The internet, in case you hadn't noticed, is rife with viruses, malware, hackers and other scams. And while it can be hard enough to secure a single PC, maintaining security online is complicated by the fact that more than 70% of internet users are now ‘multi-device users,’ meaning they may use several devices over the course of a day; the percentage is even higher in the age 25-to-49 age group, according to Go-Gulf.
Given the plethora of threats across these multiple devices, users need to be especially vigilant. We’ve got you covered, so check out these recommendations.
1. Install antivirus software
Routinely, new viruses and other types of malware, including Trojans, ransomware, worms, adware and spyware are identified. While some widespread malware, such as the Bad Rabbit ransomware that appeared in 2017, can become so prevalent that they capture the news cycle, it's no wonder that, with some one million new pieces of malware identified every day, that last year more than half the population of the United States was affected.
Given the situation, it behooves us to install an effective antivirus solution. Good practice is to have an antivirus program that's always on, with another as a backup that can be run at an interval of, say, once a week, and more often as needed.
2. Avoid phishing emails
Phishing emails are nothing new, but gone are the days of obviously fake requests, with misspellings and pasted logos requesting you to wire funds to Nigeria. These days, phishing scams, from fraudulent individual or organization that wants to trick the user into thinking the email is from a legitimate group, are much more sophisticated and believable.
If a recipient believes that an email is genuine they're likely to willingly provide identity and financial information. A related practice to phishing, known as pharming, directs users to a fake website that's designed to look like a legitimate one, again with the goal of obtaining personal info.
Clearly users need to be on the lookout for phishing and pharming scams. Good security practices including running a firewall and anti-malware software, and being wary of clicking on links. The old advice was to look out for emails that had an amateur appearance, but the scammers have become more sophisticated, and the emails can look convincingly genuine. The advice is not click on the links in an email, and instead go directly to the bank or other organization’s website if you need to input account details.
Also, look at the full address an email originates from, which often gets shortened on a mobile device, particularly the suffix. For example, an email from Apple informing you that you need to upgrade your credit card would originate from email@example.com, and not firstname.lastname@example.org, which would indicate that it came from Russia.
If you're not sure, most companies have an email address to forward a suspect email to (for Apple it's email@example.com); they can the verify the validity of the source, and if necessary endeavor to get the scammers shut down.
Be sure to check out TechRadar’s complete guide to phishing here.
3. Beware the pitfalls of public Wi-Fi
Public Wi-Fi is great for folks who need to stay connected on the move, and a mainstay of coffee shops, hotels and airports. However, while your home wireless network keeps the traffic private with a password (routers even have a default password these days to make sure the default is to not run the traffic in the open), the inherent problem with public Wi-Fi is that it's unsecure.
The price that's paid for making it easy for users to join without a password is that all the traffic can literally be intercepted and tabulated, including usernames and passwords for email and financial accounts. There have even been reports of laptops being hijacked to mine Bitcoin at a Starbuck’s, via the CoffeeMiner hack.
The simple answer is to stop using Wi-Fi when you're out and about, especially with more and better cellular wireless connections increasingly available. That said, while a 4G connection is preferable, and not as simple to intercept, just like public Wi-Fi it's not considered truly secure.
The latest wireless encryption protocol, WPA3, which is due to roll out over the next few years, addresses the security issue and encrypts individual public W-Fi connections. For the time being though, the lack of any security on these public Wi-Fi connections is an excellent argument for using a VPN, which have plenty of other uses besides keeping your data secure.
4. Secure the passwords
Your username and password are the essential elements used to secure an online account, whether for email account, a bank account, or any other online access. With plenty of users having dozens of online accounts, it can become a full-time job to secure them all. There are even apps available to help you track and manage all of your accounts.
Online data breaches have seen passwords hacked, exposed and even published. Frustrated users too often use passwords that are dictionary words, and then reuse them across multiple sites; after all how many passwords can someone remember? The reality is that in order to stay secure, users need to create strong passwords, that are longer, random, and incorporate a variety of elements including both uppercase and lowercase characters, along with special characters and numbers.
While it's a chore to do consistently, there are plenty of tools to help. Try using an online password generator to create that strong password, then choose a password manager, such as LastPass or Dashlane, that can keep track of these stronger passwords across multiple devices. Finally, don’t rely only on passwords for protecting these accounts, and be sure to enable two-factor authentication to keep them even more secure.
5. Secure the network
While security often focuses on the client devices, attention should also be paid to the entire network. As the router controls the entire home network, the problem is that if it gets compromised every device on the network in turn should be considered breached. There is software available, F-Secure Router Checker, that enables you to check if a router has been compromised.
Users should take measures to reduce the risk, starting with making sure that the router is fully up to date, with all the latest security patches, via a firmware upgrade. Be sure to only install firmware directly from the manufacturer, and to check periodically for the latest version.
If you're running an older router, and there are no forthcoming firmware upgrades, your options are to upgrade the router to a more recent and supported model, or to install open-source firmware that's kept up to date by a community, such as OpenWRT or DD-WRT. When shopping for a router, be sure to look for a model that integrates network-level antivirus support, such as an Asus model that has AiProtection from Trend Micro, and be sure to enable it in the settings.
Securing your digital lifestyle doesn’t have to be a tedious or expensive process. You can achieve that in the next 60 seconds by downloading a trial of CyberGhost VPN here, risk-free.