommend that for a laptop you cover your camera when not in use - a small piece of electrical tape works well. And for a desktop either disconnect your camera when not in use, or cover it or point it towards the wall or floor so it cannot see into the room |
This is the term used when hackers use the charging stations at places such as train stations, airport lounges, hotels and cafes to hack your mobile devices.
They replace the existing charging cables with modified USB cables which can then be used to transfer data from your device or install malicious software (malware) on your device.
When using charging stations ALWAYS use your own charging cable.
Thankfully most modern devices often prevent juice jacking by only allowing a USB cable to charge a device when first plugged in and turning off file transfers and data access by default, but it is always better to be safe than sorry. |
Bluetooth file sharing can be used by criminals to deliver harmful files to your device, most devices will ask you to accept or decline a connection and the file if you receive one but it is still best just to ensure that you keep your bluetooth turned OFF when not needed, especially when using the device in public areas. |
As most of my existing customers will know, if you ever receive a suspicious email (or you visit a website) and you are not sure if it genuine or not then I am always happy for you to forward them on to me so I can check them out for you.
You can also report phishing emails, websites, SMS (text) messages and phone calls to the National Cyber Security Centre.
Emails: forward to report@phishing.gov.uk Text / SMS: forward to 7726 (or 87726 for Vodafone customers) Website: complete form here
More info: https://www.ncsc.gov.uk/collection/phishing-scams |
