Protect Your Data: A Quick Guide to Online Security
Online security has become a topic of widespread interest, following major online crimes and controversies in the past year. As data protection scandals rocked Equifax, Under Armour and Facebook, among others, smaller incidents of cybercrime soared as well.
These days, cybercriminals employ more complex and sophisticated methods. According to a study by Javelin Strategy & Research, identity theft reached a record high in 2017. Account takeover tripled and card-not-present fraud increased by 81%, spurred by the increased security of EMV credit cards.
In order to stay safe online, you have to be able to protect yourself from the most common methods employed by cyber criminals, including:
- Malware: or malicious software, which infiltrates a computer to access data on it
- Social Engineering: messages or copy designed to elicit a response in which a user gives up their details; often involves intimidation or an appeal to emotion
- WiFi Snooping/Sniffing: spying on the data of other users on a network, especially public WiFi
Basic Internet Safety
Much of cybercrime committed against individuals is based on opportunity. With a good foundation of safe internet habits, you can reduce your risk significantly.
First, it is best to avoid sharing much information online. Be wary of any email, message, or social media content that demands, asks, or encourages you to divulge personal data, whether it has bank account details or something as simple as a birthday.
Remember that legitimate institutions never request such information via email. To be safe, it is best to provide such information either in person or over the phone. Even if you are sure the request for information is legitimate, never provide such information except through a secure website - definitely not through email or instant message.
Second, be sure to keep all your programs up-to-date with their latest editions. Many programs do this automatically or prompt you when there are updates, so this should not be too difficult.
Even if these programs are not security-related, the updates they get usually address vulnerabilities found within them. All it takes is for one out-of-date program to provide an easy backdoor into your device and a hacker could gain access to your information.
Finally, keep your accounts secure with strong passwords. Using simple passwords or using the same password for multiple sites are some of the worst mistakes you can make when it comes to online security.
Malware refers to a variety of software that infiltrates a computer, granting another party access to its data. Criminals send malware out through a variety of means, but most often through emails, downloadable files, and online ads.
In order to protect yourself, it is best to have software designed to either contain malware or to stop it from entering your device.
Your first line of defense should be a comprehensive antivirus/anti-malware suite. Most of the popular antivirus programs you will find these days fit this description. There are, however, some specialized programs that focus on Day 0 threats, which are malware that has just been released, making it hard for general antiviruses to detect them.
For added protection, you should use an ad blocker. The most popular ad blockers are browser extensions but you can also find standalone mobile ad blocker apps or ad blocking browsers.
Google recently added a built-in ad filter to Chrome. While this stops the most disruptive ads from loading, you can get a more controlled experience by downloading an ad blocking program or extension. Such programs give you more control over which ads to block and which sites to grant exceptions to.
Another common tactic criminals use is to intercept data as it is sent through the network, which is known as WiFi snooping or sniffing. In some cases, they even create fake public hotspots to lure unwitting users in.
In order to protect your data from these and other means of digital "eavesdropping", you should ensure that your data is encrypted. Encryption involves scrambling data that is sent so that only the intended recipient can make sense of it. Any third parties trying to pry into the communication will be unable to interpret it.
Encryption can be done at different levels of complexity. The simplest sorts are the ones you will find on secure networks and secure website connections. You should avoid unsecured networks and connections as much as possible, especially when in public. Here are some signs to look for:
- An icon indicating its security status. For Apple devices, secure networks have a lock icon; for Windows devices, unsecured networks have a shield with an exclamation point.
- A password. Most networks ask for this upon connecting, but some public networks use an in-browser login page.
Websites / Web pages
- A lock icon in the address bar
- The word "secure" before the URL
- A URL beginning with "HTTPS://" instead of just "HTTP://"
Using the net on mobile requires some precautions as well. Apps do not often indicate secure connections the way browsers do. Instead, you have to check each app to find out if it encrypts the information it sends. Use apps with encryption as much as possible. You may also want to check what information they log into their databases.
Finally, for the highest level of encryption, you can use a virtual private network (VPN). While connected to a VPN, all information your device sends or receives passes through an encrypted tunnel, protecting it from third-parties. It also conceals your IP address, making it more difficult for other users to track your activity. As with mobile apps, you should check what information a VPN service logs before choosing one-the less information they store, the better.