Twitter users will likely be familiar with the latest phishing scam by now – a direct message saying there is a bad blog going round about you and to click on the link to read it. Yet the link takes you to a copy of the twitter homepage where logging in will pass your details into the hands of fraudsters.
Thankfully there is a new weapon in the battle against scams like these, with a new website launched by Google and Citizens Advice this week offering consumers advice on online security and privacy issues.
The Good to Know website features comprehensive and easy to follow information on a range of issues, from creating a strong password and understanding how cookies work, to details of scams like phishing and the importance of logging out of public computers. The site is aimed at computer users of all levels. It is being run alongside a series of adverts, which also offer advice on protecting personal data online.
Recent research by Ofcom's consumers communications panel showed that 26% of UK internet users had concerns about the safety of their personal details, 14% were worried about privacy and 13% about fraud.
Gillian Guy, chief executive of Citizens Advice, said: "We are delighted to be working in partnership with Google. Citizens Advice is all about straightforward, simple advice on the issues that matter, so helping people take control of their safety and privacy online is right up our street."
The two partners have come up with five tips for consumers to stay safe online:
• Pick a strong password. One idea you can try is to choose a line from your favourite song, film or play, such as "To be or not to be, that is the question". Then use numbers, symbols and letters to recreate it: 2bon2btitq. The more unusual the phrase you choose the better.
• Never reply to suspicious emails with your personal or financial information, and never enter your password after following a link from an email you don't trust.
•Look for "https" and a padlock in the URL bar to check a site is secure. When you go into a branch of your bank you recognise the official staff by their name, uniforms and the services they offer. Having this level of reassurance shouldn't be any different for online banking or other sensitive services.
•Always sign out and shut down your browser. Ever gone out for the day and left your front door wide open? Exactly. The same principle applies when you leave yourself signed in to online accounts on the computers you use.
• Use two-step verification for accounts that offer it, such as Google and Facebook. Two-step verification adds an extra layer of security to your account by requiring you to have access to your phone – as well as your username and password – when you sign in. This means that if someone steals or guesses your password, the potential hijacker still can't sign in to your account because they don't have your phone.