Cybersecurity risks have grown just as rapidly as technology has and online scam artists are always finding new ways to lower a system’s defenses.
Ramping up your cybersecurity awareness means learning how to stay safe online, and it’s the best way to keep your personal information (and money) safe from scammers. Here are 50 helpful internet safety tips to help you form cyber-safe online habits.
Be wary of online strangers.
Anyone you meet online could be a threat. In fact, the FBI has estimated that an astounding 500,000 predators are online each day—most of which have multiple online accounts, personas, and profiles. Dating apps, social media platforms, or other messaging apps, in particular, are a cybercriminal’s playground. Make sure you’re following these important guidelines while using these kinds of apps.
1. Never agree to privately meet anyone face to face. And especially don’t agree to go with anyone to a secluded location—anyone that truly respects you wouldn’t ask you to do that anyway.
2. Don’t share any personal information through a device—not even to someone you think you know. Period. Scammers won’t just impersonate strangers. In fact, scammers often hack into someone’s account in order to send phishing links to unsuspecting friends and contacts.
3. Be wary of online requests for money or private information. It’s never a good idea to give out details about your personal identity online. Even if you know the person and they actually are who they say they are, who’s to say their account won’t get hacked and your information stolen?
What’s a VPN and how can it keep your internet connection secure?
A VPN—Virtual Private Network—is an encrypted tunnel between your device and the internet that nobody can see down. This tunnel protects you and your information from online snoopers and is one of the easiest ways for people to keep their online identities and data safe. A VPN can make you appear to be in any location you select upon login and will shield your identity from websites, apps, or other services that might share or steal your information.
4. Never log on to sensitive sites on a public network. One of the easiest ways to ensure your safety on the internet is to refrain from checking highly sensitive information while out in public or on a public server.
5. Be wary of supposedly free VPN services. Even if a free VPN service is legit, it would be hard for them to compete with paid VPNs. The less legit services will sell your data connection to other customers or monitor your internet surfing patterns and sell that information to marketing agencies. Both of these are things VPNs should prevent, not enable.
6. Make it as difficult as possible to access your VPN. Use the strongest possible authentication method for VPN access. Most everyday systems use the standard password authentication method but this should be and is avoided when setting up a VPN.
7. Limit VPN access. Don’t let just anyone have access to your VPN. A VPN is known for being secure because it’s a secret and it gets less secure the further the secret spreads.
Practice safe browsing.
Entire websites can be set up as scams meant to infect the security of a computer and access someone’s personal information. Remember to double-check every site that your online presence touches. Here are 11 tips to help identify if a website is fake:
8. Make sure the site’s URL doesn’t have two domains. Sometimes scammers will create a false website and disguise the actual site’s domain with a fake one. This leads to URLs having more than one domain hidden inside. Here’s how that might look: officialwebsite.org.confirmation-assistant-phony.com/signin?US&x=en_US
9. Look for a padlock symbol in front of the site’s URL. But remember that this alone isn’t good enough to prove the authenticity of a site—studies show that roughly 84% of scammers still include this symbol to fool people into believing the site is legit.
10. Look for poor spelling or wonky designs. These are signs that the site is either mimicking another or a fake.
11. Check how long the site has been active. Iplocation.net has a useful tool that checks the authenticity of a website. Just copy and paste the site’s URL and hit submit to see how long the site has existed. If the website hasn’t existed for very long but the company is older, then you know it’s a scam.
12. Click on the URL to ensure it starts with https://. If you see https:// on a website URL, it means that all data and communication made within the site is encrypted and secure.
13. Be wary of any online stores with too-good-to-be-true deals. Scammers know that if you give anyone a deal that’s too good to pass up and, cha-ching, the money comes flowing in. So don’t be that person who rushes to enter your card information for a deal that will only ever be a scam.
14. Don’t let emotions prompt you into making a rash decision or go to a website directly rather than using links within an email or text. Urgent messages such as “An unauthorized user has signed into your account. Click this link immediately to change your password and secure your account.” are often linked to fake password login pages, customer support websites, or package delivery websites. The second you enter your login information, the scammer has it.
15. Avoid remaining on sites that contain consistent pop-ups. Aggressive pop-ups can be malicious and infect your device.
16. Only log in to medicare and health insurance sites directly, rather than through a link sent to you. Scammers will create fraudulent Medicare or health insurance sites to trick people into handing out sensitive information.
17. Always double-check too-good-to-be-true flights before you book them. From fake flight cancellation messages to bogus flight booking sites, scammers take full advantage of the airline business.
18. Be wary of “free” products and services. It’s likely that there are hidden strings attached to any free service so always ask yourself, “Why is it free,” do your research, and go from there.
Don’t leave Bluetooth enabled on your devices.
Leaving Bluetooth running on your device may leave it vulnerable to hacks, abuse, or privacy violations.
19. Change Bluetooth settings to “Not Discoverable.” Most hackers will target devices that are within range and discoverable.
20. Turn off Bluetooth as soon as you’ve unpaired from any device.
21. Remember to unpair from devices when you aren’t actively using them.
22. Be particularly mindful of crowded public areas. Bluetooth hackers need to be in close proximity to your device to link to it. That means they typically target crowded areas where people tend to stay a long time like coffee shops or libraries.
23. Be careful who you pair with and don’t accept any unexpected pairing requests. If you’re trying to pair with your friend’s or your own device, be sure to double check what the device’s pairing name is.
24. Avoid pairing devices in public. Pairing a device, particularly for the first time, can be a long process. And in order to pair, you’ll need to make your device discoverable to all potential pairing devices, meaning your device is extra vulnerable. Make sure to pair devices at home or another secure location.
Don’t post everything about your private-life on social media.
Be mindful of what you’re posting online Here are six ways to keep safe online while using social media.
25. Don’t post that you’re home alone for extended periods of time. Sharing that you are home alone makes you vulnerable to anyone who might mean you harm—even if you might think you know them well.
26. Don’t share where you live. Sharing where you live to the wrong person could be an invitation for an attack or robbery.
27. Avoid mentioning too much about your day-to-day schedule. The wrong person knowing when and where you are can lead to a dangerous situation.
28. Refrain from posting or sending compromising pictures of yourself—even if you trust who’s receiving it. The sad reality is that even if your picture wasn’t for public view, it can get leaked or your account can get hacked.
29. Don’t share personal information like passwords, login information, credit card numbers, etc. via online message or on a public post.
30. Keep your privacy settings on. Giving public access to your social media accounts is opening the doors for criminals to access sensitive information.
31. Never post your travel plans. It might be fun to share your adventures with the world, but it’s not fun when the wrong person knows everything about your travel itinerary and takes advantage of that in a way you don’t like.
Use up-to-date antivirus software.
Antivirus software tracks all the files that enter your computer system. When the software sees something out of place, it flags it and notifies you of a potential threat. It doesn’t just detect it, antivirus software also takes steps to prevent and derail any potential attacks. But just having the software sometimes isn’t enough. Here are some more internet safety tips that will help strengthen your computer’s defense.
32. Keep your antivirus software up-to-date. Updating your antivirus software gives it a run-down of the latest, most common threats.
33. Update your device. Updating your device is another essential way to ensure its health & safety. Some devices are released with unknown risks that aren’t found until they’re on the market. These risks get evaluated and then fixed with updates.
34. Think before you click. Your antivirus software can only do so much when you click something that blatantly downloads a threat.
Use and keep secure passwords.
Managing your passwords may seem exhausting, but it’s vital to the security of your device and all the information it holds. Here are some password best practices to keep in mind as you’re creating accounts, shopping online, and more.
35. Don’t reuse passwords. Reusing passwords means that if one account is hacked, others will be too. That turns what could be a small problem into an exponentially larger one.
36. Never share passwords with anyone. Giving someone else your password means the door is open for them to accidentally leak it to a harmful source—whether through getting hacked or something else.
37. Use multi-factor authentication. It might be a bit annoying to get a text or answer a question every time you try to login, but it will keep your accounts much more secure than a simple password.
38. Create long passwords. Long passwords are better than short passwords no matter the complexity of the latter.
39. Use phrases that are hard to guess but easy for only you, yourself to remember—a minimum of 12 characters is best.
40. Avoid single word passwords. These are too easy to guess.
41. Don’t use your name, birthdate, or other publicly available information (pet names, favorite sport teams, car models, etc. are all common password choices and, thus, easy to hack).
Data breach tips—what it is and how to prevent it.
A data breach is when confidential information is taken from a device without the knowledge or authorization of its owner. A breach like this can happen at someone’s workplace or on their own personal computer system. There are multiple types of information—personal, financial, health, business, etc.—that can be leaked this way.
There are ways you can stay vigilant in protecting the personal information on your device. Here’s how:
42. Install anti-malware and antivirus software.
43. Backup files so that they aren’t lost if an attack occurs.
44. Be careful what you download. Scammers will try any phishing trick and clickbait tactic in the book to make you open a link and download harmful software.
45. Never log in from a link sent via messaging or email—go to the site’s direct page and then log in that way. And always ensure you're logging on through a secure wifi.
What to do when your information is stolen.
If your information does get leaked or stolen, don’t panic. There are things you can do to lessen the impact.
46. Change your passwords. If your passwords are the same or similar, change all your passwords and not just the one that was leaked.
47. Constantly check for updates to the situation. Whether it be with your bank, credit union, or work place, it’s important to stay up-to-date and try to resolve the issue quickly.
48. Contact the Federal Trade Commission by visiting IdentityTheft.gov to report identity theft.
49. Freeze your credit and/or cancel your cards. Depending on the severity of the breach, act accordingly. If you notice unsolicited purchases are being made from either a debit or credit card, be sure to contact your provider as soon as possible to cancel the cards affected.
50. Watch your bank accounts and credit reports—if something seems off, contact your financial institution and the Federal Trade Commission.
By following all of these tips, you can help ensure that your information, identity, and devices stay safe as you surf the web.