There’s no way around it: the internet is an increasingly dangerous place. According to one study, the average internet-connected computer is attacked by hackers every 39 seconds. Yet most of us use the internet, whether for work or pleasure or both, for hours every single day. It’s important that you know the best ways to keep yourself safe online.
Often, the only time we think about cybersecurity is when it’s already too late — when our accounts are hacked, our devices infected with malware, or when we fall victim to identity theft.
Cybersecurity Ventures forecasts that global cybercrime will cost nearly $6 trillion a year by 2021. For individuals, the cost of a successful cyberattack can be financially ruinous. Cyber attacks create serious reputational damage and stress due to having to restore access to accounts. By taking just a few small steps to protect yourself online, you can save yourself a lot of hassle and money.
You’ve likely heard it before: Creating a strong password for all your accounts is key to staying safe on the internet. But how often do we actually follow this advice? A 2019 Avast study found that as many as 83% of Americans use weak passwords. And while over 90% of people know that reusing the same password repeatedly is risky, almost 60% do so anyway. On average, a single password is reused five times.
Even worse, over half of all Americans include a name or date of birth in their passwords, making it super easy for cybercriminals to hack their accounts. Back in 2017, for example, weak and stolen passwords contributed to over 80% of hacking-related breaches. That makes perfect sense. If a hacker steals your username and password from one source, they’ll likely try the combination to log in to your other accounts, too.
Tip: Use Have I Been Pwned? to see if any of your accounts have been compromised in a data breach and then invest in a good password manager.
To make it even harder for cybercriminals to access your data, consider setting up two-factor authentication (2FA) on all your accounts. With 2FA, instead of just logging in with your password, you also have to verify your identity using a one-time password or passcode, a token (like a USB key), a push notification, or biometric authentication (like a fingerprint or a face scan).
Most sites and companies offer 2FA (you can typically find it in the “setting” section of your account). Some sites automatically require 2FA when they notice a connection from a new device.
Tip: TwoFactorAuth.org lets you know whether or not a specific site supports 2FA.
Did you get any strange emails or receive suspicious calls or links via text lately? In that case, you might have been a victim of an attempted phishing scam.
Phishing scams are cyber attacks in which a person is contacted via email, phone, or text message by someone who pretends to be a legitimate entity like a bank or insurance provider. The scammers intend to either trick people into downloading malware or get as much personal information that can be used to hack a victim’s accounts.
According to Verizon’s 2019 Data Breach Investigations Report (DBIR), almost a third of data breaches involved phishing.
If you receive an email or a text message that doesn’t seem quite right, contact the sender with a new email or by phone. Do the same with suspicious calls and never click on links that look off.
Tip: Check out our recent blog post to learn more about how to avoid phishing scams.
If you’re about to share sensitive information over a website or buy something from an e-commerce store, make sure that the web address begins with “https” and not “http” and has a lock icon in the URL field.
HTTP, which stands for Hypertext Transfer Protocol, is a protocol that allows the transfer of data between different systems, like a web server and web browser. The problem with this type of protocol is that the data isn’t encrypted and can be stolen by third-parties.
HTTPS, which stands for Hypertext Transfer Protocol Secure, uses an SSL (secure sockets layer) certificate, thus creating a secure encrypted connection.
Tip: Safe search tools like McAfee Site Advisor can help you stay away from risky sites.
There are two types of public WiFi networks: open and private. An open network, which users can connect to without a password, doesn’t offer any protection. Conversely, a private network, which requires a user to register an account or type in a password, encrypts the traffic that passes through it.
Although private networks are obviously more secure than open ones, you should be wary of using either. If you do have to connect to a public WiFi network, refrain from shopping online or accessing sensitive information, like your bank account or email.
Ideally, anytime you connect to a public WiFi connection, you should use a virtual private network (VPN). Because a VPN encrypts your internet traffic, no one can see what you get up to online. While there are plenty of free VPNs, nothing in life is truly free and there have been cases of free VPNs selling user data to third-parties. As such, it’s generally better to sign up for a paid service.
Tip: TechRadar has a list of the safest VPNs for 2020.
It doesn’t matter how careful you are when you’re using your device. You still need antivirus protection. A good antivirus program will not only protect you against computer viruses, but will also safeguard you against things like rootkits (a type of malware that gives cybercriminals the ability to access your computer remotely), worms (a kind of malware that can spread copies of itself to other computers), trojan horses (malware disguised as legitimate software), and spyware.
Keep in mind that if your antivirus is outdated, it won’t protect you against new threats. Therefore, it’s a good idea to set up your antivirus to check for updates automatically.
Tip: Wondering if your antivirus is up to the task? AV-Comparatives is an independent organization that tests antivirus software and releases results on their site.
Social media is great for staying in touch with friends. But it can also lead to oversharing. The more information you divulge about your life online, the easier it is for data brokers to compile a profile on you and for cybercriminals to target you with scams.
If you’re not willing to delete your social media accounts, set your accounts to private, avoid disclosing personal details (like your phone number) and your whereabouts, and never accept friend requests from people you don’t know.
Tip: Take a look at our blog post on how to keep your personal information private when using social media.
When you need to find out something quickly, chances are, you turn to Google. And you’re not the only one. About 1.7 billion people use Google daily to ask things like “area 51 raid,” “intermittent fasting diet,” and “where is the super bowl this year?”
But what most people don’t realize is that Google logs more or less everything you do, including every search you perform, every YouTube video you watch, and, if you use Google services on your phone, every place you go to.
Don’t like the sound of that? There’s an easy solution, and it doesn’t require you to ditch Google in favor of your local library. “Non-track” search engines like DuckDuckGo don’t collect, store, or share their users’ personal information. DuckDuckGo is also surprisingly easy to use (it even has a map feature), so you’re highly unlikely to miss Google.
Tip: Search Engine Journal compared Google and DuckDuckGo — the article is worth a read.
A good ad blocker will not only get rid of annoying ads and make web pages load faster, but it’ll also make your online experience that much safer by removing “malvertising,” a practice that involves hiding malware in online ads.
The scariest thing about malware is that you don’t even need to click on a malicious ad for your device to get infected. Drive-by advertising downloads can infiltrate your device with malware or spyware the second the infected page starts loading.
However, note that some ad blockers might monitor your behavior and sell your data to third-parties, so do your research. Another thing to consider is that many free sites earn money from displaying ads, so you might want to think about whitelisting sites that you use frequently.
Tip: An ad blocker is more powerful when you pair it with Blur, Abine’s anti-tracking and online privacy tool.
If you’ve ever been involved in a data breach, it’s likely that your login details, including your email address, are up for sale on the dark web. Having a strong password and using two-factor authentication can help protect you against cybercriminals. But if you want to go a step further, think about using a masked email.
A masked email is a unique email address that forwards on emails to your true email address. Although it might sound complicated, generating masked emails is typically a breeze. With Abine Blur, you can create as many masked email addresses as you want and block them anytime you’re tired of spam messages or concerned about your safety.
Tip: Here’s a video tutorial on how you can create a masked email with Blur.
Every time you visit a new site, you’re probably asked to accept cookies. Most cookies are there to improve your web browsing experience and are, therefore, more or less harmless. It’s thanks to cookies that you don’t have to log in to the same site over and over again or rebuild your shopping cart after accidentally clicking out of an e-commerce store.
Tip: Cookie Law Info goes into detail about the different types of cookies out there, how to check what cookies a site uses, and how to delete them.
Look at your phone — how many of the apps that you’ve downloaded do you actually use? If your answer is “not many,” take the time to delete most of them now. Not only will this five-minute task clear up some space on your phone and make it run faster, but it’ll also keep you safer.
In particular, pay attention to old apps that no longer get updates. These apps can pose serious security threats because if there’s any vulnerability in the code, it won’t be patched. For example, in 2019, a vulnerability in the privacy-focused messenger Signal allowed bad actors to listen in on users but was quickly patched up.
As for the apps that are allowed to stay on your phone for the time being: make sure you update them regularly to keep your phone safe and read their terms and conditions (FYI: some apps track users).
Tip: Terms of Service; Didn’t Read is a community project that grades the terms of service and privacy policies of the biggest internet sites and apps.
With the above tips, you can significantly reduce your risk of being hacked or exploited by bad actors online. To further eliminate the danger of being taken advantage of by cybercriminals, consider subscribing to DeleteMe.
Many of our online actions (like oversharing on social media or accepting cookies without understanding how they affect our online privacy) can help data brokers and people search sites create comprehensive profiles about us. These profiles are then sold to companies who bombard us with targeted ads and cybercriminals who try to scam us.
DeleteMe will not only remove you from these sites but will also ensure that you stay off them for good.
DeleteMe is our premium privacy service that removes you from more than 30 data brokers like Whitepages, Spokeo, BeenVerified, plus many more.
Save 20% on DeleteMe when you use the code DIYPRIVACY.
Our privacy advisors:
Save 20% on any individual and family privacy plan with code: BLOG20