Sophisticated internet security mechanisms are widely available but it is frightening how many people ignore the very basics of staying safe online, particularly those living in regimes with censorship, cyber monitoring, government sponsored spyware.
In some cases the danger is financial – stolen credit card and bank account details but for many netizens, dissidents and politicians in part of Asia the danger can be their freedom or even their life.
I was recently speaking to an opposition politician from an Asian country with a somewhat nasty reputation for attacks on anyone who dares to question their actions. He gave me his email and then said ”by the way do you think the government monitors our computers and emails”. I then asked about what encryption he used and some general questions about the computer system in his office. The answer: a blank look and a comment he did not even lock the office door let alone turn off the computer.
So with that in mind I thought some people may need a reminder of the basics of internet security.
The first is don’t leave your computer on, unattended and in an area that others have access to. On second thoughts, just log off even if you live in a bunker.
Once past that point I hand over to Jason Alderman writing in Huffpost Tech who has some excellent advice.
Update security software. Make sure their computers have anti-virus and anti-spyware software and show them how to update it regularly.
Think like the bad guys. Even the best software isn’t 100 percent foolproof, so teach them how to anticipate and ward off annoying — or criminal — behavior. For example:
- Only open or download information from trusted sites to which you navigated yourself. Don’t assume a link contained in an email, even from a friend, will necessarily take you to a company’s legitimate website.
- Don’t click on popup windows or banners that appear when you’re browsing a site.
- Some common email scams that target seniors include offers for discounted drugs and low-cost insurance, and supposed warnings from the IRS — which, incidentally, never contacts taxpayers by email.
- Financial institutions never email customers asking for verification of account or password information.
- When shopping online, look for safety symbols, such as a padlock icon in the browser’s status bar, an “s” after “http” in the URL address, or the words “Secure Sockets Layer” (SSL) or “Transport Layer Security” (TLS). These are signs that the merchant is using a secure page for transmitting personal information.
These are all common tricks used to infect your computer with viruses or to install spyware that records your keystrokes to obtain account or other confidential information.
Use strong passwords. Believe it or not, the most frequently used password is “password.” Other common, easy-to-crack passwords include simple numeric sequences and names of pets, spouses and children. For more secure passwords:
- Use at least seven characters with a mixture of upper- and lower-case letters, numbers and symbols.
- Use unique passwords for each account in case one gets compromised.
- Change passwords frequently.
- If you’re prone to forgetting, safely store a master list of passwords.
Protect personal information. Never post sensitive information on any website (or share via email, mail or phone) unless you initiated the contact. This might include numbers for credit cards, bank accounts, Social Security, Medicare and driver’s license, address/phone and full birthdate.
Criminals can easily piece together such information to steal your identity and open accounts in your name. Example: Your Facebook profile shows pictures of your dog, Rex. One of your bank’s security questions is, “What is your pet’s name?” Need I say more?
Set privacy controls. On social networking sites, carefully review privacy settings that let you limit who has access to your personal information. Similarly, always review privacy policies for companies you do business with to ensure you agree with how they may share your information with affiliate organizations.
Be skeptical of “free” anything. Before signing up for free trials, especially via popup windows or banner ads, make sure you understand all terms and conditions. Pay particular attention to pre-checked boxes in online offers before submitting payment card information for an order. Failing to un-check the boxes may bind you to contracts you don’t want.
Track account activity. Regularly review credit card and bank account statements and report any suspicious or unauthorized charges to the financial institution or retailer that issued the card. This is easily done at your bank’s online banking site. Also ask whether your credit or debit card offers “zero liability,” which means you won’t be responsible for unauthorized or fraudulent purchases.
For more tips protecting personal and account information and preventing online fraud, visit:
- The National Cyber Security Alliance’s StaySafeOnline.org.
- The FBI’s Be Crime Smart page, which highlights the latest scams and tells you how to report crime and fraud.
- My employer, Visa Inc., offers VisaSecuritySense.com, which features tips on preventing fraud online, when traveling, at retail establishments and ATMs, deceptive marketing practices and more.
- The Federal Trade Commission’s ID Theft, Privacy and Security page, which contains extensive information about identity theft, privacy and information security.