In the beginning, the Internet was not terrifically user-friendly—early users needed tech chops just to get online, and they had to do so over a wired, dial-up connection. Between those online pioneers’ savvy and the relatively few other Internet users, online behavior with regard to security was not a headline issue.
Flash forward to the present and the world of ubiquitous Wi-Fi and social networking. Gone are the hurdles to enter the World Wide Web. Connecting is so easy that toddlers can tap around the Web on a tablet; great-grandparents can get online, anywhere, without even realizing it; we can buy, sell, bank, work, and socialize online; and the entire ecosystem is rife with dangers and malefactors.
We often talk about needing to be more careful than ever, but it’s never been easier to be careless.
With that in mind, here are seven things, many of which are common behaviors or easy traps people walk into every day, to stop doing immediately. A not-to-do list, if you will.
1. Trusting open Wi-Fi
Everything about an open Wi-Fi connection puts you at risk, starting with the trust you place in the network’s legitimacy. For example, criminals may create a Wi-Fi hotspot and name it something plausible, like “McDonalds open wifi” or “Hotel Guest 3.”
Then, let’s say you’ve made sure an open Wi-Fi network is really what it appears to be. That doesn’t mean it’s safe—it means that “network: librarywifi; password: ReadBooks!” really belongs to library, not that criminals aren’t lurking on that network. If you must use the network, do so as safely as possible: avoid visiting sites that require a login, and especially avoid any financial transactions. No banking, no shopping. If possible, use a VPN.
2. Choosing simple, guessable passwords
Pets’ names, birthdays, family names, and the like make for supremely insecure passwords. Instead, start with things other people are unlikely to guess, and use our password checker as a tool to help you learn to build better passwords.
The good news is, a reliable password doesn’t have to be something like ML)k[V/u,p%mA+5m — some random string you’ll never remember. Try our techniques to create strong passwords that are easy to memorize.
3. Reusing passwords
So, you’ve chosen an awesome new password. Strong like bull. Easy to remember, hard to crack. Guess what? You’re going to need more passwords. Because although yes, you could certainly be the victim of a hacker who guesses your password, the odds are much better that your login credentials will be compromised in some gigantic database hack. And if one login name and password opens your e-mail, bank account, Amazon, Facebook…well, you get the idea.
4. Clicking links in e-mails
Who thought clickable links in e-mail were a good idea? Well, lots of people—including criminals. Clicking on a link in spam or phishing e-mail may take you to a site that automatically downloads malware to your computer or to a site that looks familiar but steals your password. At the very least, clicking will confirm to spammers that a person opened the message—it lets them know they found a mark.
Bonus: Stop clicking on Facebook like-farming links. You know the ones—Like and Share to win an iPhone! Like this if you think it’s wrong to torture animals! At best, you merely won’t win anything, but it’s safe to say you will be helping out scammers and validating shady businesses practices, and there’s always the risk of getting suckered into installing malware (in which case, we can help—but it’s better to avoid the malware to begin with).
5. Providing login credentials to anyone
The only way to be sure no one malicious—or clueless—has your info is to keep it entirely to yourself.
6. Letting the Internet know you’ll be out of town
“At the beach for two weeks—jealous?” “Goin’ to Mexico mañana!” “Can someone take Rover while we’re out of town next week?” How about geotagged photos that show viewers where they were taken? Keep that information among trusted friends only—especially on networks such as Facebook that show your town of residence.
7. Accepting social media default settings
By and large, social media networks give you a fair amount of control over the information you broadcast—to the public at large, to your connections, to third parties, and so on. But you may have to dig to find the settings, and those settings may change (:cough: Facebook :cough:) every so often. Before you sign up for a new account, take 5 minutes to comb through privacy and security settings. And for existing accounts, set aside a few minutes every month to confirm you’re sharing info only with the people you choose.
Then, before you post something for your friends on Facebook, your followers on Twitter, your connections on LinkedIn, or wherever else you may broadcast, take just a quick second to be sure you aren’t sending strangers information that might help them impersonate you online or otherwise do you harm.
Generally, remember that it pays to be alert and aware—and suspicious—with your electronic life. Online services from Wi-Fi providers to banks to social networks strive to make users feel comfortable and at ease, but to online criminals, you look like a big wad of cash. So: Are you ready to get smart online?
-By Sarah Pike of Kaspersky Lab (contributed article)