Skip to main content

9 Online Security Tips from a Former Scotland Yard Detective

Why to watch browser plug-ins

5. Scripts

Use a script-blocker plug-in for your browsers, such as the free NoScript for Firefox or NotScripts for Chrome. These plug-ins will block many ads and many types of active content, such as popups that occur when you hover over highlighted text and other elements based on Javascript, which are common ways for attacks to enter your computer.

6. Firewall

Use a software firewall on your system. Most modern operating systems, such as Windows and Mac OS X, include a built-in firewall, but you may have to enable it.

7. Password control

Do not use the same password for everything. Santorelli recommends using a password-management tool, such as Roboform Everywhere, to generate different passwords for each of your accounts.

At the every least, he said, have separate sets of passwords for different types of accounts: one for banking accounts, one for free email accounts, etc.

8. Mobile-app permissions

"Beware of mobile apps that ask for massive control over your device, far in excess of what could be justified for what the app apparently does," Santorelli said.

For example: Why would a game need access to your photos and contacts?

"Remember, if the app is free, that sometimes means that [your information is] the product being sold," he said.

MORE: Is Online Privacy Worth Paying For?

9. Linked accounts

Beware of online accounts that link to other accounts. Many Twitter apps do this. Once you stop using these apps, they represent a forgotten route into your Twitter account, Santorelli said.

"Do a quick check, and you might be surprised how many forgotten apps have access to some of your accounts," he said. "Delete them."

To see the apps that access your Twitter account, visit — the length of the list may astound you.

Follow us @tomsguide, on Facebook and on Google+.