Six steps to staying safe online and securing your devices

Six steps to staying safe online and securing your devices

After all the stories about the latest malware attacks, I wanted to post a collection of tips that should help you and others on your network (home or work) with six steps to staying safe online and securing your devices against malicious threats. It’s quite simple really and if you follow these rules then you won’t become a victim. 1. Patching Keep your operating system and software patched to the highest level and do so as soon as you can after the patch has been released. If your operating system supports automatic updates then use it. If not, set yourself a reminder to check periodically. The same applies to software.

Steps to securing your Apache web server on Ubuntu

Steps to securing your Apache web server on Ubuntu

This article goes through some of the things you can do to protect your web server from certain types of attacks and to keep the disclosure of information down to a minimum. It will show you how to help prevent clickjacking, SSL cipher or mime-based attacks. It will show you how to avoid error messages and other methods giving away more information than is needed. These can mostly be prevented at a server level so that they apply to all websites that you publish on the server. A brief description of what is being prevented and the resolution is included with each of the step by step examples. The examples

Advice to help avoid becoming an email scam victim

Advice to help avoid becoming an email scam victim

During 2014, I wrote several times about scam emails and that advice still applies today at the start of 2016. Scammers are finding new ways to con you each day but they also keep trying the old ways too as people are still falling for it. In this short article I reiterate that advice in the three main areas of email scams covering attachments, links and cons. In brief the way you can stay safe from nearly all of scams is to never click on any links and never open any attachments, regardless of how authentic they look. Email attachments Do not open any attachments unless you requested them or

Final update on email scams in 2014

Final update on email scams in 2014

I have decided today to close off the special report on email scams in 2014. It has been going for nearly 6 months and most of the scam emails I receive have already been captured on that page. It is time to now switch on my anti-spam software and junk mail filter at the mail server so that I won’t get so many in my mailbox. I created the report to catalogue the different ways that scammers try to catch you out either to click a link to a dodgy website or open a virus attachment. More recently I also included other types of scam emails that were after the

Taking action against unwanted telephone callers

Taking action against unwanted telephone callers

I gets lots of spam/phishing emails but also an increasing number of unsolicited telephone calls until I took some action. These calls range from legitimate companies cold calling to illegitimate scammers trying to trick me into divulging information or buying something that I don’t need. Basically, I have never bought anything from anyone that has cold called me. Even if I took a call and was interested in, “double glazing”, “home security” or whatever else they are selling, I will always make a point to never buy from a cold call. So whatever I buy, I research myself online including looking at customer reviews or by asking friends opinions and

An update on email scams with recent examples

An update on email scams with recent examples

During the last couple of months, I’ve been collecting all the scam emails that I’ve been receiving and publishing them on a separate page. Just recently scam email activity has risen quite steeply so I thought I would give a short reminder here about my “Special report showing examples of email scams in 2014” page. The page was getting quite long as I was just listing them as they came in so they were in order of the date received with the newest at the top. I didn’t want to keep repeating the same scams (some of which I would receive 10 or more times a month) and it was

What you need to know about the heartbleed bug

What you need to know about the heartbleed bug

You will no doubt have heard about the Heartbleed bug and here I’ll give you a quick idea of what it is and any action you need to take. For full details you can visit the Heartbleed website. So what is it? Heartbleed affects secure websites and other secure communication channels but for simplicity I’ll describe what happens on a website. Normally, you visit a website via HTTP (hypertext transfer protocol) and the traffic is not encrypted so anyone that interrupts that communication can see the data transferred. Websites that require a login or those that use forms that may request sensitive information (credit card details, personal information, etc…) tend

Stop the scammers by raising awareness with email scam examples

Stop the scammers by raising awareness with email scam examples

I get a lot of phishing emails and I would like to make everyone aware of them whenever they arrive. However, it’s impractical to make a posting every day that I receive them as that is every single day so I thought I would introduce a new page where I can keep adding the new email scams. I can’t actually remember a day when at least one scam comes through my various mailboxes but I’ll only show them the first time they hit my mailbox (it would be a very long page if I listed all the duplicates). The reason I want to flag them up is because I don’t

How to avoid becoming a remote social engineering victim

How to avoid becoming a remote social engineering victim

For a while now, I’ve been meaning to write something about the remote social engineering threat that we all face and here I’ve attempted to explain what social engineering is, how to detect it and some preventative measure that you can take so that you or your company are not taken in. Social engineering is where malicious people attempt to manipulate others into divulging information which they can then use to perform an attack. They will use technology so they can perform these social engineering attacks remotely such as by phone, email, social media, instant messaging and even from search engine results. Companies or individuals can become the target so

Stop the scammers: email rules to live by

Stop the scammers: email rules to live by

I have quite a few email accounts and some of my email addresses appear on internet pages so it’s no wonder I get a lot of scam emails. I follow these simple rules when deciding if an email is a scam. I never rely on my anti-virus software. I do have two of the top internet security suites (not on the same machine) and whilst they capture most things, they can only detect the virus signatures they know about. New viruses (and I include all types such as trojans or worms) are invented every day. Some are variations of existing ones so they might get picked up but others are