Safe Computing Guide

1. Use Paid and Reputable Anti-virus Software

In most cases, for most people, the antivirus built into Windows 10 and Windows 11 is quite good and is the best solution.

For the most part, if all you're really doing is checking your email and Facebook, watching YouTube, and visiting reputable sites on the Internet, the Windows antivirus program will get the job done. If someone at a local computer shop or big box store suggests otherwise, they're likely just trying to make a sale. Just say no thank you, and walk away, because it's clear that's all they care about.

If you have specific reasons to use an antivirus with more features, I strongly recommend ESET’s NOD32 Internet Security

These days, computers are always connected to the Internet. Therefore, there is always the potential risk of infection or infiltration by intrusion software commonly known as Trojan Horses and the like. Computer viruses can modify Windows settings and programs and delete and infect files. Trojan Horses can also capture keystrokes, including passwords (see below). Spyware, malware, and other deceptive software can perform certain activities on your computer without your knowledge or consent.

I have used many free anti-virus programs over the years; you get what you pay for. They are never as effective, because the incentive isn’t there, and they often nag you to upgrade.

That said, I do not recommend products like Norton or McAfee, as they have added so many features over the years that they have become bloated, less effective, and slow your system down.

2. Use A Password Manager

Choose a password that is difficult to guess by combining letters, numbers, and symbols. Do NOT use words that are easy to spell or guess. Ensure it is at least 16 characters long. The best way to do this is to use a password manager like 1Password or BitWarden.

Password managers can generate completely random passwords that are impossible to guess and will auto-fill login details for you to avoid the possibility of keystroke loggers from collecting that data. They will also remember your login details and store them in your secure online account where viruses and the like cannot be accessed.

This also prevents the temptation to share your login details with anyone else.

3. Keep Windows and Software Up To Date

Microsoft releases updates and patches for Windows regularly, generally on the second Tuesday of every month. Windows should alert you to these, and may even download and install them, depending on your settings. But, one of my mottos is ‘trust, but verify’, so make a habit of checking Windows Update by clicking the Settings ‘gear’ icon in the Start Menu, then ‘Windows Update’, then ‘Check for updates’. Install them all, restart if necessary, and keep checking for updates until it says ‘You’re up to date’.

Shut down or restart your computer at least weekly and whenever your programs tell you to in order to install updates. This will ensure that software and security updates are properly installed.

4. Better Protect Your Web Browser

Web browsers like Firefox don’t come with everything you need “out of the box” to keep a high level of confidence while surfing the internet. This is where some trusty browser extensions is necessary.

I strongly recommend Ublock Origin, Privacy Badger, and more. Here's my blog post about Firefox extensions I Recommend.

5. Only Trust Secure Websites Using HTTPS (not HTTP)

Check the URL (website address bar) on every website you visit to ensure data is being sent over a secure connection (HTTPS). This is especially important for websites you are logging into, such as your banking and email.

6. Remove Adobe Flash

Adobe Flash was a technology that almost all websites used for decades. Still, it was notoriously vulnerable and could easily be used to infect your computer by a malicious web page. Flash is no longer available, and web browsers no longer allow its use by default.

Microsoft even released an update to remove it from ALL Windows computers. Please ensure it is removed before surfing the internet. Do so by clicking the ‘Settings’ gear icon in the Start Menu, clicking ‘Apps and Features’, and make sure Flash isn’t in the list of installed programs.

Flash has been replaced by HTML3 technology. How you use web pages does not change as a result.

7. Installing Software

When you install software, take the time to read every option it gives you. Adware is often bundled with FREE software because they need to pay for development. It would help if you unchecked those options during installation. If given the option to perform a ‘custom’ installation, please do so to ensure you know exactly what you’re installing.

8. Never Open Attachments Unless You Are Expecting Them

Email addresses can be easily “spoofed” or faked. They can appear VERY legitimate and from someone you trust and would expect an email from. Please ensure you do NOT open attachments unless you are expecting them. If not, send a brand-new email to that person and ask if they sent you attachments.

Attachments can appear very legitimate but contain viruses or malware, so it’s important to be careful.

9. Beware of Email and Phone Scams

If you receive an email or phone call from the IRS or CRA, or even Microsoft claiming you must send money, bitcoin, gift cards, or demand they give you remote access to your computer, hang up or delete the email. None of these organizations will EVER contact you or demand anything from you this way. If you are unsure about something regarding a supposed call from the CRA or another organization, hang up and call them directly. Do NOT call the possible scam number back, or reply to their email, as it is likely a scammer's email or phone number.

In addition, ensure you have hung up and don’t just hear what sounds like you hung up. The scammers are very crafty and can make you think you have hung up when you haven’t. You could then dial the number, and they’ll pretend they are the CRA or Microsoft.

10. Don’t Install or Download Unknown Programs or Apps

Countless companies create software, and not all are legitimate. Be sure to ONLY download software directly from the company that created it, and Google that software and the company to ensure they are trustworthy and reputable. That said, there are trustworthy “mirror” websites that host reputable downloads as well, such as MajorGeeks and Snapfiles. But whenever possible, download directly from the company that created the program.

11. Keep Current Backups

I have a blog post on how to develop a simple backup strategy. Suffice to say, make regular backups of the files you are unwilling to lose. Store a copy of these files locally on an external hard drive that is ONLY connected to your computer when backups occur or when you are restoring files.

Also use an off-site automatic backup service like Backblaze, iDrive, or Carbonite.

13. Secure Your Home Network WiFi

Please take the time to log in to your Router and properly secure your home network, including password-protecting your WiFi. Otherwise, your neighbors or anyone parked outside or walking by can use your WiFi and do anything they want online without your knowledge.

ALWAYS use a trusted computer and protected Wi-Fi for banking activities. DO NOT use a public network to access banking or private information because there is simply no way to trust it, and ALL the files traveling through the air can potentially be captured and used.

14. Securing Your Online Accounts with 2FA

Two-factor authentication, or 2FA, is becoming a much more common method of protecting your online accounts from compromise. You can set up your accounts to use one-time 6-digit numbered codes accessible via a trusted 2FA app on your mobile device.

You enter the code in addition to your username and password to gain access to your accounts. The point here is that no one else has access to your phone or device.

Alternatively, you can have a one-time code sent to your phone via text message. However, this method is much less secure and is susceptible to what is known as SIM Swapping.