SECURITY EVANGELIST

A free and uncensored Internet is something we take for granted far too often.

In the past years, I like to think that we woke up from being oblivious to tracking and monitoring by state actors or private companies. But we have a long way to go when it comes to really securing our online presence. That is why protecting your privacy is key for enjoying a free and uncensored Internet.

And, as with all great things, the devil is in the details. Here’s an example:

How many times have you connected to a free wireless network without taking into consideration the potential risks?

I’m not perfect either. I used to do it too. Sometimes I still use public Wi-fi networks, but now I use key security security layers and I limit my activities to exclude sensitive stuff. I’ll talk more about that below.

What you should know is that privacy is connected to security and we cannot separate the two. The good thing about is that enhancing your privacy also has a positive impact on your online security.

And because I know your time is limited, I’ll stick to the online privacy must-haves. Here they are:

1. Use strong passwords for your sensitive accounts (email, financial, social media, etc.)

I know you’ve heard this piece of advice time and time again, but I have to insist.

Using strong passwords can help you avoid that feeling gut-wrenching feeling that you get when you realize that someone hacked your account. Not knowing what’s going to happen to your work or to your memories is something no one wants to experience.

So getting back to our plan, there are a few things you need to pay attention to when dealing with setting good passwords for your online accounts.

First of all, don’t use the same password for more than one online account!

The reason is quite easy to guess: if one of your online accounts is hacked, then the others will soon follow. By using different passwords, you minimize the potential loss you could suffer in case of a privacy breach.

One of the best ways to ensure that no one else can access your online accounts is to use two-factor authentication. Activating this security verification means that you will have to enter, besides your credentials, a code sent to your phone. Many services and online platforms offer this option and it’s a great way to ensure that your data is safe from prying eyes and hands.

If you’re not sure where to start with strengthening your passwords, our go-to guide has all the actionable details.

2. Stay safe from spyware threats with a specialized security solution

First, let’s establish fast, what exactly is spyware?

Spyware:
This is a type of malware designed to collect and steal the victim’s sensitive information, without the victim’s knowledge.

(Full definition in our cyber security glossary.)

Spyware can open pop-up windows in your browser, redirect your browser to malicious websites and monitor your browsing sessions, thus affecting your private Internet connections.

How would you feel if someone could monitor and record your keystrokes and Internet browsing history?

The trouble with spyware is that it can even endanger your financial information and other confidential details.

Here are a few signs which should look out for if you’re suspecting a spyware infection:

  • Your computer is slow when opening programs or running some applications
  • pop-up windows appear all the time
  • a new toolbar appears in your browser
  • your browser’s homepage is modified
  • the search engine in your browser is changed
  • error messages start to appear unexpectedly.

To stay safe from spyware, use one of the popular anti-spyware products available online. A few security solutions that can remove spyware from your system are Malwarebytes, Spybot Search and Destroy, Lavasoft’s Ad-Aware, etc.

At the same time, you can also avoid spyware by following these basic security practices:

  • Don’t click any suspicious links or pop-up windows
  • Don’t answer unexpected answers or simply choose No
  • If you suspect an email is spam, just delete it without opening it
  • Be careful when downloading free applications.

3. Keep your Windows operating system and your vulnerable applications up to date

I am quite sure you’ve read a ton of news about software vulnerabilities lately.

Many people don’t take these issues seriously, since most security solutions are mainly created to fight off malicious software.

But software vulnerabilities are not something you can ignore. If you don’t update your software, you’ll leave security holes open for cybercriminals to take advantage of. For example, Flash and Java are notorious for their security issues and for exposing their users to cyberattacks of all kinds. Repeatedly.

Software updates deliver both new features and fix security issues. And the second part is even more important than the first.

So, if you know you use popular software, like Java, Adobe Flash, Adobe Shockwave, Adobe Acrobat Reader, Quicktime or popular browsers like Chrome, Mozilla Firefox or Internet Explorer, always make sure you have the latest version available installed.

Online criminals constantly watch these apps and try to find security holes in them they can use to infect devices with malware. Combine that with the fact that most people hate updates and you have a perfect scenario for getting hacked.

If you want to break off from the hassle of manually applying updates, you can either set your apps to automatically update (but only a few offer that option), or you can use a tool to automate this process for you (for free).

4. Use a guest user account in Windows on a daily basis

In Windows, you can set different levels of rights and privileges for each user. What I want to recommend is to use a guest account, not an administrator account, on a daily basis.

If you use a guest account in Windows, you can ensure that, even if you get a malware infection, the damage will be limited to what the user you’re logged in with can do.

No admin rights = no admin privileges to infect your PC

Only an administrator account can make significant changes to your system, like deleting important Windows related files or installing malicious software. If you use your guest account, you will have to provide the credentials for the administrator account every time you make an important change.

5. Don’t turn OFF your UAC (User Account Control)

I must admit, this is something I saw people have the tendency to do:

They turn the UAC off as soon as they install/reinstall their Windows operating system.

But should you do it? Is one less click really worth exposing your system to cyber threats?

The answer is NO.

Here’s my proposal to solve this:
What if, instead of completely turning the UAC off, maybe you can only decrease the level of protection by using the provided slider?

user-account-control-windows-10

The role of the UAC is to monitor what changes happen in the system and ask for your permission for these changes. It will also give you heads up when an important event takes place, such as installing or removing an application.

The UAC makes sure you have administrator permissions and that you really want to take that action.

In case your Windows user account has been infected, the UAC helps you by preventing suspicious software from making changes on the system automatically.

6. Go online with a secure browser

Your browser is the main tool you use to access the Internet. Thus, you should pay a great deal of attention to securing it correctly.

This especially the case since vulnerabilities in browsers are like open invitations to cybercriminals. By using these backdoors (aka the vulnerabilities), attackers try to retrieve private data from your system (usernames, passwords, the websites you visit, etc.).

To secure your online privacy, you can follow these recommendations:

  • Choose the latest version for your browser and make sure you have the latest security updates installed. This is important and keeps your system secure from online criminals’ attacks.
  • Increase your privacy and security settings in your browser. We have an epic, user-friendly guide dedicated to just that, right here, on the blog.
  • Choose a private browsing session when you access a website you are not sure about. Choosing this navigation mode will prevent your browsing session details from being stored.
  • Alternatively, you can also use specialized secure browsers created by antivirus companies, such as Bitdefender’s Safepay, Comodo‘s Dragon Internet Browser or the Epic Privacy Browser.
  • Use only secure websites for sensitive financial operations. To visit a secure website, make sure the web address starts with “https://”. The “s” comes from “secure sockets layer”and it indicates you are connected to a website where data, which is sent and received, is encrypted.

Also, be very careful with the type of permissions you grant to add-ons and other browser extensions. They could hurt your Internet privacy.

7. Don’t trust public and free Wi-fi networks

Be careful when connecting to public and free wireless networks.

A favorite method used by online criminals to retrieve your private information is to use wireless network sniffers to access data sent over unprotected networks.

One way to increase your security is by using a “private browsing” session, this way you make sure your credentials won’t be stored locally. Nevertheless, this won’t stop the Internet Service Provider or anyone else from “listening” in to catch your private communication.

With the increasing danger of online theft and lack of privacy on popular social platforms, such as Facebook, you need to safeguard your freedom and protect your Internet activities. One way of keeping your browsing session private and secure is to use a VPN (that is a Virtual Private Network).

Getting your home Wi-Fi and devices in tip top shape for online browsing is what this security guide is all about. Cyber criminals won’t know what stopped them!

8. Check the link before you click it

Phishing threats are usually carried out by using email messages that apparently come from financial institutions or well-known, trusted brands and persons.

These attempts to retrieve your private information include links in the message that will redirect you to a fake web location, controlled by online criminals.

To make sure you won’t be infected by clicking on dangerous links, hover the mouse over the link to see if you are directed to a legitimate location. If you were supposed to reach your online banking website, but the link indicates “hfieo88.net“, then you should not click the link.

So, how can I know where I’ll end up if I click it?

To make sure you are going to the right direction, use a free tool such as Redirect Detective. This tool will allow you to see the complete path of a redirected link.

Another tool which can provide very helpful in checking suspicious links is the reliable URL checker VirusTotal.

9. Don’t forget to log out

Don’t simply close your browser when you are done with your financial operation or when you exit your online account.

You need to remember to log out from your online account. If you don’t do this, especially if you are in a public location, the next person who opens Facebook in the browser will access directly your Facebook profile.

I recommend you use a virtual browser for your financial operations to keep your online banking secure (the ones mentioned on point number 6).

Also, if you want to avoid authentication credentials (or cookies) from being stored in the browser, try solutions such as Disconnect.me or uBlock or others from this list we made.

10. Don’t post private information on your social media accounts

Sometimes people just hurt their Internet privacy themselves, without being pushed towards it.

The more personal details you expose, the more information you provide cybercriminals with, for free!

Take a moment to consider what you usually share:

Do use geotag all your Instagram pics and videos?
Do you check into Facebook from your home?
Do you show off everything you buy and where you go?
Do you publicly announce each time you go on vacation? (Burglars looove it when you do.)

Well, you’re just asking to get hacked or doxxed.

Once you get your oversharing under control, check your kids’ social media behavior as well. Make sure they won’t expose private information that may possibly be used against you, in phishing attacks or other attempts (details such as your home address, what you own, where you do your shopping, etc.).

Social scams and other threats target everyone, so here’s how to use Facebook, Twitter, LinkedIn and Instagram safely.

11. Don’t browse questionable web locations

Don’t browse or download content from unknown or controversial locations (such as torrenting websites). Even websites you trust and which invest time and money in their security can be compromised, so imagine what happens on the ones that don’t do it.

Nowadays, cyber-criminals exploit vulnerabilities in legitimate websites and inject malicious code, as to perform drive-by attacks on unsuspecting visitors.

Fishy websites, such as strange download portals and screensaver websites and others like them are riddled with malware, spyware (see point number 2), adware and other potential infections.

It may be a free screen saver or a browser toolbar that infects you with a keylogger that can record and send your personal data to cyber-criminals.

To make sure your system is protected and your credentials are not exposed, use a multi-layered approach to your Internet privacy and security. The more things you leave to chance, the more security holes attackers will use to get in your system to ex-filtrate your data to their servers (and the sell it for big money).

To sum up

This list of 11 things covers the bare minimum that you can do to significantly improve your online privacy in the shortest amount of time possible. If you’re going for effectiveness, this is the way to go.

Once you incorporate these practices into your digital life, you’ll find yourself more at ease and perhaps even more interested in online security. It’s one of those virtuous circles that keeps pushing you to do better.

In the end, we have to acknowledge that we can’t have all of the complexity and abundance of opportunities without the risks and the danger. But our privacy is a right and we need to know how to fight for it in every way we can.

This post was originally published by Aurelian Neagu in October 2014 and was updated by Andra Zaharia in November 2016.

cyber security True Stories
2016.11.03 SLOW READ

These True 12+ Internet Crime Stories Will Make You Care about Cybersecurity [Updated]

About the Time I Got Hacked
2016.02.10 INTERMEDIATE READ

True Story: About the Time I Got Hacked and Lost All My Work

Security Privacy Combo
2015.01.21 QUICK READ

Heimdal Security + VPN/Proxy = The Ultimate Security & Privacy Combo

Comments

as Always I do enjoying reading your articles every single time i’ve time to read online . big thanks from Morocco 🙂 . we do really appreciate your hard work to make us aware of the danger around us every time we are online . Thanks .

Really useful article. Helped me a lot. Privacy has become a huge issue these days and article like this helps people like us stay safe. Thanks.

Nice true post

Thank you, Zoran!

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP
169 queries in 1.032 seconds