10 Windows 10 Basic Security Don’ts

By Woody Leonhard

Windows 10 brings along all the security goodies provided in Windows 8.1; Windows 8 was the first version of Windows to ship with a complete antivirus/anti-spy/anti-malware package baked right into the product. Here are the ten most important things you shouldnt do, to keep your computer running Windows 10 secure:

  • Don’t trust any PC unless you, personally, have been taking close care of it. Even then, be skeptical. Treat every PC you may encounter as if it’s infected. Don’t stick a USB drive into a public computer, for example, unless you’re prepared to disinfect the USB drive immediately when you get back to a safe computer. Assume that everything you type into a public PC is being logged and sent to a pimply-face genius who wants to be a millionaire.

  • Don’t install a new program unless you know precisely what it does, and you’ve checked to make sure you have a legitimate copy.

    Yes, even if an online scanner told you that you have 139 viruses on your computer, and you need to pay just $49.99 to get rid of them.

    If you install apps from the Windows Store, you’re generally safe — although the Windows Store has its share of crappy programs. But any programs you install from other sources should be vetted ten ways from Tuesday, downloaded from a reputable source, and even then you need to ask yourself whether you really need the program, and even then you have to be careful that the installer doesn’t bring in some crappy extras like browser toolbars.

    Similarly, Firefox and Chrome add-ons are generally safe.

  • Don’t use the same password for two or more sites. Okay, if you reuse your passwords, make sure you don’t reuse the passwords on any of your email or financial accounts.

    If you reuse the passwords on any of your email accounts and somebody gets the password, he may be able to break into everything, steal your money, and besmirch your reputation.

  • Don’t use Wi-Fi in a public place unless you’re running exclusively on HTTPS-encrypted sites or through a virtual private network (VPN).

    If you don’t know what HTTPS is and have never set up a VPN, that’s okay. Just realize that anybody else who can connect to the same Wi-Fi station you’re using can see every single thing that goes into or comes out of your computer.

  • Don’t fall for Nigerian 419 scams, “I’ve been mugged and I need $500 scams,” or anything else where you have to send money. There are lots of scams — and if you hear the words “Western Union” or “Postal Money Order,” run for the exit.

  • Don’t tap or click a link in an email message or document and expect it to take you to a financial site. Take the time to type the address into your browser. You’ve heard it a thousand times, but it’s true.

  • Don’t open an attachment to any email message until you’ve contacted the person who sent it to you and verified that she intentionally sent you the file. Even if she did send it, you need to use your judgment as to whether the sender is savvy enough to refrain from sending you something infectious.

    No, UPS didn’t send you a non-delivery notice in a Zip file, Microsoft didn’t send you an update to Windows attached to a message, and your winning lottery notification won’t come as an attachment.

  • Don’t forget to change your passwords. Yeah, another one of those things everybody recommends, but nobody does. Except you really should.

  • Don’t trust anybody who calls you and offers to fix your computer. The “I’m from Microsoft and I’m here to help” scam has gone too far. Stay skeptical, and don’t let anybody else into your computer, unless you know who he is.

  • Don’t forget that the biggest security gap is between your ears. Use your head, not your tapping or clicking finger.