People don’t give a second thought to what they do online without proper security, and that can be a recipe for disaster. Think about it this way:
· Want to lose access to your email, social media accounts, and everything in-between?
· Are you in the mood to wait days on end for your bank, credit card provider, or even the authorities to solve an account breach?
· Is it worth losing your money, digital work, and so on because of a simple misclick that could have been avoided?
If you answered “no” to any of the above questions, then don’t fall into the “It won’t happen to me!” line of thinking. Start considering your online security right now using these five helpful guidelines.
1. You Re-use Passwords
Practically every website with a login feature suggests using a strong, alphanumerical password that is different from those you’ve used in the past. But with so many services requiring you to log in nowadays, how are you supposed to remember some random string of numbers and letters for each of them? This is what prompts people to use the same “go-to” password, making hackers’ jobs much easier in the process. Once they find that out, they’ll try it to use it on the rest of your accounts.
To make your life easier, try using a password manager that creates and stores strong, randomized passwords directly on your system. Since they’re stored offline, it’s infinitely less likely that a hacker can intercept and steal them.
Of course, since these managers keep your passwords locked behind a master password, you do need to watch out for phishing.
2. The Prevalence of Phishing Scams
As much as people enjoy the Hollywood image of a hacker that “breaks into the mainframe” while typing so fast the keyboard catches on fire, that’s mostly fiction. In fact, the most expensive damage is done through simple baiting tactics. As of 2019, over 90% of data breaches are estimated to come from phishing scams.
What is phishing exactly? Well, it usually involves clicking links to fake websites masquerading as legitimate organizations. Say, you receive an email from “PayPal” requiring you to “update your information.” In reality, the website you’re accessing will take all that data you entered and use it to breach your accounts. This is the most common method, though there are quite a few others you should pay special attention to.
3. You Don’t Use Anti-Malware Software
Phishing emails and websites can also be used to transmit malware (malicious software, like viruses). According to Avanan, over half of phishing emails contain a malware-infected link or file attachment. Their main purpose is to collect your sensitive data without your knowledge and send it back to the cyber attackers for a profit. They can also just be used to cause irreparable damage to your device(s) and so on.
Whatever the case – if you’re not using anti-malware at the moment, the best time to start is right now.
4. You Frequently Visit HTTP Websites
The Internet is slowly moving away from HTTP (Hypertext Transfer Protocol), and onto HTTPS, the secure version of that protocol. What HTTP does is basically to “transfer” the website you’re trying to view (its code, rather) onto your device. The problem is that anybody with a few minutes on their hands can see everything you’re doing on these unsecured websites. Yes, that includes sensitive data like login information.
HTTPS uses encryption to make sure no unwanted eyes can peek in on your activity. Encrypted data essentially appears as gibberish to outsiders unless they have the specific encryption key required to understand what’s going on. Think of this key as a code you need to decipher a secret message. Keep in mind that ISPs can still see the domain you are on (e.g. https://google.com), although they can’t see the specifics of what you’re doing there.
For your own safety, NEVER share private info on HTTP-only websites. In fact, don’t even access them unless you take the proper precautions such as using a VPN (Virtual Private Network). More details below.
5. You Use Public Wi-Fi Often
Public Wi-Fi is a hotbed for cybercrime, especially if we’re talking about unencrypted networks. How many times have you been excited about seeing “free” Wi-Fi pop up on your phone screen? Well, turns out that free Wi-Fi can cost you a lot. Without a password, it’s quite easy for even an unskilled hacker to snoop in on what you’re doing and cause damage.
Moreover, they can also create fake Wi-Fi hotspots that imitate ones run by legitimate businesses (such as hotels and airports). Their names are just similar enough that people don’t think twice about connecting to the network. Once they’ve done that, the hackers are given the green light to do whatever they want with the victims’ data.
However, don’t think that password-protected Wi-Fi is much better. Sure, it’s definitely safer than accessing unencrypted networks. But there are exploits affecting even the latest Wi-Fi encryption protocols that allow hackers to steal the Wi-Fi password and proceed from there.
Secure Before You Send
It’s best practice to encrypt your data before it even heads out, by using a VPN as mentioned before. A good VPN, like Hotspot Shield, is worth its weight in gold – especially if you find yourself using public Wi-Fi for sensitive stuff like bank/ PayPal payments, discussing private details through social media or instant messaging, and others.
Even if you don’t, it’s not a bad idea to protect your online privacy from ISPs who just want to sell your data, government agencies that keep track of everything you do and say, and run-of-the-mill hackers who may keep an eye on your home network for a quick cash-out. Remember, it only takes a few minutes to do years’ worth of damage!