To the uninitiated, the internet can feel like a scary place – and to some extent, it is. About four new malicious software programs are created per second according to figures collated by IT security analysts AV-TEST.
The stats might sound daunting, but thankfully you don’t have to be a computer wizard to keep yourself safe online. In fact, with a little bit of preparation and the right tools at your disposal, even the biggest technophobes can learn how to navigate the internet without putting themselves at risk.
To celebrate the start of National Cyber Security Awareness Month, we’ve rounded up our 10 best tips to help you browse the web more securely and stay safe online.
1. Create bulletproof passwords
FACT: Last year, about 4 percent of people used “123456” as their password, making it the most common (i.e. worst) password of 2016!
Setting a strong password is one of the simplest and most effective things you can do to thwart brute force password hacks (an attack in which criminals use automated tools to systematically check all possible username and password combinations). The more secure the password, the more difficult it is for hackers to infect your system with malware and/or steal your personal data and financial information.
Given the sheer number of accounts and passwords the average person has, it’s tempting to default to simple passwords to take out the hassle of remembering them. Resist temptation and use a password manager instead. LastPass, Dashlane and Sticky Password are all reputable and intuitive products that allow you to store all your passwords safely without requiring you to remember complex character combinations.
Inside scoop: if you’re looking for a less commercial option, the Emsisoft lab team are big fans of KeePass, a free, open source password manager that’s regularly updated.
Here are a few guidelines to help you create a bulletproof password:
- Length: Your passwords should be at least 12 characters in length.
- Complexity: Include a combination of numbers, special characters, and upper and lower case characters.
- Randomize: Do not use words that are in the dictionary.
- Unique: Do not use the same password across different websites.
FURTHER READING: Check out our complete guide to creating and managing passwords safely for more tips.
2. Keep software up to date
FACT: 50 percent of people take more than 45 days to install software security updates.
Software security is an ongoing battle. As vulnerabilities arise and security flaws are exploited, developers deploy patches to update their software and provide users with better protection. Delaying these updates leaves your device more susceptible to an attack.
With this in mind, it’s vital that you keep your operating system, web browser, antivirus program and other software up to date to reduce the risk of a security breach. Enable automatic updates in your software settings for greater peace of mind.
3. Use reputable antivirus software
FACT: There are more than 600 million malware programs targeting Windows users.
Antivirus software also plays a key role in helping you stay safe on the internet. A strong, reputable IT security solution can prevent malicious software from getting onto your machine and clean up any issues that may slip past your system’s defenses. Remember to enable auto updates and ensure your antivirus settings are suited to your needs and browsing habits. Get your free 30 day trial of Emsisoft Anti-Malware here.
4. Email with caution
FACT: 30 percent of phishing emails are opened.
One of the most common ways malware is distributed is through your emails. Hackers create sophisticated emails that typically contain an attractive sales offer or an official-looking message from an important institute (such as a bank, government, school and so on). Alternatively, you may receive an email a friend or colleague whose computer has been compromised. These emails contain enticing links and/or attachments that, when clicked upon, may trigger malware downloads or take you to websites that try to steal your personal information.
The key takeaway here is to be cautious when checking your emails. Be suspicious of any unsolicited offers, double check URLs and file extensions before clicking on anything and be wary when entering information on new sites. Remember, if the email sounds too good to be true, it probably is!
5. Don’t forget about your mobile device
FACT: The number of malware samples detected on Android doubled between 2015 and 2016, reaching more than 4 million.
Given that 50 percent of the world’s population now uses a smartphone, it should come as little surprise that hackers are increasingly turning their attention to mobile devices. Android devices are by far the most vulnerable; malware for iOS, Windows Mobile and other operating systems has proven to be much less profitable. If you’re an Android user, you can protect yourself online by using the same secure browsing habits you would on your computer. You may also want to consider exploring an antimalware solution such as Emsisoft Mobile Security for an extra layer of protection.
6. Use two-factor authentication
FACT: 80 percent of data breaches could be eliminated with 2FA.
Take your e-safety to the next level by opting in for two-factor authentication (2FA) wherever possible.
What is 2FA?
Well, many important websites that contain vital financial or personal information (for example, Gmail, Amazon, PayPal and banking websites), provide an extra layer of security by requiring you to confirm your identity before you’re able to login. Some sites will text you a verification code, while others may give you an authenticator device that is used in conjunction with your usual login details. This might sound like an unnecessary hassle, but 2FA is a very effective way of preventing fraudulent logins.
While text messages are a common method of 2FA, SMS has proven to be vulnerable to deception and we highly recommend seeking an alternative wherever possible. There are many examples of hackers using social engineering to coerce phone companies into sending out a new SIM card and redirecting the victim’s login code to the new number.
7. Be wary of public Wi-Fi
FACT: 1 in 4 Wi-Fi hotspots do not use any encryption whatsoever.
Public Wi-Fi is a fantastic way to stay connected when you’re out and about, but it also poses some significant security risks. For example, man-in-the-middle attacks (a situation in which criminals intercept information being sent between your computer and a website) are incredibly common on public Wi-Fi, and can give the hackers access to your emails, private documents, passwords and more.
When using public Wi-Fi, assume someone is watching. Only transmit data that you wouldn’t mind being stolen and never enter login details or banking information when connected to public Wi-Fi. If you do need to use public Wi-Fi to send important information, use a Virtual Private Network (VPN) to create a more secure connection.
8. Browse using an encrypted connection
FACT: More than 50 percent of the web is now encrypted (we passed the halfway mark in January 2017).
Whether you’re checking your social media feed or transferring money, always ensure that you’re using an encrypted connection when sending sensitive data. The simplest way to achieve this is to look at your address bar and ensure the website’s address starts with “https” (HyperText Transfer Protocol Secure) rather than regular old “http” (HyperText Transfer Protocol). The ‘s’, which may also be denoted with a padlock in most browsers, indicates a secure connection, making it more difficult for thieves to steal your data. Never enter personal information into an HTTP website.
Do note, however, that HTTPS is not perfect, and it’s still important to ensure that incoming traffic sent over a ‘secure’ connection is not tinkered with. For instance, recent research has shown that some antivirus companies spy on HTTPS traffic in an effort to protect their users, but a byproduct of this approach is that your information is left vulnerable to theft. Rest assured that Emsisoft does not engage in this practice!
9. Use an adblocker
FACT: Adblock usage shot up 30 percent in 2016.
A good adblocker can greatly enhance your online experience. Not only does it make pages load faster and remove annoying ads from your online life, it also makes your web browsing experience safer and more private by removing the risk of malvertising (malicious software spread via advertising) and preventing ad servers from keeping tabs on your browsing habits.
There are a few options competing for the title of best adblocker, but the Emsisoft lab team tends to recommend the free and open-source uBlock Origin, which supports most modern browsers.
10. Customize privacy settings
FACT: 42 percent of Europeans have never tried to change the default privacy settings of a social media account.
In this age of oversharing, the default settings of many websites (particularly social media platforms) tend to be somewhat invasive and may leave your personal life more exposed than you might like. Avoid this by being mindful of your privacy settings, create customized profiles to suit your needs and reduce the risk of a data breach by only entering essential information that the service requires to function.
Browser plugins such as Ghostery and Privacy Badger provide further privacy by blocking third-party advertisers from tracking your movements on the web without your permission. This adds an extra layer of privacy to your browsing and helps further secure your personal data.
Cautious but confident
Internet security risks are to be respected, not feared. By following the internet safety tips outlined in this article, you’ll be prepared to protect yourself against the cyber criminals lurking in the dingy corners of the web.
Have we missed a tip that you think other readers should know about? Let us know in the comments and we’ll incorporate them into the list.
Have a tremendous (internet-safe!) day.