1. Don’t share personal info
It’s a given that you should never share your passwords, home address or banking information online. But other information, such as details about your relationship or personal interests, could be used to figure out answers to your security questions or even give cybercriminals a starting point when it comes to guessing your password.
Additionally, be wary of requests to connect from people you do not know, and also be aware that anything you post may continue to exist online even after you delete it.
2. Double-check and verify links
If any links sent your way appear suspicious (you weren’t expecting them), be sure to double check their validity. One simple way to tell if a link is safe is to mouse over it. This will show a preview of the full link in your web browser's status bar (usually at the bottom left of the browser). Check to make sure the preview link matches the site it should be from—you can further verify the correct site link by googling the company name.
If you’re being sent unwelcome links via email, you should check whether your details have been breached as part of a data leak. If your email address has been breached (or pwned), it’s a smart move to change your login password.
3. Use secure public Wi-Fi
With coffee shops, shopping centres, restaurants, airports and other locations that offer their customers free access to public Wi-Fi, it’s a convenient way to check your emails, catch up on social networking or browse online when you’re out and about.
However, we need to be extra cautious in these situations as cybercriminals can often spy on public Wi-Fi networks and intercept data that is passed through it. In this way, the criminal can access your banking details, account passwords and other valuable information.
To maximise your online safety whilst using public Wi-Fi, aim to find a connection that is secured - this usually means that it will typically require a little more work to access than an unsecured network. You will usually need a password to log in, and you may be required to check a box on a T&C page before gaining internet access. Better still, you can hotspot a connection from your mobile device - read our handy guide about that.
Additionally, you could consider using a VPN before connecting.
4. Use a VPN
By using a VPN (Virtual Private Network) when you connect to a public Wi-Fi network, you’ll effectively be using a ‘private tunnel’ that encrypts (conceals) all of your data that passes through the network. This can help to prevent cybercriminals from accessing your data.
VPN’s are also useful at home if you’re looking to hide your IP address, hide your browsing activity or your personal data.
5. Keep away from clickbait
Clickbait - content whose main purpose is to attract attention and encourage visitors to click on a link to a particular web page - is rife all over the web. Clickbait can be found on all social media platforms, email and so on. Be wary of clickbait as its main purpose is to attempt to get you to click through to another website, download a file or watch a video that may have a virus or malicious content attached.
Clickbait is usually unsubtle, seeking to encourage us into action. Here are some common forms to watch out for:
- IQ or intelligence test links that can grab our attention with a quiz question or riddle, but you’ll have to click through to attempt the rest of the test (which is more often that not, total rubbish!)
- Mysterious stories that give the reader half the tale and then prompts them to click into the article to read the full account.
- Celebrity headlines involving a rumour or ‘unseen’ pictures.
- Fear-inducing or unbelievable headlines.
6. Set strong passwords
Even though most websites are secure, there's always a chance someone may try to access or steal your information (as mentioned previously). A strong password is one of the best ways to defend your accounts and private information from hackers. Here’s a few tips on creating a strong password:
- Never use personal information such as your name, date of birth, email address or username. This information is often more publicly visible and will give cybercriminals a head-start in working out your password.
- Don't use similar passwords for each account. If a hacker discovers your password on one account, all your other accounts will become vulnerable.
- Make the password at least 12 characters long and consider using a “ passphrase ” rather than simply a password.
- The key to a good passphrase is randomness — the words you use to create a passphrase should not have an obvious connection between them. A good passphrase example is glazing-hiker-angular-decanter-novel, while a passphrase like onion-carrot-garlic-potato would be much easier to crack.
Alternatively, you can use a password manager (such as LastPass or Dashlane). Many of the best password managers will automatically generate passwords for you. Since your password manager securely stores all your passwords and other login credentials, you can let it create unique passwords that are as long and complex as you like. The longer they are, the harder they’ll be to crack. Just make sure the password to access your password manager is really hard to crack!
7. Update your internet browser
For higher safety and security when using the internet, you should always run the latest version of your chosen browser. Doing this will help to ensure you have better security, better browsing speed, better website compatibility and as a whole a much better experience.
8. Avoid unsafe websites
Before you enter any card details or personal information on a website, it’s important to verify that the information is transmitted and stored properly. Once your information is entered online, it is transmitted as plain text for anyone to intercept. To avoid this, make sure that the website is encrypted over a secure connection. There’s two things to look out for:
- HTTPS — one sign to look for is in the URL of the website. A secure website’s URL should begin with “https” rather than “http”. The “s” at the end of “http” stands for secure and is using an SSL (Secure Sockets Layer) connection. Your details will be encrypted (concealed) before being sent to a server.
- Lock icon — another sign to look for is the “lock” icon that is displayed somewhere in the window of your web browser. Different browsers may position the lock in different places, but in general, the icon can be found to the left of the website’s URL. Make sure to click on the “lock” icon to verify that a website is trustworthy. Do not simply look for the icon and assume a website is secure. Your web browser will have detailed information on the website’s authenticity if you click on the icon, so be sure to read this carefully before entering any of your information on the site.