Ask Stacy — 10 Simple Steps to Prevent Rip-Offs, Ransomware and Cyber Attacks

Advertising Disclosure: When you buy something by clicking links on our site, we may earn a small commission, but it never affects the products or services we recommend.

Woman Computer Phone
Marcos-Mesa-Sam-Wordley /

A few days ago, a ransomware attack infected millions of computers across the globe, including those of some of the world’s biggest companies. Just a month ago an even bigger hacking attack occurred.

If big, sophisticated companies can’t protect themselves from computer hackers, how can little guys like us?

Here’s this week’s question:

Dear Mr. Johnson;
I am actually fairly new to the internet, a friend of mine suggested that there are addresses that it is better to stay completely away from. Especially responding to incoming mail. Reason being viral problems, and I want to avoid scams. Can you provide a list of addresses to avoid? I really do appreciate the assistance.
– Tony

While I can’t provide a list of addresses to avoid, Tony, I can provide some simple tips to stay safe.

How to protect yourself online

While it may seem that big companies would be better able to protect themselves than us regular folks, protecting little guys is actually much easier. That’s because everyone with access to a company’s system is a potential vulnerability, and big companies have thousands of people accessing their systems. If just one of those employees screws up, the entire company can be compromised.

You and I, on the other hand, just have to keep only one person from screwing up: ourselves.

There’s virtually no way for a bad guy to get into your computer or your life unless you invite them in. Their job is to convince you to go somewhere, click on something, download something or voluntarily provide personal information. Your job is simply to resist clicking where you shouldn’t.

Let’s go over the rules.

1. Know a crook when you see one

Knowing the following will help you immediately determine the veracity of nearly every email you get.

It’s illegal for any company to send you any kind of unsolicited email without offering you a way to get off their mailing list. It is also illegal for them to send you email without providing their physical mailing address. These are two of many Federal Trade Commission email rules for businesses:

  1. Tell recipients where you’re located. Your message must include your valid physical postal address.
  2. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future.

Take a minute and have a look at your inbox. How many unsolicited mass emails do you get offering a physical mailing address and a way to opt out of future contact? Almost none, right? That instantly tells you they’re breaking the law, and you shouldn’t respond to them in any way.

(For the record, the Money Talks News newsletter, which I certainly hope you subscribe to, does have a mailing address and instant opt-out at the bottom of every email we send.)

What if you don’t want further email from a company that offers an opt-out option? If it’s a reputable company, click it and get taken off their list. But if it’s a company you’ve never heard of, don’t click on the “unsubscribe” link. You could be merely confirming your email address, which will in turn be sold to other spammers. Instead, if your email program has a “block sender” option, use that instead.

2. Stay up to date

Hopefully you’ve got anti-virus software and your computer and phone are set to automatically keep that software, as well as your system software, up to date. If you’re not doing this, you’re cruising for a bruising.

3. Beware attachments

This is how you infect your computer with viruses, ransomware, pop-up ads and all manner of nasty things.

You should have virus-scanning software that scans your incoming email. Nonetheless, don’t ever open attachments unless you’re absolutely certain you know what they are and who they’re from. No exceptions.

4. Use your spam filter

You can’t be tempted by crooks that never reach you.

Your email program has spam filters. If you’re not sure how to use them, go to the help section of your email software and type in “spam filter,” or simply do an online search with the name of your email program, along with the words “spam filter.” Make sure it’s activated.

5. Don’t get spoofed or phished

Banks and other businesses know better than to send you emails requesting personal information. If you get requests like that, you’re being phished — thieves are attempting steal your identity. If in doubt, call the bank or other institution directly and ask if they contacted you via email.

6. Don’t send sensitive data

Be aware that even in the best of circumstances, unless your email is encrypted, it can be compromised. If you’re thinking of sending something sensitive to someone, like your Social Security number, don’t. Call them.

7. Avoid clicking on links in the body of an email message

Unless you are completely comfortable that the email is legitimate, it’s best to copy and paste the link or type it directly in your browser. At the very minimum, hover your cursor over the URL to see where it’s actually going to take you.

8. Guard your email address

It’s a good idea to have two email addresses — one that you use for people you know and one that you use when you shop or deal with companies. If only your friends have your email address, at least you’ll know emails you receive at that address are more likely to be OK.

See “7 Ways to Guard Your Wallet — and Identity — When Shopping Online.”

9. Beware of “free” software

We all hate paying for things we could be getting free, including software. But be aware that when downloading free software, you may also be downloading stuff you don’t want.

When downloading software, don’t just click on the “express install (recommended)” button, especially if the software is from a company you don’t know. Instead, click “custom install” and individually select the components you want. When in doubt, get the hell out.

10. Have some coffee first

Like many people, I get tons of email every day. And like many people, I tend to start my day by attacking the dozens that arrive overnight. The few times I almost clicked when I shouldn’t have were nearly always when I wasn’t yet fully awake. When going through your email, don’t rush and try to avoid doing it when you’ve only got one oar in the water.

Got a question you’d like answered?

You can ask a question simply by hitting “reply” to our email newsletter. If you’re not subscribed, fix that right now by clicking here.

The questions I’m likeliest to answer are those that will interest other readers. In other words, don’t ask for super-specific advice that applies only to you. And if I don’t get to your question, promise not to hate me. I do my best, but I get a lot more questions than I have time to answer.

About me

I founded Money Talks News in 1991. I’m a CPA, and have also earned licenses in stocks, commodities, options principal, mutual funds, life insurance, securities supervisor and real estate.

Got any words of wisdom you can offer for this week’s question? Share your knowledge and experiences on our Facebook page.

Got more money questions? Browse lots more Ask Stacy answers here.

Get smarter with your money!

Want the best money-news and tips to help you make more and spend less? Then sign up for the free Money Talks Newsletter to receive daily updates of personal finance news and advice, delivered straight to your inbox. Sign up for our free newsletter today.