Tip #1: Only sites with HTTPS are secure!
URLs beginning with ‘http://’ are NOT secure. Sites with ‘https://’ are using a combination of Hypertext Transfer Protocol (HTTP) with the Secure Socket Layer (SSL)/Transport Layer Security (TLS) protocol, meaning that the session between your browser and the web server is encrypted. Without HTTPS, bad guys can intercept your session using tools like Firesheep.
Tip #2: Use security questions whose answers are impossible for others to guess
Security questions are useful when we forget our passwords and need to reset them. In fact, when signing up for email accounts, most of us unthinkingly put in truthful answers to easy questions, like, “What is your mother’s maiden name?” or “What’s the name of the town in which you were born?”
But have we ever stopped to think how easy it is for bad guys to find the answers to those questions? We share so much of our personal lives on the Internet; it’s actually very easy for bad guys to find our security answers on the Internet, and to reset our passwords without our permission. In fact, recently, a reporter from the Washington Post was able to hack her brother’s iCloud account in three minutes using information that was guessable or findable on the Internet.
Instead of answering security questions with obvious answers that people can find using search engines or from reading your online profiles, we suggest answering with irrelevant answers mixed with numbers. Of course, make sure you remember the answers in the event that you ever get locked out of an account and need to use your security question!
Tip #3: Don’t use the same password for all your accounts
Obviously it’s easy to remember one complex password and use it across all of your accounts. However, this leads to the possibility of one service being hacked and the hacker using this password to attack your accounts with other services.
We suggest using 1Password, KeePass and LastPass to generate and keep passwords. These password apps can create random, indecipherable strings of alphanumeric characters as passwords and help store them for you on your different devices.
If your online service (i.e. email, online storage, bank) offers 2-step verification, you should by all means use it.
Tip #4: Keep your operating system and all your software up to date
Operating systems such as Windows and Mac regularly send updates for users with software patches and so on. While it may be tempting to close popups reminding you of a new update, we suggest updating as soon as you’re able to protect against the latest security vulnerabilities.
You should also keep your other software up to date. The best tactic is to turn on automated software updates on all your apps—this applies to your antivirus software, email apps, browsers, and so on.
Tip #5: Be careful when accessing public WiFi
Unfortunately, a lot of people don’t know that when you are sitting in your favorite coffee shop, accessing your favorite sites with free WiFi, you’re at risk of having someone intercept your data.
Unprotected free WiFi is a breeding ground for hackers to intercept and access your personal data. Before you connect to public WiFi, turn off file sharing on your computer. If you’re on public WiFi, don’t sign into anything requiring a password UNLESS you’re connected to a VPN.
Tip #6: Be careful what you write on social media
While social media is getting more and more popular, sites like Instagram, Twitter, Pinterest and Facebook are great for keeping up to date and letting your friends know what you’re doing and where you’re going. However for criminals, this information is gold. Accepting friends you don’t know personally could mean giving a hacker unfettered access to information about your family, your friends, where you live, and what you buy/read/do. Yikes.
Tip #7: Delete suspicious email attachments
Have you ever received an unsolicited email? Chances are that you have. The majority of people know that if you receive suspicious links or attachments from random strangers, you shouldn’t open them and you should delete them straight away. However if you receive a strange attachment or link from a friend, you should do the same. Hackers often send dangerous malware by hacking someone’s email account and sending emails to the victim’s contact list. If you ever receive a suspicious email from a friend, you should email them and tell them that they are likely a hacker’s victim, and that they should change their password and turn on 2-step authentication ASAP.
Tip #8: Don’t plug strange things into your computer
Not only can malware spread through virtual means—but it can also be spread through hardware! Users of USB sticks, external hard drives, and even smartphones are not immune. The recent BadUSB malware is a case in point. Before you plug anything into your computer, make sure that you know exactly where it came from and what else has been on it. Only plug in things from trusted sources.
Tip #9: Never lose your device
So you’ve loaded your computer and smartphone with all the latest security software, changed all your passwords, and turned on 2-step verification. But what happens if you lose your computer or your smartphone? If you lose your device, all your emails, photos, and personal data could end up in the hands of a malicious person.
Don’t let this happen to you! Password protect your lock screen, use a brightly colored case so that you can’t lose it, and back up your data regularly. Turn on device location or use a third-party anti-theft app in case the unimaginable happens. The best, of course, is to always be vigilant about your hardware and never lose it, period.
Tip #10: Know where you’re downloading apps from
For maximum safety, only download apps from 100% trusted sources—for example, the Apple app store, or the creator of the software itself. When installing apps, make sure you know the permissions you’re giving them. For example, does that time management app really need access to your camera and contacts?
One more easy win – make sure your computer or device is configured so that downloaded apps need to be opened manually. You don’t want to download an executable file and have it automatically open on your machine without your consent!
At the end of the day, knowledge is a powerful tool. Maintaining good Internet security requires a combination of taking care of your software and hardware, and using some good old fashioned commonsense.
Bonus Tip! Use a VPN
High-strength VPN encryption protects not only your web browser but also your emails, Skype conversations, online banking, and everything you do or see online – whether you are at home, the office, a cafe, or traveling the world. Give yourself some added anonymity with ExpressVPN. Once connected to ExpressVPN, all your data is encrypted and indecipherable!