The Internet can be a scary place these days. Although it can often be used for good, such as providing people with remote jobs and lifelines to disabled people stranded at home, it can also bring out the worst of society, determined to exploit people’s good natures.
Whether it is someone trying to hack into your online accounts, sending you an email with a phishing link to get hold of your credit card details, or having your computer disabled by ransomware, there are risks involved in going online.
But as with staying safe offline, you can also protect yourself from hackers online by following sensible precautions. These are obviously no guarantee that nothing will happen, but it will make it much more difficult for the opportunistic “drive-by” hacker.
Strengthen Your Passwords & Use a Password Manager
The first lesson of computer security is ALWAYS good passwords. Unfortunately, many people hear this but then switch off and go back to binge-watching Netflix. The internet users whose password is 12345 or password.
You must have a password :
- Which is not connected to you in any way. This means not using your birthday, the name of your spouse, pet, parents, siblings, and so on.
- Which is a combination of uppercase letters, lowercase letters, numbers, and special characters (exclamation point, underscore, brackets, etc). 12345 is obviously terrible, but @X@3SqlH#<AYd+53mvJmM is perfect. The password should ideally be changed every 30-45 days. Add it to your calendar schedule.
- Make sure the account will notify you by email or SMS if the password is changed. Look in the account’s settings. If the password is changed without your knowledge or consent, deal with it immediately. Don’t tell yourself you’ll do it later.
- Do not use the same password for all online accounts. Also try and open several disposable email accounts and not use the same email for all accounts. The key is to keep accounts separate from one another in case of a mass data breach.
- In the password recovery options, add fake answers to the recovery questions. So when it asks where you were born, say “in a hospital”. If it asks for your first address, say “a nice big house”. Just remember the fake replies so you can access the account later if need be.
- The main piece of advice is to use a password manager. Our recommendation is KeePass but here are some other solid password manager recommendations.
Use An 2-Factor Authenticator App, Not SMS Codes
As well as a secure password, you also need to enable 2-Factor Authentication (if the website in question supports it – more are getting on board all the time).
I wouldn’t recommend the SMS message option as your default option though. Simply because some hackers are able to spoof your mobile phone number and intercept the SMS message. You can mitigate the risk to a certain degree by not publicising your mobile number online.
I recently wrote about how to set up Google Authenticator, and a while ago, I also discussed YubiKey, another 2FA method. So I would just refer you to those articles.
Use a Virtual Private Network & Force-Encrypt All URLs
Try not to use public wifi networks, unless it is absolutely essential. They are very insecure and you can easily have your account login details snatched by someone with a network sniffing tool. But if you absolutely must jump onto the Starbucks wifi, there are a couple of things you can do to mitigate the risk.
- Use a cross-browser extension, developed by the Electronic Frontier Foundation, called HTTPS Everywhere. As the name implies, it forces all sites you visit to go to the encrypted HTTPS version. This makes it impossible for a network sniffer like Wireshark to view the login details you enter into a site.
- The second thing to do is to use a Virtual Private Network (VPN). This hides your IP address and reroutes all your web traffic through the servers of the VPN company, making it look as if you are in another country.
We recently profiled ones you should seriously consider, as well as the best ones for Mac and iOS. Whatever you do, don’t use a free service.
Set Up a Firewall, Virus Checker, & Malware Checker
Firewalls can be rather difficult to set up as all incoming and outgoing web traffic is stopped, and you have to make “rules” for each one. But in the long run, it is well worth it.
MacOS users have a firewall automatically installed on their system (go to Settings–>Security & Privacy–>Firewall to switch it on). Windows users also have the built-in Windows firewall. There are also various third-party options, each with varying degrees of reputation.
Scan your computer constantly with a virus/malware checker and always make sure you have downloaded the latest updates. Here are some virus & malware scanners for Windows, and Mac users can take a look at this list.
Check URL’s & Files Before Clicking On Them
How many emails do you get every day claiming to be from your bank, Paypal, or Amazon? They will all attempt to look like real emails from these places (despite the typos), and they will ALL tell you that your details have been compromised, and since they are such nice helpful people, here’s a password reset link for you to click on.
But obviously the password reset link leads to a fake site and once you enter the old password, they’ve got you. So…
- Do not, under any circumstances, click links inside emails. Instead, open your browser, go directly to the website by typing the website URL, and log in the normal way. Do not assume that the email is safe, even if it comes from a friend. Their email address could have been spoofed by someone else.
- Do not click on short URLs (such as TinyURL), as you have no idea where these links lead. If you have to click on one of these links, run it through a URL expander first. It will tell you the real destination of the link.
- Before clicking on a link, mouse over it, then look in the bottom left corner of the browser where the link is displayed. Do both URLs match up? I’m betting they won’t.
- Be extremely careful with files with the format exe, zip, rar, iso, or anything which is an operating system script. But other formats are not immune. Run all files and download links through VirusTotal first.
- Make sure “autorun” and “autoplay” are disabled in Windows to stop USB stick viruses from auto-starting.
Shut Down All Inactive & Unneeded Online Accounts
When a hacker has your login details for one site, they will start to see what other sites you are on to see if the same login details work there too. So, as well as not reusing passwords, you should also shut down all online accounts you no longer need.
A lot of places make it extremely hard to shut down an account, some even impossible. But you can get direct links to account closure options by searching on Account Killer.
Use Disposable Credit Cards & Gift Cards
One of the commonest ways that people get stung by a hacker is by having their credit card details stolen in a data breach. New e-commerce stores are springing up all the time and so the more you use your credit card for an online purchase, the higher the chance that eventually that credit card number is going to become compromised.
As well as making sure that the website you’re buying from has an HTTPS link, you should also consider using one-time disposable credit cards and gift cards. Gift cards can be found in local stores and can be for something like topping up your iTunes balance or paying your Netflix bill.
Saphia recently profiled 5 reputable disposable credit card services, with Revolut being one of the best.
The above list is not an exhaustive one but if you are just starting out on your quest to make your online presence more secure and protect yourself from hackers online, these suggestions are the best place to start.