Blog: Android

Some simple security advice for computer and smartphone users

consultant-placeholder10 Ken Munro 13 Nov 2015


After a recent TV show in which I demonstrated how easy it can be to compromise users computers and ‘steal’ very personal video and photos, here’s some really simple advice to help prevent this happening. There are plenty of other resources online that have more information: is a good place to start.

Passwords – if you can honestly say that you never use the same password anywhere, then ignore this advice. If not, then go download a free password manager tool. They take away nearly all the pain of creating, remembering and managing your passwords for you. Big names in the field include LastPass, KeePass, RoboForm, Dashlane, 1Password among many.

Passwords are stolen in data breaches all the time. If you re-use passwords, then your accounts on unrelated web sites will be hacked. If you’ve ever had a weird email from a friend’s Gmail or Yahoo account, that’s likely to be what has happened – they re-used a password which was then stolen elsewhere. Then their web mail got hacked.

Be cynical – don’t believe ‘Microsoft’ phone calls or phishing mails. If you’re concerned, hang up the phone, then dial the organisation from another phone. Make sure the phone number is legitimate by checking the organisation’s web site.

Phishing – Office documents are a great way to compromise your computer. Never enable macros by clicking ‘enable content’ in an Office document, unless you’re certain the document is legitimate.

This is what the alert looks like:


Don’t click ‘enable content’ unless you are certain the document is safe and legitimate.

Set a decent PIN on your smartphone & tablet, even if you use fingerprint unlock on it. 6 digits is an absolute minimum, ideally 8. In some cases, a 4 digit PIN can be cracked in seconds.

Run good anti-virus software, and pay for a subscription from a brand name that you recognise. The security ‘suite’ you get with a subscription can help prevent you being infected in many other ways. It’s also a good idea to run some anti-malware software from time to time. I quite like Malwarebytes.

Anti-virus is also essential on Apple desktops too, particularly so if you run Office on your Mac.

Sandboxie – you’re likely to be compromised from one of two routes; email or web browsing. Sandboxie is a free tool that protects your web browser in Windows. It effectively wraps your web browser in another layer of security. If you pick up some malware when web browsing, all you have to do it close your web browser, re-open it and you get a nice, clean uninfected web browser. So easy!

Keep everything up to date. Every time your phone or your computer flags an update to you, what the software provider is really saying is ‘we made a mistake, there’s a security flaw in the version of our software that you’ve got. Here’s a fix’.

Unfortunately, updates are usually dressed up as functionality improvements by the vendor – hence consumers often don’t bother to apply them. Don’t update at your peril.