Any brand names mentioned are as a result of their merit, and not paid promotion.
Any brand names mentioned are as a result of their merit, and not paid promotion.
Check out our training academy, which features in-depth courses on ISO 27001, the world’s leading information security standard.
Choosing a Safe Browser
When you’re surfing the web, you want to be riding the right board, or in this context, using the right browser. In large organisations, this won’t be optional, they’ll have a strict set of protocols. Reputable browsers like Chrome, Firefox and Microsoft offerings will often flag dangerous sites, malicious pop-ups and phishing scams, letting you know if the site you’re using is legitimate, or is a convincing-looking medium to access the data on your machine. Cybercriminals are extremely sophisticated these days, so it’s best to start off on the right foot with a browser from the likes of Microsoft, Mozilla or Google. We’ve provided links to optimising a browser’s security below, courtesy of HowToGeek, TechRepublic and VikingVPN respectively.
Mozilla Firefox
Customise your security preferences, don’t ‘autofill’ forms
It’s tempting to enter your details once on a form and then click ‘remember my details’, however in reality, you’re potentially making someone’s job significantly easier. Turning off certain preferences like autofill and ‘remember my card, address or email details’ will prevent your browser from storing this precious data, which can ultimately be mined – accessed – by a third-party if they’re sophisticated enough. It might add a couple of minutes to your day as you fill out a tedious form, but this will save you countless hours and pain if this data were to be compromised. There’s an easy fix for this laziness, which we’ll cover in the next section. If you are a bit lazy when it comes to relying on auto filling forms and passwords, you’ll love a password manager.
You’ll also want to block pop-up windows as effectively as you can, as pop-ups can often be laced with links to malicious sites that are masquerading as a seemingly normal website. These sites can be a pandora’s box of internet maliciousness, so it’s best to steer clear and reduce the amount of contact you have with these pop-ups.
Passwords should become Passphrases
There’s some extremely high-tech ways for third-parties to get into your accounts, from the utilising of machines and algorithms, to the monitoring of your laptop’s webcam- even audio devices that can decipher which keys you’re stroking with your fingers as you input your password. The moral of the story here is that with so many tools in their arsenal, you don’t want to make a hacker’s job any easier than it needs to be. Your passwords should be long- very long. Ideally, they should be a nonsensical mix of letters and numbers, but we realise that this isn’t easy to remember. A password manager will fix this problem, and you’ll only need to remember one password to access your library. However, if you aren’t prepared to use one, make sure your password meets the following criteria: no personal details, no birth dates, or references to your place of birth. Consider a song lyric, or a personal joke between family and friends. Make sure you mix capitals with non-capitals, numbers – and symbols if applicable – into your new passwords.
Know the difference: Secure browsing (https v http)
Depending on the browser you’re reading this with, there’s more than likely a green lock button up near the http(s):// domain entry. That means that the traffic between your device and our website is secure, and the traffic will be encrypted, because your browser was able to confirm our security validation. Be wary of sites that don’t have the green security lock validation; most browsers – the good ones, at least – will give you a warning before entering a site that the browser can’t first validate. The dangers in sites that can’t be validated is that there will more than likely often be some malicious software lurking beneath, looking to vacuum up some of your personal details, and maybe even tricking you into entering a username. Hackers will often mimic the website design of utility companies and internet providers, providing you with a login screen which, if you were in a hurry, or were unwitting about a spelling mistake in the domain name, will copy the details you’ve entered and give a hacker access to your phone bill, or email address.
Know how to spot a Phishing Email
You might think you’re a pro already, but phishing emails still reportedly get a click-through rate of 10%, which is staggeringly high considering how vicious the consequences can be. According to that same report, 68% of respondents said they would indeed open an email if it looked as though the sender was someone they knew. In addition, 61% of respondents said they’d open an email’s link if it contained a subject line something along the lines of “Have you seen this photo of you?” alluding to the fact it was taken from social media. Look for spelling mistakes, see if they’re using your name or not, in the proper context. Most importantly of all, be aware that large-scale financial or legal institutions will rarely contact you for something extremely important via email, so ask yourself: ‘why is the bank emailing me about this?’, if it seems off, call them; you’ll be able to establish whether it’s legitimate once you’ve called extremely quickly.
Common Phishing Scams include:
- A service provider asking you to re-secure your account.
- A social media company asking for you to log in.
- Law enforcement asking you to appear in court, jury duty, respond to a question.
- Tax refund/avoidance/enforcement.
- A workmate or your boss emailing you to buy gift cards.
- A completely random person you’ve never met assuming they know you.
- An offer too good to be true.
- Everyone’s favourite, the Nigerian prince.
- Use a VPN
If you’re really looking to take your security online seriously, you should consider using a virtual private network, otherwise known as a VPN. A VPN connects to different networks around the world, and uses security protocols that enable authenticity and confidentiality of the information that is travelling through the system. Put simply, it makes you more secure online, especially on public wifi networks, which are a major prize for hackers. It’s worth noting that free versions of VPNs available online face some problems, and aren’t completely secure. VPN packages can be purchased reasonably cheaply, and will potentially save you thousands – and a massive headache – if you were to be hacked.
