The Internet is full of awesome, but it’s also got a nasty side. Some folks make a living by infecting computers with malware and then joining them to botnets that they can rent out to attack online businesses. Others make a living by swiping valid credential sets and then using those credentials to either steal cash or to trick people into sending them cash.
If you want to enjoy the awesome while avoiding the bastiches, here are five simple tips to help keep you safe online.
- Keep your operating system and your apps up to date. One of the most popular ways to infect a computer is to get a webpage or a malicious file to exploit a flaw in an app or in the operating system. By keeping your system up-to-date with security patches, you’re stopping these types of attacks before they can get a foothold in your computer. Apps like Google Chrome and iTunes have auto-update options that take will take care of this for you, and you should DEFINITELY have Windows Update and Mac Software Updates turned on. If you want to check your entire computer for any out-of-date software, you can always run an app like Secunia PSI or Patch My PC.
- Use antivirus. By tricking people into voluntarily clicking on executable files, attackers can infect your computer even if the computer’s fully patched. In the unfortunate event that you fall for this type of social engineering attack, antivirus is a nice backup control to detect and delete malware from your computer before it can do too much damage. Sites like AV Test do an incredible job of comparing AV products to help you pick the best one for your own needs. Check it out!
- Use a password safe. You can use an app like LastPass to store all of your usernames and passwords. What’s even better is that LastPass can generate strong (unique) passwords for each site. Strong passwords are less likely to be cracked if a site is hacked, and avoiding password reuse is critical if you want to keep attackers from using the same password to login to ALL of your accounts.
- Check for SSL-protected web pages. If it says HTTPS before the website name, it’s encrypted. Simple as that. If you’re visiting a website to read awesome security tips or to look at some of the most tremendous pictures on the Interwebz, then SSL isn’t a big deal. If you’re logging in to a site, or if you’re submitting a form that contains private data (social security number, national identifier, credit card, etc.), then SSL is a pretty big freakin’ deal. Check before you click.
- Use a safe browsing tool like Web of Trust. Before you visit a website, especially if it’s your first time there, it’s nice to know whether or not anyone else can vouch for the trustworthiness of that site. That’s what Web of Trust aims to accomplish. You can install the WOT plugin in Firefox, Chrome, Internet Explorer, Opera, and Safari, and WOT will indicate whether or not a site is trusted before you click on the link.
Remember: there’s no one “silver bullet” that’s automatically going to make you secure. By combining security controls, though, you’re going to make it a helluva lot harder for an attack to be successful.
Stay safe out there!