Malware

6 common mistakes people ALWAYS make with their online security

The Internet can sometimes feel like the digital Wild West with many dangers always lurking in every corner. However, in cyberspace, the dangers will often rely on you – the victim – making a mistake.

Most scams happen not because the cyber-criminal magically “hacked” their way into the victim’s digital life, but because the victim practised bad security habits, essentially letting the criminal through the swinging saloon doors.

And some mistakes are made more than others. Here we list the 6 most common mistakes we see people make with their Internet security that we see time and time again. Each one of these has been responsible for countless cyber-intrusions and real world consequences affecting thousands.

Sticking to the same password

We all do it, mostly for convenience. We all have so many online accounts these days and who wants to have to remember dozens of different passwords?

The problem with this is that if one account becomes compromised and criminals get access to that password, they’ve now inherited access to multiple accounts belonging to you, which is identity theft at its worse! Imagine criminals being able to access your social media accounts, your email and your PayPal? Imagine the damage they can do with access to so much!

A whole host of schemes like phishing scams or key sniffers can obtain your password. And with high profile hacks on companies like Yahoo, Sony and MySpace, it doesn’t even have to be your fault when your password becomes compromised.

So make sure you change your password for each account. Use a secure password manager, or if you don’t trust keeping your passwords online, write them down and keep them in a safe place.

Of course since we’re talking passwords, make sure your password is strong – i.e. uses a mixture of lowercase, uppercase and numbers, and stay away from words found in the dictionary.

Avoiding 2-step authentication (2SA)

2 step-authentication or 2-factor authentication is now offered by the majority of online services out there, but it is still overlooked by so many. It provides a simple, extra layer of security that can prove invaluable if your password gets compromised.

Basically, if a criminal obtains your password and attempts to login to an account you own, providing the criminal’s computer has never accessed your account in the past, they would also need to authenticate their login through another, extra step. Commonly with 2-step authentication, this means entering a PIN that is sent to the account owner’s phone, which the cyber-intruder would not have access to.

2-step authentication is simple to setup and highly recommended for those important accounts.


Sponsored Content. Continued below...




Ignoring that software update

We’ve all been there. We’re in the middle of something and suddenly we’re asked to install some update, and we mindlessly ignore/postpone it. The problem with that is that the update may be patching up an important security vulnerability affecting a piece of software we have installed on our computer.

It is vital to keep all your software current, and to avoid using out-dated versions. We go into more detail on the importance of software updates here.

Opening email attachments

The dramatic rise of malware distributed via malicious email attachments makes it more important than ever to understand that email attachments need to be automatically considering “guilty” until proven innocent, not the other way around.

One of the simplest and fastest ways of compromising your computer security is by opening an email attachment. The approach users need to take – and so few actually do – is to consider every attachment dangerous, unless you were explicitly expecting a specific attachment to be sent to you, from a specific person at a certain time.

We look at 10 email scams that tried to get us to open malicious attachments here.

Using Windows XP

Yes, we get it, Windows XP was great. And it really was. And yes, Vista really sucked. But it was released way back in 2001, and the extended support ended in 2014. This means it is FULL of vulnerabilities, and criminals are almost certainly aware of a fair few of them.

Yet, given its age, a staggering number of people and businesses STILL use it, despite the warnings of almost every security expert out there. The problem with vulnerabilities is that even those familiar with the dos and don’ts of IT security are still at risk, because it’s the software itself that can be exploited, not the person using it.

The same applies to any outdated versions of software. Most software programs have a shelf life which, once expired, should no longer be used. Simply because no security updates are longer issued and it’s only a matter of time before criminals work out a way of exploiting the software and the people who continue to use it.

Connecting to unsecure Wi-Fi

Imagine the darkest, creepiest looking alleyway in one of the most crime-ridden cities you can think of. Gotham City, maybe? Unsecure Wi-Fi networks are the online equivalent to that. So don’t connect to them – simple! Anyone plugged into the same unsecure network can use a whole host of free-to-use tools to eavesdrop and manipulate the traffic going to and from your computer – and if your network settings allow, they could even access content on your hard drive!

In a similar vein, if you do connect to a public secured Wi-Fi network, make sure it’s the right one (ask the staff!) Criminals could set up bogus networks that are essentially traps. And once you connect to the right network, it’s still not advisable to use it to access sensitive information, like your online banking – save that for when you’re at home on your own, secured network.

Share
Published by
Craig Haley