The age of the internet has brought us many benefits, but it has also brought with it its share of risks.
As our lives migrate further into the online realm, we open ourselves up to increased risks of crime such as scams and theft.
Therefore, it is important that we take necessary steps to protect ourselves when surfing the web.
In this week’s column, I’ll provide some tips (in no particular order) on how to keep yourself safe online.
1. Avoid suspicious e-mails/phonecalls:
Phishing is one of the most common cyber crimes committed and involves tricking a victim into providing important information such as bank details or account logins.
Online, these usually take the form of fake e-mails or website links but it can also be done via telephone.
Phishers pretend to be relatives or representatives of an organisation and ask you to either send them the information or click a link which will download malware onto your computer.
With the information secured, they can begin to empty your bank account or commit crimes in your name.
Thankfully, phishing is easy to defend against as so long as you pay attention.
Never provide bank details via e-mail or over the phone – a real bank representative would never ask you to do so anyway – and don’t click on links provided in e-mails if you don’t know the person who sent it.
2. Update software regularly:
Another common way for hackers to steal information is by exploiting flaws in outdated software.
You know those annoying reminders to update your PC which always seem to pop up at the most inconvenient time?
Well those are actually pretty important. since a large part of any software update is the patching of security flaws.
No software is perfect and there’ll always be some sort of exploit hackers can use to break through.
However, programmers work hard to make sure these exploits are fixed as soon as possible, thus preventing them from being used to harm users.
Of course, if you are still using older versions, you don’t benefit from that protection so make sure you update on a regular basis.
Most software automatically updates in the background or at least notifies you when an update is available. so just make sure to keep a lookout for them.
3. Anti-virus software:
This is definitely one of the most important steps any responsible PC owner should take.
As the name suggests, anti-virus software protects your computer from viruses, malware or hackers. and any other tomfoolery potential hackers might try and pull.
They do this by regularly scanning your PC for anomalies, scanning downloads for threats and running firewalls which monitor your internet traffic to ensure nothing tries to sneak past.
Anti-virus software is the basic tool in any cyber-security arsenal and should be one of the first things installed when booting up a new computer.
There are a number of different packages on offer with a variety of pricing models to suit your needs.
Some of the top software companies include Norton, McAfee and Avast but there are others.
Your best bet is to look around and read a bunch of reviews before making a final decision.
Passwords are arguably the most vulnerable spot for most people and therefore keeping them safe is incredibly important.
Most people only use one password for all their accounts and it is hat password is often really easy to guess.
This might not be all that important if its the account to your favourite cooking blog, but when that same password is also guarding your e-mail or online banking, then it becomes a serious security threat.
When it comes to making a strong password, there are two popular methods.
The first is to use a random combination of letters, numbers and symbols. known commonly as a randomly generated password.
It’s recommended it that the combination be at least 12 characters long, although the more characters involved, the stronger the password.
The next method is what’s known as a diceware password.
You take a list of random words, each assigned a five-digit number – the Electronic Frontier Foundation (EFF) provides one with more than over 7,000 words on their website. if you want.
You then roll a die five times to get a number and corresponding word, repeat this at least five times, and you’ve got a password.
Mathematically, diceware is the strongest form of password generation available.
But don’t think that just because you have a strong password, it’s all good. If you’re still using a single password for all your accounts, then all a hacker has to do is compromise one account. You’ll need to have a unique password for every different account you own.
But how the heck are you supposed to remember all these random passwords, you ask? Well that brings us to the next tip…
5. Password managers:
A password manager, put simply, is a database storing all the login details for your different accounts.
When you have multiple accounts, each with different randomly generated passwords, using a manager is essential. The manager itself is locked with its own password, which means that you only ever need to really remember one password instead of a dozen.
Like anti-virus software, there are plenty of different password managers out there depending on your needs and price range.
I personally use KeePass since a) it’s free, and b) it stores your passwords onto your computer instead of an external server.
However, other popular options include LastPass, Keeper and BitWarden.
6. Two-factor authentication
Okay, last tip about passwords, I promise. Once you’ve got all your random passwords sorted and stored onto your manager, the final step should be to set up two-factor authentication (2FA) on any accounts that allow it.
As the name suggests, 2FA simply makes logging in a two-step process instead of just one.
Once you’ve entered your password, the website will ask you to verify your account through your phone.
Sometimes they send you a one-time password over SMS, or other times they use an app such as Google Authenticator which generates a special code every few seconds.
2FA is important because it means that even if someone does discover your password, they still won’t be able to log in to your account without your phone.
You can usually find it in your account settings, so turn it on if you haven’t already.
These were just some basic tips and the majority of our readers won’t need much more in their day-to-day lives.
For those who are a little more security-conscious, however, there are other more in-depth steps you can take to further defend both your security and privacy. They’ll be the subject of next week’s column.