How to be Cyber Safe: 19 Tips from the Experts
Thousands of online users believe that Anti-Virus software will protect their computers, their sensitive information and their privacy from the known and un-known viruses, malware and scams that are available today. However, this is far from the truth.
Viruses, scams and malicious code are written to exploit vulnerabilities in software, programs and devices. Each time new technology is released, new viruses targeting the new technology are written especially. Relying on Anti-Virus software is no longer enough. As online users we have to take our own personal online security serious and ensure that we do everything in our power to protect ourselves and our families.
Below are 20 commandments (or habits) that are quite useful to implement in your daily online activity.
There is never a guarantee that you will not fall victim to an online attack; however rather be safe than sorry.
1. Don’t recycle your passwords
When one password is used on multiple accounts and devices it is referred to as password recycling. Password recycling is a common occurrence due the vast number of online accounts individual users own – and in all fairness it is a lot easier to remember one password than 10.
Should a hacker gain access to one of your accounts they will most likely try to use the same password on another account – if successful, they are in and will be able to access all of your accounts.
Another common occurrence is the use of “common” passwords. A recent article published by Password Dragon titled Top 50 most common password that should be avoided at all time should be part of your reading list. Make sure you use a unique password for each account. There are several online password generator tools available which could assist when creating multiple passwords for multiple accounts.
2. Always update your tech
A software update is NOT a suggestion and should not be taken lightly. There are hundreds (if not thousands) of online users who neglect to update the software on the devices and computers they use, yet when the devices are infected they are the first to wonder why. If you take a couple of minutes to scan through the updates required you will soon notice that 80% of the time those updates are security related.
Updates on software is generally released either to fix a bug / error that occurred during development or to increase the overall security of the software. By thinking software updates are mere suggestions you are not only putting your own personal information at risk, but risking all of the devices you connect to as well.
3. Read before you agree to Terms and Conditions
A recent iWits online awareness campaign revealed that 83% of Namibian online users do not read Terms and Conditions before accepting them. It is not a problem that is only faced in Namibia, but on a global scale. Sadly it just shows how little online users care about their online rights. As a user it is your sole responsibility to understand the terms under which you use a platform, service or device.
An article published in the Guardian indicated that 25% of online users in the United Kingdom who did not read Terms and Conditions (in the past) have suffered because of it. Take the first step: Read online Terms and Conditions to ensure that you know and understand your rights as a user.
4. Don’t plug your USB stick in everywhere
USB Devices, like flash drives and external hard drives, are amazing portable devices to collect, store and share information. A single USB device can be used to store and share information with multiple users. When sharing (or retrieving) information on a USB device it is YOUR responsibility to ensure the safety of that device and information on the device.
If you are careless and merely plug-and-play without thinking about the consequences you might end up with a nasty virus. You don’t want to be tagged the USB Slut, thus it is important that you know who you are plugging in with and who else has plugged in before you. Don’t just jump into the nearest USB port without protection; make sure you get your stick checked out before the time.
If you wish to find out more about the types of malicious code being spread via USB devices, watch snippets from the Black Hat Hackers Conference (2014) below.
5. Don’t open emails from unknown addresses
Emails, until today, are still one of the most common methods to spread viruses. In many cases a single email account will be hacked, once access is obtained a bulk email is sent out to all of the contacts found in the email account. As soon as one of the recipients opens the email the process starts all over again.
When an email is sent from an unknown company or sender, DO NOT OPEN IT! It’s truly as simple as that. If you are not expecting an email from the company or sender there is no need to open it. If the message was truly important the person or company will find another way to contact you.
There have been a number of computer viruses like “I Love You” and “The Anna Kournikova Virus” that was spread purely via email.
6. Watch out for these Scams
It is important that online users understand the following:
- You will NEVER win a million dollars for being a visitor on a website;
- You will NEVER win a prize by forwarding an email (or sharing a post on a Social Media Platform);
- You CANNOT help starving kids in Africa by forwarding an email or liking a post;
- If the title reads “You wouldn’t believe it…” or “Shocking News” it is most definitely a scam; and finally
- You most probably do not have long lost family members who were millionaires.
These are merely the tip of the iceberg when referring to online scams – and with each passing day new scamming methods are released. The majority of these scams are aimed at data mining – and in most cases your information is being sold to the highest bidder.
7. Not all emails are real
Banks and financial institutes WILL NOT send you an email requesting that you login to your online banking account – in most cases banks aren’t even truly allowed to correspond with customers via email. Social Networks will only ask you to activate / verify your account via email, once that is done there is no need for you to do this again.
So many online users have fallen for these simple scams in the past. Hackers build “dummy websites” that look similar to the institute they are “representing” and once you login they store your login details! It’s as easy as that.
8. Never share your contact information
Your contact information (cell phone number, telephone number, email address, skype address, etc.) is not information that should be given away freely online. By doing so you are merely making yourself vulnerable to scams, cyber bulling, and so on.
Believe it or not, but too many, that contact information is extremely valuable and can be sold for a couple of dollars on the dark net. On 20 May 2014, iWits published a video illustrating how easily email addresses can be obtained from websites and what can be done upon obtaining such information. Your friends, family and colleagues know how to reach you – so don’t share that information online.
9. Privacy is your right
When using a bathroom in a public facility you have the right to your privacy. What you do in the bathroom does not have to be shared with the world, even if you don’t have anything to hide. Your privacy is your right and not a privilege.
When accessing online platforms and services you as the user have the right to decide what information should be made public and what should remain private.
Many online users say that they have nothing to hide, thus online privacy does not concern them, but whether or not you have something to hide is not the issue. Privacy is our basic human right – what we do in the privacy of our own lives has nothing to do with any individual or company.
When looking at online privacy you should not think about what you have to hide or not, but rather realise that if your privacy is breached on a small scale – nothing is stopping anyone from exploiting your privacy on a larger scale.
10. Only add people as “friends” you know
We all know that the “cool kids” have thousands of friends – some even 5,000 on Facebook. Who are those people? Are they close friends or merely someone who randomly added you as a friend? If you receive a friend request from an unknown person it is recommended that you do not accept the request.
Creating a fake Facebook profile takes a couple of minutes – and once it’s done the possibilities are endless. If you do not personally know the person who sent the friend request, simply ignore (or delete) it. If you don’t you might end up sharing intimate information or photo’s which could be used against you in the form on online black mailing or bullying.
11. Use a Virtual Keyboard
“It is possible to track the keystrokes one does on a keyboard” – That little bombshell has shocked many. Hackers can record or intercept the login process when accessing your online bank accounts or credit card credentials by tracking your keystrokes.
If you’ve installed Ubuntu in the past you might be familiar with this concept. We would recommend using a Virtual Keyboard when logging into your bank account or even entering credit card details online. This ensures that your keystrokes cannot be tracked and used against you. Read more about Virtual Keyboard and the importance thereof, on Kaspersky (Internet Security Company).
Remember Windows users already have a Virtual Keyboard (part of the default installation) which can be used, it is referred to as the “On-screen Keyboard”.
12. Watch out for Christmas Scammers
The Jolly season is upon us – and scammers worldwide. This time of the year is the most profitable for scammers all around, simply because it’s in our nature as consumers to bargain hunt. In fact, according to the NAB, more than 4 Million Australian Dollars was lost in 2012 as a direct result of online scams.
Before jumping at the first online bargain, try to find out if it is a scam or real. This is easily done by reading the terms and conditions of the service or portal. McAfee published an article with the top 12 Scams of Christmas to watch out for.
13. If it’s no longer supported – let it go
We are referring to outdated software. If software is no longer being supported by the manufacturer then it is time to let it go. Once a manufacturer seized support on a piece of software the software no longer undergoes security updates, which means once a vulnerability is found it will not be fixed.
A perfect example would be Microsoft Windows XP, which is still being used by many after Microsoft seized support on the operating system in April 2014. A recent article published by iWits revealed that more than 500,000 computers have been infected by a Russian-speaking cybercrime operation and that 52% of those infected computers were still running on Windows XP.
14. Take risks with a Virtual Machine
Every now and then we all want to live life on the edge: exploring, testing and tampering. Yet your adventurous nature could have serious consequences, especially if your computer ends up with some sort of virus.
The fear of catching a virus does not have to restrain your curiosity, if you feel the need to explore simply install a Virtual Machine. A Virtual Machine is software which allows you to run two separate operating systems on the same computer. For instance if your computer is running Windows 8, you can run Ubuntu on the same computer via a Virtual Machine.
Now you can start exploring, testing and mucking about. It is important to remember that a licensed copy of Microsoft Operating Systems is still required for the use on Virtual Machines.
15. Be wary when sharing your location
Today, user locations can be shared on platforms like Facebook when posting – this feature allows users to communicate their location with one another or to ensure that they remember the location a specific photo was taken years from now. It is great!
Imagine you are one of the “cool kids” with 5,000 friends on Facebook of which only 200 are close friends and family members – who are the other 4,800 and why are you sharing your location with them? This might seem a bit farfetched, but in reality you are sharing your current location with 4,800 potential criminals!
16. Protect your Router
A couple of years ago people greeted each other as follow: “Hello, how are you?” This greeting has transformed to the following: “What is your Wi-Fi password?” With each new device launched the need to be connected increases, however you should not sacrifice your entire network to simply satisfy a friends’ need to be connected.
When you have a guest who wishes to use your Wi-Fi, it is your responsibility to ensure that the persons’ computer (or device) is virus free. If the newly connected device contains a virus or malicious code it can quickly spread throughout your network, compromising (or even infecting) all of your devices within seconds.
17. Internet of Things: Secure your connection(s)
The Internet of Things is transforming our lives in every single way; however a recent article published by iWits illustrated how unsecure a lot of these smart-applications or devices could be.
When purchasing products that connect to the internet – do some research – find out what security measures the company has put into place and how the connection is made. You do not want your Toilet to infiltrate your entire home network, now do you?
18. Weigh your options
Smartphones has opened an entire world of mobile interaction via apps. Many smartphone apps allow users to login with their Facebook account, by doing so the user allows the game or app to access key information about the user.
In most cases these games or apps require basic information from the user; however apps can be used to “steal” valuable information from the user. Before providing an app access to your Facebook account or smartphone, make sure you understand exactly what information is being accessed.
It is your responsibility to weigh your options – is playing a game or using the app worth the information they are requiring from you and do you think that this information will help improve the user experience you receive from the app or game?
Switch off your web cam, they might be watching
This is nothing new. People have been hacking into computers for years now – gaining access to the entire computer and all of its functionalities. Once your computer has been breached there is no knowing what the hacker wants or what they will do, so rather be safe than sorry.
A recent article published by Mashable exposed a Russian website who posted live video streams from hacked webcams. The “victims” were not even aware that their computers have been infected, thus not seeing the threat. To protect yourself ensure that your web cam is always switched off and before switching it on make sure your computer is virus free!
19. The Last Defence: Anti-Virus Software
Yes, this should be your last form of defence and not your only form of defence. For years, generations have been taught an Anti-Virus is all that is needed to remain safe and secure online – this is no longer true.
People who develop Anti-Viruses and the people who exploit these Anti-Viruses share similar skills, thus it is understandable that Anti-Viruses can also contain flaws, bugs and vulnerabilities. Bugs and errors occur and most viruses are written especially to exploit such bugs and errors found in programs and software.
If you follow the guidelines outlined above you are already more secure than the majority of online users; however as there is never a guarantee in your personal security we would recommend keeping your current Anti-Virus running in the background. The higher your defences the more difficult it will be to attack.
Just make sure that you’re Anti-Virus software is always up-to-date and that you use Anti-Viruses on all of your devices (computers, smartphones, etc.)
This article has been rewritten and republished with permission from the authors. Original article appeared on iWits Blog.
MYD Smart was proudly brought to you by PWC.