Knowing how to protect yourself online is hard, mainly because there are so many factors to consider. In this guide, we’ve tried to highlight the main steps to keeping secure online.
Use strong passwords by making them as random as possible, with a mixture of letters, numbers and symbols. Do not include common phrases or words.
Do not use the same password for more than one website. So many websites, online services and apps require login details now, it is becoming impossible to remember them, so a password storing software can be very useful. KeePass is one we recommend. You remember one strong password (or a long phrase) which opens the store and provides access to all your other passwords. It can also auto-enter login details into websites and generate strong passwords for you.
A less technical solution is to simply write all your passwords down – this is arguably more secure than using the same password for every site you visit.
Update your web browser
Make sure your preferred web-browser is up to date.
Make sure your computer and mobile devices have up to date anti-virus and anti-spyware software. Ensure it is set to update automatically.
Any computer that connects to the internet needs to have a firewall protection to block unauthorised connections from the internet to the computer. Most home routers and business networks include a firewall, but if you are not sure or if you use a mobile device on unknown networks, you can install a personal firewall, such as ZoneAlarm.
Secure wireless network
If you’re using a wireless network, ensure it uses WPA2 encryption and requires a log random key to connect. Be wary about using open wi-fi networks. Without encryption, it exposes them and makes them a target for hackers.
Keep your operating system up to date and turn on Windows Automatic Update.
Be extremely careful about the personal and business details you provide when social networking. Hackers use social networking to gather information that they then use to gain access to other systems.
Be very wary of ‘phishing’ emails – messages that attempt to trick you into providing confidential information to an attacker. Unless you have just requested a password reset or created a new online account and are expecting an email, do not click on any link in an email that directs you to go to a website to log in.
Check if the information in the email is valid by going to the website by typing the domain name directly into the address bar of your browser, or contact the website directly.
See How to detect phishing emails for more information.
Beware of email attachments. If there is anything suspicious about the email don’t open it and contact the sender to enquire about the attachment.
Things that should make you suspicious are:
- You don’t know the sender
- You don’t recognise the file type of the attachment
- The message is not personally written to you
- The spelling or grammar of the message is poor
Even if the message comes from someone you know, points 2-4 apply. Once hackers gain access to someone’s email they send viruses in attachments to everyone in the address book.
Any site that you login to or where you enter personal information should be secure – look for the prefix ‘https’ at the start of the web address and a locked padlock or unbroken key symbol. You can check the authenticity of a secure website by double clicking on the symbol.