Hackers are always on the hunt. They search for vulnerabilities of the user – whether it’s directly on their phones on through third-party apps they may utilize. What’s more, with 14 percent of usage time spent visiting websites and 9 percent spent on emails, as reported by Experian, the possibility of coming across a phishing email threatening your accounts grows even more. That’s why it’s important to always be alert online.
Here are some best practices in securing all of your online activity and preventing your information from falling into the wrong hands:
Avoid risky behavior
Always aim to stick with secure web sites and services which feature https. Although this should be the norm, there are still a number of services that use unsecured sites even for sensitive information. Use a browser like Google Chrome that indicates if you are on a secured or unsecured site. If you can't use a secure browser or are not sure a site is secured, do not send any sensitive data – especially over a public Wi-Fi. For instance, some gaming sites or international sites may fall into this category, so be wary of those.
Think twice before installing any software on a platform from an untrusted source
It's not only an Android issue – many app stores contain a huge amount of infected applications. This also occurs with Windows and Mac OSX applications that are available outside of official websites. Often these are advertised as free apps, but the risk that they contain malware, or at least an annoying toolbar, is too high to be worth it to download.
With the growth of the app development market reaching millions of dollars, and the average app having an estimated budget of $33.8 million, the amount spent on security is disproportionate. According to a study by Ponemon, only 5.5 percent or $1.9 million goes toward security, leaving much to be desired.
Be careful about confirming dialogs without reading them
It’s easy to get something you don't expect or want. Unfortunately, even large companies like Oracle or Lenovo distribute adware along with their official applications. Just try to install Java – there's a checkbox before installation begins that asks if you want to get the Alexa toolbar. Unfortunately, this checkbox is defaulted ‘ON’ and the extra step of unchecking often goes unnoticed, resulting in a higher acceptance and download rate by users. On the other hand, this is an attractive opportunity for hackers interested in entering your computer door.
Consider using a VPN for connecting securely while using public Wi-Fi
Especially if you travel a lot, it's a good idea to spend a few bucks for a VPN service that encrypts all your traffic going through untrusted networks. Private VPNs are a great tool to work around some of the security limitations of the current Internet. They protect against eavesdropping or sniffing while you are connected to an untrusted network and aren’t limited to Wi-Fi. A VPN can also help you to hide your IP address for security reasons, or to pretend you are somewhere else than where you really are. This is especially helpful to access geographically-restricted services. From a security point of view, the main advantage is that VPN solves numerous problems related to the data transfer. When using a VPN you mitigate various problems with weak or missing SSL certificates and unsecured connections to application servers used by various applications like e-mail clients, games, etc. You can also alleviate issues with mixed content (http+https) which, unfortunately, is still used by many providers.
Update all the software you are using
It's not only your operating system that can be attacked; the most important component now is the web browser. An outdated browser is a shoe in for attackers. Again, this applies for all platforms including Android, where the default Android browser can be updated only with the whole system. By frequently updating the software on your computer or mobile device, you are also updating your security platform to include the strongest available defense against the current threat level of hacks.
Pay close attention to the formats and addresses you receive from large company emails
E-mails have become a main avenue for companies to contact you for upcoming sales, special promotions or even events. An estimated 65 percent of emails are opened on a smart device according to the U.S. Consumer Device Preference Report, and a phishing e-mail can easily lead a hacker to your personal information, which is a gold mine. When you combine that percent with the number of apps that contain your personal information, the reach of a hacker can be endless. E-mails that don’t include a domain from the represented company or use skewed images are a telltale sign of a phishing attack.
Back up your data
A tried but true best practice, backing up the information stored on your computer or smartphone keeps your data secure from ransomware or targeted attacks. It’s also a great way to keep track of your information. While we all know the amount of information available on a computer or smart device knows no bounds, it should be just as important to keep it secure. One in three robberies nationwide involved a smartphone according to the FCC, so backing up your data will help ease the post-robbery panic as you know you didn’t lose all of your information.
Technology was created to make our day-to-day lives seamless. It makes getting things done and going places easier, however, it’s important to keep in mind that the information we put onto our devices can easily be taken from our devices. By taking the necessary steps in securing our information, staying connected will continue to be a great benefit of our tech-filled lives.
About Pavel Krcma
Pavel Krcma is the CTO of Sticky Password where he utilizes his software engineering expertise to design software architecture and create new updates for the company’s password management software. He has more than 15 years of experience in the security industry and is the former head of the viruslab at AVG Technologies. Pavel speaks on topics related to malware and cybersecurity and has also co-authored several articles about online security.
Dan Geer: The 5 Myths Holding Your Security Program Back
Use this eBook to find out if any of these myths are hurting your security program.
Related ArticlesWhat’s The Value of a Stolen Chest X-Ray? More Than You’d Think.
A panel on security in the healthcare field at the South by Southwest Festival reveals the diversity of threats to health data.Securing Your Data Supply Chain: a Q&A with Dan Geer
Security luminary Dan Geer shares his thoughts on the need for collaboration in security.Friday Five: 2/16 Edition
Data protection jobs, Bitcoin phishing, and Amazon S3 leaks -- catch up on the week's infosec news with this roundup!