Updated: Apr 4, 2019
In a recent blog post we detailed how to identify and protect yourself from phishing attacks online. However, there are more internet-based threats than just phishing, and more ways to protect yourself than just using a password manager and exercising general caution. In this article we’ll detail some of the other steps you can take to make sure that your information online is safe and secure. If you have older friends and family who just aren’t tech savvy, the advice in this article can give you some information on how to make sure your whole family stays protected.
Ensure That Any Security Service You Use is Trustworthy
This is the most important piece of advice we can give for maintaining your online security. Any security service recommended in this article is actively in-use by our staff, and as such we trust it. However, a popular online scam technique is to masquerade as an anti-virus or real-time web protection service, tricking consumers into downloading and installing what they believe is a trustworthy program. The malware will then either covertly steal that individual’s information, or act as ‘ransomware’, which will lock-down aspects of their computer - such as restricting their internet access - unless they pay a fee. Even if a victim of ransomware pays to have the restrictions lifted, there is no guarantee that whoever is behind the malicious software will lift the restrictions. Remember, if it comes from a pop-up or sudden redirect from a website, it’s probably not worth trusting. Do independent research, and if there is someone you know that is tech-savvy, ask them what they use.
Regularly Scan Your Computer for Viruses
Another important aspect of internet security is regularly checking your devices for viruses and other malware. At a minimum of once every two weeks, scan your computer or other devices, such as your phone. Both MacOS and Windows have built-in device protection, but third-party solutions can be useful as well. A popular third-party anti-malware application is Malwarebytes Anti-Malware, which is available for MacOS, Windows, Android, and iOS. Remember, you can take all the appropriate steps available to protect yourself online, but none of them will be effective if your device is compromised.
Use a Password manager, Never Reuse Passwords
While we touched on this previously, this is absolutely critical. In the event one of your online accounts is compromised, not having reused passwords will help ensure any damage or information leak is isolated to that one account. The last thing you want is for your Amazon account to be compromised, and then have someone with malicious intent also having access to your online banking and email. If you aren’t able to remember the dozens of passwords required to have every one of your online accounts using a different password, a password manager can be an effective solution. A service like LastPass creates an individual, randomly generated and encrypted password for each account you integrate with it. All you have to do is sign into LastPass from a computer, and navigate to whichever service you would like to use it with. LastPass - or another password manager of your choice - will auto-fill the password it has created into the password field, and you can login as normal. Most password managers - LastPass included - are also available on mobile devices, ensuring a consistent level of security across all your devices. Now to be entirely secure, you will want to have at least three passwords you remember: one for the password manager itself, one for the email address attached to the password manager, and another separate password for each online banking account you control. This will ensure that in the unlikely event that someone is able to get the password for your password manager you can reliably reset its password without any bad-actors then having access to that new password. Additionally, in the event that your email is compromised, your banking information is safe, and we don't need to tell you how important that is.
Don’t Use Obvious Passwords
Unfortunately, the easiest passwords to remember - the names of your children, your first pet, and so on - are the least secure. Because of how easy it is in the digital age to find out general personal information about someone, any handcrafted passwords you create should avoid common password tropes, such as your birthday. It can be tough to think of something, but even a random string of words such as ‘dollarhouseBologna’ can be easy to remember, yet secure.
Use an Ad-Blocker, Maintain a Whitelist
While advertisements online might seem like more of an annoyance than anything else, they can actually be a very real security threat. Due to the nature of how web-pages are loaded - technically you are downloading every web-page you visit - advertisements are increasingly becoming a popular attack vector for bad-actors on the internet. While advertisements do support online content creators - such as those on YouTube - you should always take the necessary steps to protect yourself. However, there is a simple solution: maintain a whitelist. If there are websites you trust with advertisements you know are not malicious, you can ‘whitelist’ that website, allowing you to view their advertisements and allowing them to generate revenue, while also protecting yourself. A massively popular ad-blocker is uBlock Origin, available for Firefox, Safari, and Google Chrome as a browser extension.
Change Your Modem and Router Passwords
Most modems and routers either sold by a retailer or provided by an internet service provider will ship with a generic username and password, set by the manufacturer. As most of these units will share the same password, it’s trivial for someone to leech off of your WiFi connection, using your internet connection to browse the web, and potentially download illegal content. The solution for this is simple: change the password to something easy for you to remember, but not something obvious, as we mentioned previously. This is important for more than just security reasons, as even if someone is able to gain access to your WiFi connection and they don't have nefarious intentions, they will still be using your internet data. If you have a limited amount of data each month, this could cost you money.
Use a VPN
A VPN, or ‘Virtual Private Network’ is a service that allows you to appear as though you are browsing the internet from a different physical location, meaning that it is significantly harder for internet tracking services to find you. Most people prefer to use a VPN for privacy reasons - who likes being tracked online? - but in countries where certain websites are blocked for political reasons, they can be an effective way to bypass geo-restrictions in a way that is safe for the user. The tricky part with choosing a VPN is making sure that the VPN itself does not store or sell your information; if the VPN is free, you can reliably assume that they are selling your information. An affordable and trustworthy VPN that has made the news for not being able to link web-traffic to a user is Private Internet Access, which is also endorsed by several high-profile computer tech enthusiasts.
All information herein subject to change and all offers mentioned are subject to change and OAC.