Essential Internet Safety Tips

To avoid all of these dangers, we recommend following our essential internet safety tips when you or your family are online:

1. Make sure you’re using a secure internet connection

Although using public Wi-Fi is not recommended, it’s sometimes unavoidable when you are out and about. However, when you go online in a public place and use a public Wi-Fi connection, you have no direct control over its security, which could leave you vulnerable to cyberattacks. So, if you are using public Wi-Fi, avoid carrying out personal transactions that use sensitive data, such as online banking or online shopping.

If you need to do any one of these, use a Virtual Private Network or VPN. A VPN will protect any of the data you send over an unsecured network via real-time encryption. If you don't use a VPN, we recommend saving any personal transactions until you can use a trusted internet connection. You can find out more about what a VPN is here.

2. Choose strong passwords

Passwords are one of the biggest weak spots when it comes to cybersecurity. People often choose passwords that are easy to remember and, therefore, easy for hackers to crack with hacking software. In addition to this, using the same password for multiple sites puts your data at further risk. If hackers obtain your credentials from one site, they can potentially access other websites which use the same login details.

Select strong passwords that are harder for cybercriminals to crack. A strong password is:

• Long – made up of at least 12 characters (ideally more).
• A mix of characters – upper-case and lower-case letters plus symbols and numbers.
• Avoids the obvious – such as using sequential numbers (“1234”) or personal information that someone who knows you might guess (or that might already be online), such as your date of birth or a pet’s name.
• Avoids memorable keyboard paths.

Using a password manager can help. Password managers help users create strong passwords, store them in a digital vault (which is protected by a single master password) and retrieve them when logging into accounts online.

3. Enable multi-factor authentication where you can

Multifactor authentication (MFA) is an authentication method that asks users to provide two or more verification methods to access an online account. For example, instead of simply asking for a username or password, multifactor authentication goes further by requesting additional information, such as:

• An extra one-time password that the website's authentication servers send to the user's phone or email address.
• Answers to personal security questions.
• A fingerprint or other biometric information, such as voice or face recognition.

Multifactor authentication decreases the likelihood of a successful cyberattack. To make your online accounts more secure, it’s a good idea to implement multifactor authentication where possible. You can also consider using a third-party authenticator app, such as Google Authenticator or Authy, to help with your internet security.

4. Keep software and operating systems updated

Developers are constantly working to make products safe, monitoring the latest threats and rolling out security patches in case of vulnerabilities in their software. By using the latest versions of your operating systems and apps, you will benefit from the latest security patches. This is especially important for apps that contain payment, health or other sensitive information about a user.

5. Check that websites look and feel reliable

For any website you visit, especially ones you transact with (such as e-commerce sites), it's crucial that they are reliable. A key element to look out for is an SSL/security certificate. This means, lookout for URLs that start with “HTTPS” rather than “HTTP” (the “S” stands for “secure”) and have a padlock icon in the address bar. Other trust signals include:
 

• Text which is free from spelling and grammar mistakes – reputable brands will make an effort to ensure their websites are well-written and proofread.
• Images that are not pixelated and fit the screen's width correctly.
• Ads that feel organic and are not too overpowering.
• No sudden changes in color or theme. In some cases, where users have interacted with a particular website and returned to a familiar page from a link, subtle color or design changes might indicate forgery.
• The accepted standards of online payments – legitimate ecommerce websites use credit or debit card portals or PayPal, only. If a website is using another form of digital money transfer to accept payments, it is probably fraudulent.

6. Review your privacy settings and understand privacy policies

Marketers love to know all about you, and so do hackers. Both can learn a lot from your browsing and social media usage. But you can take charge of how much information third-parties can access. Both web browsers and mobile operating systems have settings to protect your privacy online. Social media sites, such as Facebook, Twitter, Instagram, LinkedIn, amongst others, have privacy-enhancing settings that you can activate. It’s worth taking a while to review your privacy settings across the board and make sure they are set to a level you are comfortable with.

Many of us accept privacy policies without reading them, but with so much data used for marketing and advertising (and hacking) purposes, it's a good idea to review the privacy policies of websites and apps you use, in order to understand how your data is collected and analyzed. However, bear in mind that even if your settings are set to private, very little data online is totally private. Hackers, website administrators and law enforcement could still have access to the information you regard as private.

7. Be careful of suspicious links and where you click

A careless click can expose your personal data online or infect your device with malware. That’s why it's essential to browse consciously and avoid certain types of online content – such as links from untrusted sources and spam emails, online quizzes, clickbait, ‘free’ offers or unsolicited ads.

If you receive an email that you're not sure about, avoid clicking on any links in it or opening any attachments.

In fact, it's best to avoid opening untrusted emails at all. If you’re not sure whether an email is legitimate or not, go directly to the source. For example, if you receive a suspicious email from your “bank”, call your bank and ask them if the email is genuine.