While we are becoming increasingly more reliant on technology and storing our information online, this trend increases the quantity and desire of hackers to try and acquire your sensitive information such as passwords and files. Your computer getting infected with a malicious virus can give the hacker the ability to access your computer and can lead to your online accounts getting infiltrated or personal information being leaked. While the strategies hackers use to breach your system’s defenses change, there are several strategies you can always use to aid you in staying safe online.
1. Use Caution Clicking Links and Attachments
Emails, attachments, and links to foreign websites are the three things you should use the most caution while interacting with on the Internet. Many cyberattacks begin through sending out a flurry of emails infected with malicious content.
Phishing is one-way hackers infect your computer. This strategy is executed by sending emails posing as a reputable company in attempts that the user believes it is an authentic email and updates their personal information on a malicious website. You can often determine if a website is a legitimate a few ways:
- Check the e-mail address of the sender. It may only be a letter off a valid email from the company they are trying to mimic, so make sure you look carefully.
- Check for spelling and grammar mistakes. More often than not, phishers do not speak perfect English, and language errors may be a signal that the email is not coming from a reputable company.
- Check the IP of the sender if you are suspicious. If you check the source code, the IP address can be found following the lines “Received: from.” You can then google the IP address and view information about the computer it was sent from.
Clicking unknown links is also a dangerous game. Untrustworthy sites can begin downloading files, rerouting you through other malicious websites, and scam you for information the moment you open the link. If you are skeptical whether you should open a link you believe has potential to be infectious but are going to commit to it, it is best to right-click and copy the link, then paste it in a separate browser so you can take a look at the URL. The most secure sites include a “HTTPS” to begin the URL. Especially look out for this if you are inputting sensitive information such as a credit card or social security number.
The easiest way hackers send viruses to your system is through attachments. They are especially dangerous in the workplace, school, or anywhere that many people are connected to the same network. Do not open attachments unless you are certain you know what they contain as well as who the sender is. Word documents, PDFs, and EXE’s are amongst the most dangerous files that you should be wary of. If one recipient opens an attachment, there is a chance that it could spread to every computer connected to the network.
2. Have a Good Password
Making sure you have an advanced password that hackers are going to have the most trouble breaking into is one of the most important elements on staying safe online and to avoid your accounts from being breached. There are several elements a password should have to be sure it is a strong choice. The following should be incorporated in combination to make sure your password is at maximum strength:
- Combination of uppercase/lowercase letters/numbers
- Nonsense (Do not use a common word or one that has meaning to you such as a pet’s name, family member, address, etc.)
- 12 characters or above
Using personal references makes it much easier for the potential hacker to guess your password, or at least be more efficient in the strategies they use to infiltrate the account. You also should avoid storing your passwords in a virtual file that could be accessed by using a malicious virus such as a Trojan horse, a program that makes its way into your computer by posing as something that it is not. If you decide to use software to manage your passwords, make sure it has appropriate security measures intact to ensure your safety.
Changing your password every month or so still is good practice, but two-factor authentication has increased user security across many popular websites. Websites that do have two-factor authentication can give you some leniency if you have had the same password for an extended period, but those that do not should be changed periodically.
You should also avoid using the same password for two different websites, let alone using the same password across the Internet. Using this practice could be extremely detrimental to your protection online, as the hacker would have access to anything you have ever created an account on and could do some serious damage. Also, be sure to change your passwords
3. Use a VPN
A Virtual Private Network (VPN) is an effective way to ensure that your identity is not revealed online and is a good defense to your sensitive information falling into the wrong hands. They are especially useful when utilizing public networks, such as a coffee shop or library. These kinds of connections offer minimal security to its Wi-Fi guests and should be taken with the most caution while browsing. Whether you are on a public or private network, taking the precaution of using a VPN is wise. A VPN adds security by connection a public network to a private network to mask your IP address and have more peace of mind accessing private data. There are many services online that offer VPN’s to their users, and many can be found that are inexpensive or even free of charge. In addition to providing extra security, they can also be used to bypass internet restrictions you may find at work or school, download peer-to-peer files with less risk, and access content that may not otherwise be available in your geographic area.
Ethical Hacking Training – Resources (InfoSec)
4. Two-Factor Authentication
Over the last few years, websites online have developed more ways to strengthen security and provide their users with more opportunities to protect against cyber-attacks. One strategy emerging is called two-factor authentication. This entails a confirmation from a cell phone or some other kind of verification in addition to a password to be able to access an account.
You should check websites you frequent to see if they have a two-factor authentication process available. Sometimes, there are settings that only require this procedure if you are logging in from a different device, which his especially important. If a company gets breached by a cyberattack, the hackers most likely won’t be able to access your account if two-factor authentication is enabled unless they had some kind of personal device or sensitive information already.
Security questions are another preventative measure used to be able to recover your account if it was lost or stolen. However, if these answers are not unique or can be found with a little research, then they can actually work against you and give unwanted guests access to your accounts. You should avoid common questions typically offered such as “What’s your mother’s maiden name” or “What was your first pets name” because these questions can likely be found online through records or social media. Some don’t even answer the question being asked to ensure anyone that but themselves can access the account. For example, instead of putting “Turner” for your father’s middle name, you could put something random such as “Finding Nemo.”
5. Use an Ad Blocker
While ad blockers are a bit controversial, using one on the sketchier website you do not feel comfortable browsing can benefit you by not receiving pop-ups or misleading ads that may try to fool you into visiting their malicious web page. Websites known to have adverts such as the ones aforementioned include peer-to-peer sharing websites and places that offer free videos that otherwise may be difficult to view on a more trusted service. Ones to particularly look out for are “Download now!” buttons, “X” marks that lead you to believe you are closing the page and fake antivirus software. However, you should whitelist your adblocker on websites that you trust, because it can be detrimental to the revenue a company earns from advertisements.