How to be anonymous

It is easy to give away too much personal information online without really meaning to.  Sometimes this can help online criminals and identity thieves but, on a more everyday level, you wouldn't give personal information to strangers in the street so why do it online?  Here are some tips for protecting your anonymity online:

• Think twice about disclosing any personal information.
• Avoid using your real name online.
• Set clear guidelines for children about when and how they can reveal information (see Talk to your kids about online safety).
• Be especially cautious of ‘fast friends’ who you have just met online but who ask you to reveal personal information or want to meet you offline.
• Be wary of disclosing personal information on a work or personal web site.
• Use a disposable, anonymous email account for websites that demand an email address to register. Hotmail or Yahoo! mail provide free email addresses.
• If you need to enter an email address but won’t get any email from the website (sometimes sites require you to check incoming email for login details), you can use “someuser@example.com” as an address. This is a protected email address that will never reach a real company or user.

Watch out for cookies

Cookies are files that websites use to store information about you between sessions. Most of the time they are innocuous.  They do things like keep track of your username so that you don't have to log into a website every time you visit it.  However, some of them are used by bad guys to track your browsing habits so that they can target adverts at you or to build a profile of your interests and activities with a view to fraud.

• Set your browser to warn you when a cookie is installed. Note that some sites will not work if you block cookies completely.
• Microsoft Internet Explorer will let you enable and disable cookies on a site by site basis so you can allow them on sites you trust.
• Use an anti-spyware program that scans for so-called tracker cookies (see Stop spyware).
• There are also cookie management programs that can delete old cookies and help manage them. In addition you can use settings in Internet Explorer (see Use Internet Explorer safely) and Mozilla Firefox (see Secure the Firefox web browser) to delete unwanted cookies.
• Use a plain text email display instead of HTML email so that tracking files and cookies can’t be included in email files (see Use Outlook Express safely).

Think about who might be listening

Unencrypted email and most website interactions can be monitored by your employer, your internet service provider or by any company along the internet path between you and the email or web server you are talking to. Transmission over an insecure Wi-Fi (wireless) network means anyone within radio range can listen in too. In the UK there are strict guidelines about employee monitoring and bugging but, unfortunately, just because it is illegal doesn't mean it doesn't happen.

• Use encrypted links for sensitive communications; for example a VPN to connect to the office (see Secure remote access).
• Use an SSL-encrypted web mail account or use encrypted email (see Learn about secure web pages).
• Assume anything that is sent without encryption can be read by third parties.
• Use encryption.
• Spyware or viruses that install keyboard trackers can actually log the keys you press as you type and send them back to the hacker who installed it. These are commonly called ‘keylogger viruses.’  Check your computer regularly for spyware and viruses (see Install anti-virus software and Stop spyware).
• In a public or work environment, if you are concerned about being spied on, check your computer physically for any unusual devices that may be plugged in, especially on the keyboard cable.
• Use secure websites when shopping or banking online.
• Avoid using a work email address for personal use. Have a separate, private email address for private business.
• Be careful about using public computers and public Wi-Fi (wireless) networking hotspots (see Use public computers carefully).

Browse defensively

• Switch off Java, Javascript and ActiveX in your browser and only enable it on a site-by-site basis. See Use Internet Explorer safely.
• Check to see if the website has a real-world presence, such as a helpline number or mailing address.
• Read any ‘privacy’ policy. Many are, in fact, grossly misnamed waivers of all privacy.
• Look for trust signs from organisations like Which that validate minimum standards of privacy and other good practice.
• Remember that a secure link, with a padlock and https, doesn’t say anything about the site’s business practices or attitude to privacy.

Don’t fall for social engineering

• Learn how social engineering works (see Don’t let conmen trick you).
• Use strong passwords and don't disclose them to anyone.
• Use your judgement and commonsense (see Security is your responsibility).

Keep your computer secure

Keep your computer secure using the advice in Protect your PC.  This will block many automated attacks on your privacy such as spyware.