Table Of ContentSTAY
SAFE
99 Tips
for Protecting
Yourself Online
BRAD ZUPP
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 1
SAFE: 99 Tips for Protecting Yourself Online
Every days seems to bring a new concern. A friend's social media account
hacked. The latest online scam. Do this, but don't do that. How can we protect
ourselves online, both in our business and personal lives?
Use these tips as a guide to stay safe. Start with the most pressing issues, do a
little every day or week, but take action! The small amount of effort is well
worth the feeling of peace of mind that comes from being safe online.
Brad's Four Essential Tips
Are 99 tips too overwhelming? Here are my top four "must-do" actions to start
with:
Remember secure passwords that are unique to each website. Use my in-depth
guidebook "The Hack-Proof Password System" to make it easy.
Get and use a Virtual Private Network (VPN).
Install antivirus software and double check that you it’s up to date and running.
Backup your computer daily.
Start with these tips, then pick the areas where you are most vulnerable and start
checking items off.
Section #1
Protect Yourself from Viruses and Malware
Confirm that you have up-to-date antivirus software installed on your desktop or
laptop computer, and that it’s turned on and working properly! Many operating
systems have a virus software pre-installed, but it may be out of date or not
turned on at all. Double check. Click on “Check for updates” (or something
similar). Make sure it’s enabled. Set it to conduct a full scan if one hasn’t been
done in a while (or ever). If your computer does not have anti-virus software,
download and install a reputable one immediately, then conduct a full scan -
the most complete one offered - even if it takes several hours.
Never download pirated software. It could easily contain a virus or malware. Use
reputable, legally-acquired software.
Beware when downloading free software online. Use a search engine to look up
the name of the software and quickly skim the results, looking for “malware,”
“virus,” “hijack” or other reports that the software contains more than you expect.
Beware that free software or the software that assists with the download may
ask your permission to change your default music player settings, default
homepage, search engine, etc. Read the download instructions carefully and
check or uncheck boxes as appropriate to maintain your system the way you
want.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 2
Don’t click on pop-up windows that say your computer is or may be infected
with a virus. Navigate to your installed anti-virus program and run a scan there
instead. The pop-up window may be attempting to harm your computer instead
of save it.
Install a reputable firewall on your computer. A firewall is a software or
hardware that helps block viruses, worms, and hackers that attempt to get to
your computer (via the internet). Note that your antivirus software may already
contain a firewall, but double check, and make sure it is turned on and
functioning.
Keep your operating system up to date. Consider turning on automatic updates
so you’re quickly protected when a patch is needed.
Keep your apps and software up to date by downloading updates when notified
or prompted, as they often contain the latest security updates and fixes. If you
have the automatic updates or notifications turned off, be sure to frequently
check for updates manually.
Be careful when you are asked to open an unexpected attachment in an email
or social media message, whether it’s from a stranger or from a company/person
you know. The attachment may contain a virus that infects your system. Always
send an email or call to confirm that the sender meant for you to receive the
attachment before opening it.
Also be wary of unexpected links in social media or email. Don’t click on them
without confirming from the sender that they are safe, as they could direct you
to dangerous websites that have viruses. Instead of clicking on a link, go to your
browser and type in the company’s website address or search for it using a
search engine.
Avoid attaching memory sticks (“flash memory”), external hard drives, or mp3
players as they are a common way to infect systems with viruses. Know the
source of the device before attaching it. If possible, scan every device attached
immediately with your anti-virus software.
CDs and DVDs can also contain viruses. Know the source and avoid inserting
anything into your system that is suspect.
Never open an unexpected file sent to you from someone you know over
Dropbox or other file sharing/delivery companies. Confirm with them directly
that the file share was intended and that they don’t have a virus or have been
hacked. Treat any file from an unknown or suspect source with suspicion and
don’t click on it until you have independently confirmed what it is and why it
was sent. Don’t necessarily believe it’s fine just because you speak with
someone, either. That could be part of the attempt to hijack your system.
Consider doing a search for the file name or part of the message included with
it. If the scam is being attempted on others, it may appear in the search results
as a known issue.
Change your macro security settings in Excel, Word, and other Microsoft Office
programs. Depending on the version, you may be able to change your settings
to control whether macros run or not, keeping you safer.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 3
Completely uninstall your antivirus software before (immediately) installing your
new one. Also, conduct one final scan with your old software before installing
the new one.
If you can live without it, disable Adobe Flash. Hackers frequently attempt to
use Adobe Flash to get into systems. If it’s difficult to disable it, consider setting
your browser or system to enable it only when you allow it.
Don’t open an e-card from a stranger, and double check with known senders to
verify they meant to send it. They may have been hacked and their computer is
unknowingly sending links to viruses disguised as e-cards (or other links).
Section #2
Avoid Scams
Never divulge personal, account, or password information via email or by
clicking on a link in an email, test, or instant message. Reputable companies are
aware of the prevalence of online scams, so they never ask for personal
information via email. Only share confidential information when you initiate the
conversation by calling the company or typing in their website address directly
into your browser (or by looking it up in a search).
Be very suspicious of any request for information by someone calling your
phone. Never confirm the last four digits of your credit card number, social
security number, PIN, mother’s maiden name, etc. in a call you receive. Politely
decline, ask for the company name, a contact phone number, and a reference
number. All reputable companies will understand and appreciate your concern
for security and promptly give you the information. Instead of calling the
number, look up the company online or on your billing statement and call the
number you find instead.
Aggressive phone callers who attempts to ‘strong-arm’ you into giving your
information should be viewed with great skepticism. Don’t engage them: just
hang up.
For those in the United States, the Internal Revenue Service does not ever call
you to inform you of an unpaid balance or other problems. They always send a
letter. Anyone suggesting they are from the IRS is more than likely trying to
scam you.
Microsoft, Apple, Google, and other companies do not call you to inform you
that your computer has been detected as having a problem or being infected
with a virus that they need to repair over the internet. Thank them for the
notice, get a name, phone number and reference number, then hang up and
conduct an internet search for the company contact information. If you’re still
wondering if it’s a scam or not, contact the company directly and ask for help.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 4
Be suspicious about online sweepstakes and contests. Search online to see if
anyone has complained or been a victim of a scam from the one you are
considering. Type in the name of the company directly to go to their website for
reputable sweepstakes, as hackers may attempt to use the name of legitimate
sweepstakes to draw people to a fake website that looks similar to the
legitimate one in an attempt to get user information or infect computers.
Do thorough background checks and online searches about any work at home
opportunity. This is another way scammers and hackers snare unsuspecting
people. Don’t hesitate to pick up the phone and call companies, either.
Legitimate companies who are interested in hiring at-home workers will be
willing to discuss what they offer and require.
If you are careful yet still are scammed, be sure to report it to the proper
authorities or the company whose website or email was spoofed.
Don’t use the first result in a search engine. Take a few extra seconds to look for
the official website of the company or organization. Scan the page for others
who may have reported on a scam or had complaints.
Don’t register on a job search website without careful research to ensure the
company is reputable. It should also have a physical address and contact
information, including a customer service number. Call the number to double
check it is accurate, functioning, and legitimate.
Whether you use an email account via Yahoo, Gmail, etc. or have your own
domain, enable spam filtering to allow the email provider to filter out many (but
not all!) of known viruses and scams.
If you receive an email (or instant message, phone call, etc.) that is suspicious,
type in a small portion of the email into a search engine. You will likely find
reports of others who have had the same suspicions and what they discovered.
Some internet security vendors list common scams and emails that accompany
them on their websites as a warning.
Bill Gates is not giving away his money to Windows users, or to people who
circulate a petition, or who share an email or post. Posting a specific legal
disclaimer to your favorite social media site will not override the site’s Terms
and Conditions that you agreed to. No one wants to send you a certified bank
draft. Your friend is not stuck in a foreign country without his or her phone and
does not need you to wire them money. (I guess this depends on who you have
as friends. With some of mine, this is possible, or even probable.) In fact, if
anyone asks you to wire them money, it’s probably a scam unless you know
them very well and speak with them directly.
Section #3
Protect Your Privacy
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 5
If you live in an area where mail theft is a problem, avoid using your physical
mailbox. Consider enrolling in electronic billing and statements, use direct
deposit for your banking, and pay your bills online.
Cover the camera of your webcam with a piece of tape or sticky note until you
decide to use it. Hackers may be able to access your device without your
knowledge.
Do not share intimate photos online or do anything along those lines with
strangers or with anyone you don’t trust completely. The images could be easily
shared with others without your knowledge. It’s also possible a person you trust
could fall victim to a virus, have their computer stolen, or otherwise have it
accessed and your images or files taken without their knowledge.
For online dating, select a service that allows anonymous emails using the
service’s system to hide your true email address until you decide to share it
directly.
While dating online, use an email account that is different from your usual
account. Set up a new account with Yahoo, Gmail, etc. Create an email address
that does not use your name; use OutdoorGuy, HappyLady, or something equally
anonymous until you know your prospective dates well.
Do not use your work address for non-work activity (even if you’re self
employed). Set up a different account as above.
Avoid having your email address displayed online at places you volunteer, your
kids’ school, in newsletters for various groups, etc.
Avoid using your real name online where possible. When signing up for
newsletters, downloading interesting free content, or mailing lists, designate a
name you use only for this that will provide a reminder that the email is from
someone who doesn’t actually know you. Instead of “Brad” I often use “Bradford”
or even “Brian.”
Section #4
Protect Yourself While Searching Online
Not all information that is on the internet is reliable, even if you find it by
conducting a search. Scroll down and even delve a few pages into the search to
see if there are other links that indicate inaccurate news stories or information.
Search results are often paid for by companies to promote their services and
products. Search results may be biased towards these companies that pay the
search engines to place certain results higher. These results are usually found at
the top of the screen and may have the words “Sponsored Results” or
“Advertisement” near them - though this may be small and hard to see. While
these results shouldn’t necessarily be disregarded, it’s important to keep in
mind that they are sponsored and proceed accordingly.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 6
Conduct sensitive searches using a different search engine such as
DuckDuckGo, which is a search engine that does not track personal results.
Conduct any sensitive searches or browsing using a Virtual Private Network
(VPN). A reputable VPN (whether free or a paid service) hides your browsing
history from your Internet Service Provider (Verizon, Spectrum, etc: the phone,
cable or satellite company that provides your connection to the internet). A VPN
also helps prevent hacking and is an absolute must for privacy online.
Section #5
Protecting Your Email Accounts
As noted in The Hack-Proof Password System, set up your account recovery
information. If you try your best but still forget your password or otherwise need
to recover your email account, you must have your recovery information set up
with Gmail, Yahoo, or whatever company handles your email.
Also as noted in the book, enable two-factor authentication for your email
account and other essential online accounts to add an extra layer of protection.
Stay aware of any news of data breaches and change your password to any
hacked system as soon as you hear about the data breach, even if you follow my
advice and have a unique password for every website.
As with online dating above, use a separate, anonymous email address that does
not contain your name for websites that require registration that you may not
frequent or want to remain connected with.
If you send an email to multiple people, remember that everyone listed in the
“To:” section can see who else received the email.
To send an email to multiple people without sharing everyone’s email address
with all recipients, use the “BCC:” line (Blind Copy).
Remember that if you “Reply All”, everyone who received the initial email will
also see what you type. When replying to a group, think twice about who needs
to see the email. It may be better to reply to a few people specifically by using
the “Forward” button and typing their names in, or Reply All but deleting those
who don’t need to see the email.
Some email providers offer a tool that allows you to “unsend” an email if you
accidentally send it before you intended. The time allowed may be short, such
as up to 30 seconds, but it may be enough time to realize you forgot to add the
attachment you mentioned or replied to all when you meant to only reply to a
few people. Enable this feature if it’s available.
Do not share login information with others, even employees, freelancers, family
members, close friends, or co-workers. If absolutely necessary to share an
account, set up a new email address that is specifically for sharing.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 7
Section #6
Protect Your Data
Backup your data using an online system such as Carbonite, IDrive, SOS Online
Backup, or another service, some of which are free or very low cost.
Also invest in an external hard drive or flash drive to backup your essential files
locally (at home or office).
Seriously, backup your data! Your backups must be done frequently - at least
daily.
Have you setup your automatic backup yet? Go take care of it. I’ve had three
hard drive failures over the past several years. Knowing my data is safe is a huge
relief.
If you have any work or personal sensitive data on your computer, including
client information or personal financial information, consider encrypting your
hard drive. There are several options for doing this depending on what system
you use. Make sure you remember your password using the techniques in The
Hack-Proof Password System, but also write down this password and store it in a
fire-proof safe or in a safe deposit box in case of a situation where you are
incapacitated and your co-workers or loved ones need access to your computer.
Section #7
Protect Your Online Banking and Shopping
Review every bank and credit card statement, every month, for fraudulent
charges. Report anything of concern immediately, even if you merely have a
question: they’ll help you figure it out.
Consider having one credit card used specifically for online or phone-based
purchases to make it easier to keep track of potential problems.
Use two different web browsers: one for everyday web surfing, the other for
banking and other financial transactions.
Prevent access to or knowledge of your online financial sites. Do not allow your
browser or computer to save your login details for any financial site (banking,
investing, etc.) or shopping site. Memorize your passwords instead. Also, do not
bookmark your financial sites. Use an anonymous (or incognito) browser session
for online shopping or other financial transactions, so your browsing history is
not saved.
For secure online shopping, be sure the website has the small padlock icon next
to the website address in your browser window.
If a website directs your pay using a third-party payment service, be sure it is
reputable.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 8
Be sure you log out of secure websites when you are finished. Merely closing the
browser window may not log you out, which would allow someone else to log in
if they gain access to your computer.
Section #8
Protect Yourself on Public Computers, In
Public Places, and At Work
Never, ever enter or submit sensitive or private information over public WiFi, like
at a coffee shop or hotel.
Only use public Wifi with a secure Virtual Private Network. Make sure the VPN is
turned on and functioning first.
Double check your computer’s setting to make sure your hard drive isn’t shared
on public networks. Hackers could access your hard drive while you are in a
coffee shop, hotel, hospital, etc.
Do not leave your laptop unattended. If you need to use the restroom or get up
to make a purchase, take your laptop with you, even if it’s just for a few seconds.
It takes next to no time for someone to walk past your seat and pick up your
computer as they leave.
Be aware of who is nearby and might be able to see your screen while using
your device. Never enter personal or sensitive information where people may be
able to see your screen. Keep in mind that even people quite far away could see
your screen and capture what you enter.
If possible, check the safety of public computers using a trusted web-based
program to detect any spyware.
If at all possible, never use a public computer to enter sensitive information. If
that’s not possible, use an incognito window which you close as soon as you
have logged out of the websites you visited.
If you have used a public computer to access email or any other site you had to
log in to, change your password when you get home. Public computers may
contain spyware that captured what you typed, or people nearby may have seen
your login information.
Check the computer in a public setting or work environment for any devices
that are plugged into the system, especially USB drives or anything attached to
the keyboard cable. They may be used to capture what you have typed in,
including passwords.
Keep in mind that incognito mode may prevent the computer from keeping
track of the websites you visit and things you type, but it does not keep it
private from the company that hooks up the computer to the internet.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
STAY SAFE: 99 TIPS FOR PROTECTING YOURSELF ONLINE 9
Section #9
Stay Safe and Smart With Social Media and
Gaming
Never accept strangers as friends or into your instant message group.
Make sure your antivirus and security software still protects you while you are in
‘gaming mode.’
What is said online, stays online. Avoid tweeting, sharing photos, or entering
updates on social media while tired, angry, frustrated, or if you’ve been drinking
alcohol.
Check the privacy settings of all your social media sites to make sure you are
sharing only with the people you choose.
Learn the difference between public and private sharing, and learn how to use
each. Don’t make the mistake of guessing or hoping that a message will be
private - it may not be. Take a few minutes to educate yourself so you can be
sure.
Do not announce on social media when you will be away from home or are
traveling unless you have your home securely protected or have a home sitter.
Also, do not share updates or pictures while you are traveling; wait until you
return home.
Be suspicious if a friend on social media sends you a private message requesting
anything unusual, especially a request to send money, provide personal or
sensitive information, or click on a link that is unexpected or out of place. If you
have concerns, contact them via phone or text to confirm it is really them.
If something seems too good to be true, it usually is, especially financially. Don’t
fall for scams that offer money, a refund, prize money, etc. in exchange for
paying the tax or delivery charges. Do a search first or ask friends and family
offline what they think, even if you are told to keep the information in strict
confidence or secret. (That alone is a red flag!)
Do not respond in any way to blackmail threats. Contact your local authorities
immediately.
Inform your local authorities immediately if you see any online threats of
violence, even if you assume it is a prank or joke. Allow the authorities to decide
what is a true threat. For urgent issues, call your emergency number. For less
urgent concerns, contact the non-emergency number of your local authorities.
Don’t believe everything you read. Some people lie, exaggerate, or ‘stir up
trouble’ both in real life and online. Others are simply poorly informed.
Use Snopes.com or other fact checking before sharing anything that seems too
good to be true or goes against common sense, no matter how much you want
to believe it.
Be nice.
© BRAD ZUPP 2017
WWW.BRADZUPP.COM
