Stay Safe Online: Essential Internet Security Tips for Everyone
We all spend a great deal of time online, relying on our connection to this digital landscape for many aspects of our lives. Often, we're told this virtual world is filled with flowers and pretty landscapes where everyone helps each other and spreads information across the globe. However, the reality is that there are snakes in the garden, aiming to prey on the most vulnerable. These are the people who don't understand why many applications have specific password requirements or why two-factor authentication (2FA) is necessary. Some might even skip certain access control features because they seem annoying or cumbersome.
Black hat hackers and scammers constantly target these individuals, and we often hear horror stories about emptied bank accounts and ruined computers. It's scary, but it's not all bad news. While the learning curve for better internet security can be steep, many simple actions can have profound and far-reaching impacts on your digital safety, leaving you better protected from hackers.
In 2023 there were at least 2,365 cyber attacks alone, and with current global tensions, we live in an age where another massive cyber attack could occur at any time. Modern battlefields are often digital, with warfare fought using code and zero-day exploits rather than bullets and tanks. Therefore, it’s crucial to take your online security seriously. That's where these tips can help.
Use Strong, Unique Passwords
Passwords often receive more complaints than they deserve. Many people moan and groan about logging into everything, yet your password is your first line of defense against unauthorized attackers. Even worse, when people do create passwords, they are often so weak they’re hardly considered passwords at all. I’m looking at you, Mr. "password1234" or "wordpass1234." Attackers are much smarter than that. As a warning to those who use easy-to-guess passwords, there are entire lists—millions and millions of rows long—of the most commonly used passwords. The law of averages does not lie. Rule #1: Don’t use easy-to-guess passwords.
Tips for novices -
Use a mix of letters, numbers, and symbols
Avoid common words and easily guessable information (e.g. birthdays or locations)
Tips for the more experienced -
Use a password manager to generate and store complex passwords. I highly recommend Proton’s range of services, its free.
Enable two-factor authentication (2FA) where possible.
Keep Your Shit (Software) Updated
Please. I beg you. Everyone begs you. When windows asks you to update just do it. You will not believe how many issues this can solve. Windows pushes many updates that solve loads of security issues. Sometimes these flaws can be huge security vulnerabilities that allow people remote access to your computer. Literally one step of the hacking/info gathering process is to scan a targeted machine and see what versions of things they are running and seeing if that version has a vulnerability to exploit. The more you update, the less options attackers may have. A rule of thumb for nearly everything cyber related, just be aware and be willing to learn. It can really help keep you and your info safe.
Tips for novices -
Enable automatic updates on all devices and applications.
Regularly check for updates if automatic updates aren’t available.
Tips for the more experienced -
Understand the types of vulnerabilities addressed in updates.
Use tools like WSUS Offline Update to manage updates in complex environments.
Be Wary And Understand Common Phishing Scams
Don’t confuse phishing with fishing. While they sound the same and, in a way, act the same, they are completely different activities. Fishing involves holding a line out for fish; phishing involves casting a net for personal information. Phishing is the act of sending fraudulent and malicious emails that appear to come from credible sources, aiming to trick the victim into clicking a link or interacting with it in some way. This often results in malicious files or code being uploaded onto the system without the user even knowing, such as keyloggers, spyware, or other harmful software designed to steal valuable personal information.
This becomes an even greater issue if you work for a company with large digital environments. Many outsiders use phishing attacks to try to infiltrate a company's network to steal, leak, or blackmail for sensitive information.
Tips for novices -
Don’t click on links or download attachments from unknown senders.
Verify the sender’s email address and be cautious of urgent or alarming messages.
Tips for the more experienced -
Use email filtering tools and anti-phishing software.
Use Secure Networks When Needed
Public Wi-Fi is dangerous. It’s tempting to connect to the café’s internet to browse cat pictures or send that email, but most of the time, these easy-to-access public networks are not as safe as they should be. Often, they are hastily set up by the business or network owner to provide free internet, sometimes as required by law. This means someone could be watching your network traffic. This is known as a man-in-the-middle attack (MITM). For simplicity’s sake, we won’t delve into the details here, but when you’re out in public, using a VPN or simply relying on your mobile data is safer than connecting to a public network.
Tips for novices -
Avoid accessing sensitive information over public Wi-Fi.
Use a VPN (Virtual Private Network) when connecting to public networks. Again, I recommend Proton’s VPN app for both desktop and mobile.
Tips for the more experienced -
Understand the types of attacks that can occur over public Wi-Fi (e.g., man-in-the-middle attacks).
Implement and configure VPNs properly to ensure maximum security (e.g. kill switch, server hopping).
Understand The Importance Of Encryption
I’m not suggesting you go out there, buy a textbook, and start reading things like RSA, MD5, Hashing, and so on unless you want to! I mean, its pretty cool if your a nerd like me. But you should be aware of what encryption means in its basic form, taking data from a readable form to a unreadable form that can’t be easily snooped on. Again, just because something is encrypted does not mean its immune, there are tools like Jack The Ripper that can decrypt things if the situation is correct, but it makes it impossible to simply read your data. This happens every time you send an email, in theory anyway. While its in transit your contents are encrypted until it reaches a mail sever (IMAP, POP, SMTP) where it will go to the receiver and be decrypted.
Tips for novices -
Use encrypted messaging apps (e.g., Signal, WhatsApp).
Ensure websites you visit use HTTPS.
Tips for the more experienced -
Implement encryption on personal and professional devices.
Understand the differences between types of encryption (e.g., AES, RSA).
Practice Safe Browsing Habits
We spend so much of our time browsing online that we may think we are doing everything we can to be safe or that we never do anything risky. But let's be honest, we've all fallen for the lure of a tempting online offer that could have been hostile—for example, cheap games, discount codes, and so on. If something seems too good to be true, as much as it sucks to admit it, it’s likely not real. In fact, recently, while working on a family member’s PC, I found myself on a fake Microsoft website during the factory reset process. Long story short, even official-looking websites can be fakes. Always look for out-of-the-ordinary things, such as misspelled URLs or other odd elements.
Tips for novices -
Avoid clicking on pop-ups and suspicious links.
Use a secure browser and adjust privacy settings.
Tips for the more experienced -
Regularly clear cookies and cache to maintain privacy.
Educate Yourself Continuously
Continuously learning and advancing your understanding of internet safety and cybersecurity is one thing that is entirely within your control. You can choose to learn and be aware, or you can ignore everything and take your chances. When something bad does happen, it’s easy to blame external factors. This is a normal human reaction. However, there are countless resources available to help you educate yourself, many of which are free. The best thing you can do is keep learning and never be satisfied. Given how much the digital landscape morphs and advances, staying informed is an ongoing effort.
Tips for novices -
Follow trusted sources for security news and updates.
Take online courses or watch videos on basic internet security.
Tips for the more experienced -
Participate in forums and communities focused on cybersecurity.
Attend webinars and conferences to stay updated on the latest threats and solutions.
Conclusion
The internet is a remarkable tool that connects people from all over the world, enabling communication and access to boundless information. However, it is also a place where harmful individuals aim to cause as much damage as they can. These tips will help you stay safer online, but remember, no matter how safe you make yourself, there is always a chance you could face some sort of attack. Stay safe out there, and keep educating yourself.
