Share This with your friends and contacts. Help THEM to stay safe:

How to protect yourself, keep yourself safe online and tighten security.

keep safe online

You usually get infected because your security settings are too low or you blindly click yes to everything. This article will show you How to protect yourself, keep yourself safe online and tighten security.
If you are reading this article as part of a post-infection clear-up, then please be aware that several anti-malware tools that are commonly used by helpers on online help forums reset various windows settings to the default that windows came with. These aren’t always the safest option, but are the default windows options. If you follow the advice below, especially setting “show known file types” you will be much safer and you will have taken the first steps to keep yourself safe online, protect yourself and tighten security.
    Here are a number of recommendations that will help to protect yourself and tighten security and which will contribute to making you a less likely victim:
  • Watch what you download! Many freeware programs and P2P programs are amongst the most notorious, coming with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.
    There is no such thing as a free lunch and many “free” programs on the net contain adware or spyware.
    Read carefully the EULA before installing anything and if it says “Supported by Advertising” or similar wording be very wary and expect problems and pops ups etc.
    Be careful what add-ons, toolbars and extensions you install in your browser. Very few of them are needed, useful or safe. All the majority of these add-ons will do is slow down browsing and cause unwanted adverts and pop ups on your computer.
    Be extremely careful when downloading from software sites. A high number of these sites use their own “download manager” which stealthily installs so called “optional” programs that cause pop ups, adverts and search diverts, unless you are scrupulous about watching what it does, and carefully uncheck every thing it offers, apart from the program that you actually want.
  • Once a file has been downloaded then scan it with your antivirus, BEFORE opening it  As a double check I recommend scanning it at: Kaspersky Application Advisor  which will give a recommendation based on other user input and what the file appears to do. If it is safe then it will say so. Unknown files are automatically given a caution rating and bad files are marked with a red Warning.
  • Set your folder options to “show known file types“. The default for windows is to hide known file types and that way, when you receive an email saying open this picture or read this important document, you don’t see the .exe  at the end. Once you set known file types to show, it is much less likely that you will accidentally click on a malware file & open it, thinking that it is a picture from a friend or a document that you are expecting. This shows you how to set it for Windows
  • Watch out for sites that insist you need a special codec to watch the video or listen to music on the site. 99% of the time they are trying to install malware. If you already have Windows Media player, Flash, Quick time or Real player installed, there should never be any need to install a special player or codec from the site.
  • Phishing and Identity theft: Be very wary of links in emails allegedly coming from your Bank, Building Society, Insurance Company, PayPal, etc. Hover your mouse over the link to see whether it is the correct Bank website etc. If the address showing in the hovered link isn’t the same as the address it says it is, then don’t click on it. Go to your bank’s website via a known good link.  If you do happen to  accidentally click on a suspicious link, don’t panic, but simply close the browser window and definitely don’t enter any information in the site. PayPal, Banks, Credit card companies, Gas, Electric, Telephone, Your ISP etc. NEVER send html form attachments in an email, telling you to fill in the form and submit it. Just delete any email with an HTML form attachment and don’t even think about filling it in. We all get very blasé about phishing and think we know so much that we will never fall for a phishing attempt. Don’t assume that all attempts are obvious. Watch for any site that invites you to enter ANY personal or financial information. It might be an email that says “you have won a prize” or “sign up to this website for discounts, prizes and special offers”
  • Malicious Email attachments: Be very careful with email attachments.
    The basic rule is NEVER open any attachment to an email, unless you are expecting it. Now that is very easy to say but quite hard to put into practice, because we all get emails with files attached to them. Our friends and family  love to send us pictures of them doing silly things, or even cute pictures of the children or pets.
    Never just blindly click on the file in your email program. Always save the file to your downloads folder, so you can check it first. Most ( if not all) malicious files that are attached to emails will have a faked extension. That is the 3 letters at the end of the file name. Unfortunately windows by default hides the file extensions so you need to Set your folder options to “show known file types. Then when you unzip the zip file that is supposed to contain the pictures of “Sally’s dog catching a ball” or a report in word document format that work has sent you to finish working on at the weekend,  you can easily see if it is a picture or document & not a malicious program. If you see .JS or .EXE or .COM or .PIF or .SCR or .HTA .vbs, .wsf , .jse  .jar at the end of the file name DO NOT click on it or try to open it, it will infect you.
    While the malicious program is inside the zip file, it cannot harm you or automatically run. When it is just sitting unzipped in your downloads folder it won’t infect you, provided you don’t click it to run it. Just delete the zip and any extracted file and everything will be OK. You can always run a scan with your antivirus to be sure. 
  • Smart Screen Filter:  Keeping it turned on at all times will protect yourself and tighten security a lot.  If you are using   Windows 7, then Internet Explorer 11 has an inbuilt smart filter that scans all websites that you visit and all web based downloads. It will alert you and block access to known infected websites and unknown or malicious executable files that you are attempting to download. It won’t block Zip or Rar files.
    Obviously smart filter only works if you use Internet explorer as your browser and not if you use Firefox or Chrome.
    If you are using Windows 8.1 or Windows 10, then you are much better protected, because smart filter is inbuilt to windows and scans/checks and blocks ( if needed) any file you download or open on your computer. This way it works on all browsers and any files received by email as well as web scanning.
    Other browsers have similar protection that should always be left turned on:
    Chrome has  “Enable phishing and malware protection”
    Firefox has the “Block reported web forgeries and block reported attack sites”
    See HERE for how to check that they are turned on.
  • Facebook, Google+, Twitter and other Social Networking sites:  are-you-safeDon’t get carried away with what you post on these sites and remember that a lot of what you post will be public and it is rather like walking down the local High Street and shouting out to everyone in earshot, everything that happened last night, your name & address and phone number and where you hide the spare keys to your front door.
    Never post when you are going away or that the house will be empty overnight. A lot of thieves, fraudsters and other criminals, hang around and monitor Social Networking sites and use the information they gain from them to do lots of nasty things to you.
    Also remember what you post  can be read by all your friends and often your boss. Don’t let something you wrote when you had a few drinks or you were in a silly or bad mood, come back and bite you, a few weeks, months or years later.  Read more….
  • Keep Windows and programs up to date.
    • Windows Update and Internet Explorer. Go to IE > Tools > Windows Update > or use Start > Programs> Windows Update ( select Custom) and install ALL Critical and Security Updates listed. It’s extremely important to always keep current with the latest security fixes from Microsoft. Install ALL those patches. Internet Explorer older versions  are not supported or recommended and you are strongly advised to immediately update   (IE9 for Vista and  IE11 for Windows 7, Windows 8 and Windows 8.1) .From 12th January 2016, there will be no further security or functional updates for any version of Internet Explorer below IE11 ( except IE9 on Vista only ). You must update your Internet Explorer version to the latest version Immediately. Windows 8 RTM also ends support on that date and you must update to W8.1 to get updates and stay safe.It doesn’t matter if you normally  use an alternative browser such as Firefox, Safari or Google Chrome. Just having older versions of Internet Explorer, which are vulnerable to so many exploits, installed on your computer is enough to allow malware & exploits on to your computer with no action on your part. Microsoft now issue security updates on the second Tuesday of every month and non security updates on 4th Tuesday. Make sure you do a windows update as soon as you can after 6pm UK time or 1pm US Eastern time to get the latest updates on those days.
    • Oracle Java
      I do not recommend that you have Java installed at all unless you absolutely need it. The amount of malware infections that occur due to Java vulnerabilities is so high nowadays. The vast majority of users get by very well without Java but If you do need it then:
      Oracle Java gets regularly updated so make sure you update that regularly and Uninstall any previous versions once you have updated. NOTE: the Java updater does not always remove the previous vulnerable versions
    • Please follow these steps to remove older version Java components and update.
      Updating Java:
      • Download the latest version of Java Runtime Environment (JRE)
      • Scroll down to where it says “Java Platform, Standard Edition”.
      • Look in the right hand box that says “JRE”  Click the  BLUE “Download” button
      • That takes you to the list of latest list of Java SE Runtime Environment  Downloads with selections for every type of operating system
      • Check the box that says: “Accept License Agreement”.
      • Click on the link to download the appropriate  Windows Offline Installation and save to your desktop.
      • Close any programs you may have running – especially your web browser.
      • Go to Start >Control Panel double-click on Add/Remove programs and remove all older versions of Java.
      • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
      • Click the Remove or Change/Remove button.
      • Repeat as many times as necessary to remove each Java versions.
      • Reboot your computer once all Java components are removed.
      • Then from your desktop double-click on the download to install the newest version.
      • However the much easier and less confusing way is to go to and press the red “Free Java Download” button.
    • Adobe Flash, Acrobat Reader etc Keep Adobe reader and flash updated. One of the most common avenues of infection is out dated and vulnerable versions of these 2 products. If you are using Windows 8.1 and Windows 10 then flash is inbuilt and will automatically update for Internet Explorer. You will still need to use the flash updater to keep Firefox updated. Chrome automatically updates Flash. Check whether you have the latest version of flash player HERE . Read HERE for how to set your PDF reader to open all PDF files in the PDF reader itself and not in your browser for safety reasons.
  • Always use a standard or limited user account for day to day computer use, especially for internet use. This applies mostly to Windows 7 , Windows 8.1 and Windows 10 or Vista, because many programs running on XP don’t work properly unless run on an admin account. but try and see if you can work on a limited user account on XP. On W7 and Vista set UAC to highest level and always password the admin account.  On Windows 8.1 or W10 only have UAC on the middle level. When a program or person tries to alter settings or add something new, then you get an alert and you cannot continue until you either allow it by typing the admin password or refuse it by pressing NO. This ONE thing will stop 99.9% of malware and unwanted programs installing. Read THIS LINK for full details about UAC
  • Internet Options – ActiveX controls and Plug-ins. Go to Internet Options/Security/Internet, press ‘default level’, then OK. Now press “Custom Level.” Set the following options as described here: Setting the Internet Zone for Additional Security . Sites that you know for sure are above suspicion like online banking and other secure sites only can be moved to the Trusted Zone in Internet Option/security.
    Never put sites like Facebook, Myspace, MSN or any other similar type social networking site in the trusted sites zone.
    Q. So why is ActiveX so dangerous that you have to increase the security for it?
    A. When your browser runs an activex control, it is running an executable program. It’s no different from double clicking an exe file on your hard drive. Would you run just any random file downloaded off a web site without knowing what it is and what it does?


  • Install a good Antivirus and firewall. I recommend  Kaspersky , Eset Smart Security , Emsisoft AntiMalware   for a paid for antivirus and for a free one: Microsoft Security Essentials (for Windows 7 only) Windows 8.1 and Windows 10 has inbuilt protection called Windows Defender
  • Install a good Antispyware with realtime protection. I recommend 2 programs as having good real time protection as well as good cleaning capabilities SuperAntispyware or MalwareBytes Anti-malware
  • Backup, Backup and Backup In the event of you being infected or becoming a victim of a bad or failed program or Windows update, the best, easiest , safest and quickest way to recover is to have a complete current image backup. I use and recommend  and use ACRONIS TRUE IMAGE . I use an external hard drive WD My Book 3 TB USB 3.0 Hard Drive with Backup and do a daily incremental backup using Acronis True Image  and also have the non stop file backup running, which immediately backs up all my documents and images etc ( in fact I have it set to backup any new or changed files in MY documents, My photos, My Videos and My recorded TV and my Downloads folder. That way the most that can happen is that I lose about 1 hour of work at the most or the last hour of emails.
  • Passwords: If you have been infected then be aware that almost all modern malware/spyware is designed to steal  your private information. That includes all passwords, log ins to forums & other websites and most of all your Bank, Credit card or PayPal details. It is vital that after you have been cleaned up you change all your passwords and in many occasions it is necessary to get in touch with your Bank or other financial body to inform them that your details may ( probably have ) been stolen
  • One of the easiest ways to  protect yourself and tighten security is Never, EVER use the same password on different sites. Always use  a different password for each site you log in to. Don’t use simple passwords, like your name,  Your Husband’s/Wife’s, your Boyfriend’s/Girlfriend’s, Your Dog’s or Cat’s name. Always use a strong password with a mixture of letters and numbers and different characters. Something like jenny, Rover, 12345, 54321, password, login or similar words are absolutely useless. You need something like TsfE£%9& to stop them being guessed
  • I strongly recommend using ROBOFORM to keep & create safe secure passwords


Make sure your Antivirus and Firewall is switched on and kept updated and do not allow unknown programs or processes to access the net or your computer, always block and ask for advice

If you have followed the advice in this article then you will have learnt how to protect yourself and tighten security and hopefully be less likely to get infected in the future


Share This with your friends and contacts. Help THEM to stay safe:


How to protect yourself and tighten security — 85 Comments

  1. I think most people are concerned about a government that violates freedom of speech and wishes to intimidate free speech. Here is a first pass at a way to increase your security. step1: get a VPN (virtual Private Network) setup. Look up VPN on the web and choose a VPN that has high security and a location that is more secure than one near you. Choose “OpenVPN” and the highest level of encryption available. Do a little research on the web about virtual private network security. Once you have a VPN account everything from the VPN server back to you is encrypted. If you set up your account properly, at least this can make it hard for someone to determine who you are if you don’t give them that information. If you want a higher level of security, you need the person you want to communicate with to also have a VPN account on the same VPN service that you have. If you do that, the whole transaction is encrypted.
    2) For communications on forums like this one you need a Facebook or a Google account. They, in turn, require your “old” email address. That means it is possible to find out your real account name and all the details of your account and past history. You can beat this problem by opening an email account with an outfit that does not require an “old” email address. Then go to Google and set up a new google email account and use your “old” sendic account as the “old” account. Furnish false information about your date of birth etc., to Google. The Google verifier sends an email to your old account and verifies that you exist. Next your google account is up and running and you can send posts such as this one with little chance of it coming back to you like a rotten egg on an egg MacMuffin!

  2. I very stupidly clicked on the attachment on my iPhone before I got suspicious and read all your advice.
    Nothing really happened, but a blank page opened up.
    Will I be infected on my iPhone?

  3. Hi,
    I got to work and opened my email and noticed this email from them. I always google the name of any new company that I am not familiar with before I open any of their emails. Sure enough one of the google search result came up as being spam. I did what I always do. “DELETE”
    Thank you for keeping us informed

  4. I just received this email and stupidly opened it and it downloaded the attachment. This was a blank page when opened. I deleted it and have run a McAfee scan which didn’t come up with anything. I run windows 7. Have I managed to infect my computer?

  5. Pingback:DO-NOT-REPLY Datasharp UK Ltd – Monthly Invoice & Report – Word doc malware - Area-6 - Security and Code Snippets ༼ຈل͜ຈ༽

  6. Pingback:Email from Transport for London - word doc or excel xls spreadsheet malware

  7. I received this email twice. I felt uncomfortable because I had been in all day and I assumed a lazy driver! But because I was expecting a bunch of purchases from various sources I opened the attachment in Word 2008 on my iMac only to find a blank document. Stable door! I then found your posting. Thank you very much indeed. What do you recommend?

  8. Pingback:Tracey Smith AquAid Card Receipt – Word doc malware | My Online Security

  9. Pingback:Your Adler Invoice No. UK 314470279 IN – Word doc malware | My Online Security

  10. Pingback:Scanned image from MX-2600N – word doc macro malware | My Online Security

  11. Pingback:NatWest Bank 5% discount on all account transactions – Phishing – My Online Security

  12. Pingback:Stop Adobe reader opening PDF in browser – My Online Security

  13. Pingback:E-mail-Account Update – phishing – My Online Security

  14. Pingback:Email from Transport for London – word doc or Fake PDF malware – My Online Security

  15. Pingback:Enterprise Invoices No.84984 – Enterprise Security Distribution ... - News4Security

  16. Pingback:Imexpart Limited – Parcels Dispatched – word doc malware – My ... - News4Security

  17. Pingback:Scanned file from Optivet Referrals JS malware Dridex My … | Kit4Security

  18. Pingback:Scanned file from Optivet Referrals – JS malware – Dridex – My … |

  19. Pingback:receipt Accounts word doc or excel xls spreadsheet malware My … | Kit4Security

  20. Pingback:Closing bill Affinity Water excel xls spreadsheet macro malware … | Kit4Security

  21. Pingback:Pay_Advice_Vendor_0000300320_1000_for_03.03.2016 Yorkshire … | Kit4Security

  22. Pingback:Phishing – notificación de devolución de impuestos automatizado | Programa Web

  23. Pingback:Computer Repair San Antonio Texas-Changes to fake USPS delivery messages delivering malware

  24. Pingback:Fwd: Re: Invoice with a r24 extension delivers ( or tries to deliver) malware – My Online Security

  25. Pingback:Fake Dun & Bradstreet customer complaint "FW: Case 27627831 " delivers Trickbot

  26. Pingback:Fake PayPal account warning delivers Trickbot

  27. Pingback:Fake Brightpay payslip notification attempts to deliver Trickbot

  28. Pingback:Trickbot 1 | My Online Security

  29. Pingback:Fake HMRC “Critical Notice: Statement of Liabilities” delivers Trickbot | My Online Security

  30. Pingback:Fake Scanned from a Xerox Multifunction Printer delivers Trickbot | My Online Security

  31. Pingback:Fake HMRC “Submission 5DW8 F36N MG2A 9HJ not processed ” delivers trickbot | My Online Security

  32. Pingback:fake Companies House eReminder Service delivers Trickbot | My Online Security

  33. Pingback:Trickbot delivered via Fake HSBC Payment Advice using activeX controls in word macros | My Online Security

  34. Pingback:Fake Danske Bank “FW: Insurance Documents” delivers Trickbot | My Online Security

  35. Pingback:Fake Royal Bank of Scotland you owe service charges of £42,243.52 tries to deliver trickbot | My Online Security

  36. Pingback:Trickbot delivered by fake PWC September 2018 Payroll Timetable using excel macro spreadsheets | My Online Security

  37. Pingback:trickbot delivered via macro excel spreadsheet fake KPMG FY18 Q4 Personnel and Direct Costs email | My Online Security

  38. Pingback:trickbot delivered by Internal only email with macro excel attachments | My Online Security

  39. Pingback:fake Deloitte FW: Payroll schedule delivers Trickbiot | My Online Security

  40. Pingback:fake Deloitte FW: Payroll schedule delivers Trickbot | My Online Security

  41. Pingback:Fake HMRC Company tax credits email delivers Trickbot | My Online Security

  42. Pingback:Another Fake Deloitte email “FW: Financial Statements” delivers Trickbot | My Online Security

  43. Pingback:Yet another fake Deloitte email “RE: Company records ” delivers Trickbot | My Online Security

  44. Pingback:Trickbot delivered via fake Intuit “FW: Invoice #3989021 ” email | My Online Security

  45. Pingback:Trickbot via Fake Bank Of America Secure Message | My Online Security

  46. Pingback:trickbot via Fake Lloyds bank “Reference: BACS09280981 ” malspam emails | My Online Security

  47. Pingback:Trickbot via Fake HSBC “Incoming high value CHAPS payments” emails | My Online Security

  48. Pingback:trickbot via “New fax message” malspam | My Online Security

  49. Pingback:trickbot via Fake HMRC “Month End Report Sep 2018.xls ” email | My Online Security

  50. Pingback:Trickbot campaigns 22 October 2018 hitting UK and Canada | My Online Security

  51. Pingback:trickbot via Fake HMRC Business VAT Reclaim RE: Reference Number: 20515522 | My Online Security

  52. Pingback:trickbot via fake Ernst & Young overdue invoice | My Online Security

  53. Pingback:Fake Lloyds Bank “Case Number: 238963BACS” delivers Trickbot | My Online Security

  54. Pingback:Fake Companies House “Company report” delivers Trickbot | My Online Security

  55. Pingback:Fake Pricewaterhouse Coopers LLP “Overdue Invoice” delivers Trickbot | My Online Security

  56. Pingback:Fake HSBC “FW: Account Review” delivers Trickbot | My Online Security

  57. Pingback:Fake Lloyds Bank FW: Confidential documents delivers Trickbot via complicated download mechanism | My Online Security

  58. Pingback:trickbot via fake Lloyds Bank “Important : please review attached document(s) ” | My Online Security

  59. Pingback:Trickbot via Fake HMRC Important : Outstanding Amount – You Owe £11,612.91 | My Online Security

  60. Pingback:Trickbot via fake Bank of America Merrill Lync “FW: Updated Account Transactions ” | My Online Security

  61. Pingback:trickbot via Fake NatWest BankLine Support “FW: Recent Activity ” | My Online Security

  62. Pingback:trickbot via fake Danske Bank Transaction Report – Important Information! | My Online Security

  63. Pingback:trickbot via fake BACs Transaction Report – Important Information! | My Online Security

  64. Pingback:Untitled | Today in Kenya

  65. Pingback:trickbot via fake HSBC Payment Advice | My Online Security

  66. Pingback:Trickbot with multiple changes via fake Chase JP Morgan incoming confirmation | My Online Security

  67. Pingback:Fake TD Bank Company ACH file failure delivers Trickbot | My Online Security

  68. Pingback:trickbot via fake Scotia Bank Incoming Wire Name and Account Mismatch | My Online Security

  69. Pingback:trickbot via Fake Deloitte Canada Tax Billing | My Online Security

  70. Pingback:Fake Royal Bank of Canada RE: Instructions de transfert delivers Trickbot | My Online Security

  71. Pingback:Fake TD Bank Confirm account status delivers Trickbot | My Online Security

  72. Pingback:Fake TD Bank Secure Mail delivers Trickbot | My Online Security

  73. Pingback:Fake Royal Bank of Canada Payment Receipt Advise/Avis de Reception de paiement delivers Trickbot | My Online Security

  74. Pingback:Fake ADP Tax Billing Records delivers Trickbot | My Online Security

  75. Pingback:404 | My Online Security

  76. Pingback:Fake Paychex Tax verification documents delivers Trickbot | My Online Security

  77. Pingback:Trickbot via fake Efax message using Squiblydoo, Active X, macro and abusing pastebin | My Online Security

Leave a Reply

Your email address will not be published. Required fields are marked *