This article will cover the best ways to protect a senior online. A true story inspired this article.
Hi, my name is Matt The Nerd. I work for Nerds On Site handling cyber security, corporate & national projects.
I’m going to start this article off with a true story, but if you want to skip ahead, don’t hesitate to click on one of the following links:
A tail of a compromised windows laptop
In June 2022, I received a call from my mother-in-law (MIL) telling me that her mother (which I’ll refer to as my grandmother) had been compromised.
My grandmother is 93 years old and a wonderful woman. She uses technology like a champ, and I rarely get calls to fix anything (of course, I’m the family IT guy!).
My MIL explained that my grandmother had received calls from ‘Microsoft’ telling her that her operating system had been compromised and was full of viruses.
Of course, this cold-calling ‘Microsoft’ team member claimed they knew everything about her computer, exactly what viruses were afflicting the operating system and the perfect resolution to get the windows computer back up and running again in no time.
Listen, many readers here will have heard this story before; tech support scams are common, and there are lots of stories of victims and blogs aimed at helping you to avoid falling victim to Microsoft scams.
Naturally, I felt immediately violated, I’ve read the stories and handled situations like this for Clients, and my mind immediately went to how could this happen to my grandmother? Why didn’t she call me?
This situation turned out to be a little different.
During the first conversation with my MIL, I learned the following pieces of information:
- She had been talking to ‘phone support.’
- The agent had been referring to Microsoft & viruses.
- In my grandmother’s words: “They just had access to my computer without my intervention.”
- She had been billed $199 and had a contract with a company name.
I didn’t know it was different at this point, but I learned a few things from the conversation. The agent that had called her was leveraging Microsofts name and talking about viruses. It was almost impossible for the agent to access my grandmother’s windows machine without her intervention & it was bizarre that there was a company name and invoice.
Matt The Nerd Jumps into action.
I got to researching this company and found out very quickly who they are and what they do, along with the owner’s name & telephone number.
I also found many online reviews of similar situations where senior citizens had been cold-contacted and charged for IT services.
The company in question is a US-based IT services business, and the about us section states that they outsource IT support to a team in India. They proudly displayed a Better Business Bureau badge on their website, claiming to have an A+ rating.
Annoyed & feeling violated, I called the owner.
The owner immediately defended his team, claiming that they send reviews after selling services that state they are not calling from Microsoft, that the sales process takes up to 2 hours, and that they aren’t aware of the ages of prospective clients.
I asked for a resolution, and he initiated a refund immediately.
So it turns out it wasn’t a scam, but instead, it was sales techniques by a legitimate company.
The next day I received my grandmother’s laptop and a copy of the contract.
The contract was for a 12-month phone & remote IT support package available Monday to Friday, billed at $199 monthly.
I want to point out that this is ridiculously expensive for such a package, and we can offer 24/7/365 phone & remote support for a fraction of that cost.
Her computer had five newly installed programs, GlassWire, a firewall & network monitor, some weird programs that originated from Turkey & a popular remote service program.
The computer did not appear to be infected with anything malicious, and no Windows registry edits appear to have happened.
I was proud of my grandmother’s computer use.
Going through the computer, aside from the Asus bloatware and the newly installed programs from the company, she didn’t have anything of concern.
She did have Kaspersky anti-virus, which I will remove because it’s been banned by the US Government since 2017, but overall, not bad! Good job, grandma!
Either way, it’s my job to make sure this doesn’t happen again, and I’m going to share with you how I will do that, the nerd way.
Start by protecting the operating system.
Throughout this article, I will do my best to explain how to do all of this yourself with examples and linking appropriate resources.
Book an onsite appointment with us if you’d rather have a professional do it for you and live in Canada or the United States.
A Windows PC may not be the best choice.
I’m no fan of Apple products as I do not believe they have the same value for me as a consumer compared to custom-built desktop computers or even an android device cell phone.
But, I am not an average consumer. I am a nerd.
For the average consumer, Apple has done something that Microsoft has been unable to do, provide a secure operating system that is encrypted by default.
David Redekop, one of the world’s most renowned experts in cyber security, co-founder and CTO of Nerds On Site & CEO of Adam Networks, believes the most secure device available today is an Apple iPad with a detachable keyboard (With an Adam:ONE secured network & back-to-base VPN).
But, with all of this said, it may not be realistic to ask a senior citizen to learn entirely new technology, so unless they have a history with Apple products, we should talk about how to secure Windows.
How to secure a windows computer for older adults
When supporting older relatives on their computers, we want to be conscious of not implementing new processes or changing the way the system looks and instead just securing it from the backend.
Disable remote access
Windows has a feature called ‘Remote Access’; while this feature is disabled by default, if it’s ever turned on, it will allow others to access the computer from another location.
This article by Carbide will cover how to disable remote access in Windows 10.
Install a paid anti-virus solution
I need you to move away from the thought process that antivirus is free software for your computer. It’s not. Free antivirus means one of two things.
- It’s not a good antivirus.
- You’re the product, not the consumer.
As previously mentioned in the article, Kaspersky was banned by the US government in 2017 over concerns of data misuse, and Norton is now using your computer to crypto-mine, which can reduce the life of your computer’s hardware. Free solutions were never free; you were just the product instead of the customer.
Use a password manager.
This will take some learning for you and some teaching for some older adults, but it will provide lasting benefits for the user and the device’s security.
Password Managers make it so you only need to remember one password and can have long & complex unique passwords for all websites and applications. It works across devices and can be installed on both phones and computers.
Re-using passwords is a terrible idea, and trying to remember multiple unique passwords is virtually impossible.
Setup user accounts, so they are not an administrator
Administrator accounts on Windows operating systems can do everything. Install any program and change any windows setting. There is almost no reason a regular user should ever regularly use an administrator account, even at home.
A user on the Microsoft Forums asked the question When to use Admin vs. User Accounts. While it’s somewhat technical, another user gave a great in-depth answer to why using a user account is important.
To give you the non-technical answer, programs cannot be installed or make changes without the user knowing unless they have administrator privileges. These privileges need to be granted by the user, so nothing can be installed without the user agreeing to it.
To learn how to access settings through the control panel, check out the following resource: Manage user accounts and settings in Windows 10.
Turn on automatic updates.
Windows delivers updates to computers on a regular schedule, these updates are usually security-related, and we recommend having these installed automatically.
Security updates aim to close security holes that could lead to the computer becoming compromised, so having this done automatically as soon as they are available is critical.
We’ve taken the instructions from Microsofts How to change your Automatic Updates settings by using Windows Security Center for Windows 10
To turn on Automatic Updates yourself, follow these steps:
- Click Start, click Run, type wscui.cpl, and then click OK.
- Click Automatic Updates.
- Click Automatic (recommended)
Securing the internet connection is the best way to protect senior citizens.
What I’m going to talk about next isn’t something easily done on your own, so if you’re looking for a DIY solution, you should go back to the previous section.
The internet was designed for mass adoption, not security.
Computers, by design, are insecure as they allow connections to other computers to share data. Computer A will connect to Computer B through Transmission Control Protocol (TCP) & Datagram Protocol (UDP). Computer B will allow the connection, and data is downloaded to Computer A.
Computers have thousands of ports that other computers can connect through. You can read more about ports from Cloudflare’s What is a computer port?
When browsing the internet, computers typically connect through port 80, and the computers share information.
So, for internet security, this is a problem. We have a system where any computer in the world can connect to any other computer and share data.
Firewalls or traditional internet protection are designed to block other computers from connecting to ports they aren’t meant to. The main problem with firewalls is that they are relatively simple and can be circumvented by many known hacking techniques.
So how does this help me protect my older relatives’ desktop computers?
I’m going to protect my grandmother with Adam:ONE by Adamnet.works. Adam:ONE blocks the entire internet and allows only what is known as safe. If Adam had protected my grandmother before this, the tech support people would never have been able to connect to her computer.
Where a firewall blocks known threats and closes ports and isn’t inherently secure, Adam blocks everyone and only allows those who are invited.
They do this through a relatively new technology called Zero Trust, which the US Government has adopted for its internet security. As far as I’m aware, it’s the only known network-level protection against ransomware & phishing.
The cool thing about Adam is that it will also allow me complete control over every device on the network. Let’s say I wanted my grandmother to be on tight network controls, but I only wanted to block the bad; I could do that.
It’s also helpful if you have kids in the household, as you can set timed controls depending on what you want them to access.
- 7A-3P Block Games, Streaming & Social Networks
- 3P-5P Allow Games, Streaming & Social
- 5P-9P Block Games, Keep Streaming & Social
- 9P-7A Block All
What I’m talking about wasn’t traditionally aimed at senior proofing a computer, but it was the first thing my mind went to after she had this incident. If you want to know more about this, you can check out our SchoolZone cyber security; it was initially designed to protect children online during the remote learning phase of covid, but it’s also perfect in this situation.
You can protect your loved ones on the internet.
Thank you for taking the time to read the article and my story. Working in the IT industry, it’s rare I’m on the other end of the table of IT woes, but I’m glad it happened as it allowed me to share the tail with you.
If you want to senior proof a computer, the most recommended way to start at the network, as explained in the internet connection section. You can remove any risks associated with computer scams & phishing and keep them away from all the wrong sides of the internet simultaneously.
If that’s not for you, that’s ok, the computer settings section will get you halfway to where you need to be, and as long as you train them about the dangers of the internet and what to look out for, you should be ok!
My name is Matt The Nerd; thank you for reading my article today, and if we can ever help you, don’t hesitate to Contact NerdsOnSite.