How to stay safe online
Top tips to protect yourself from the Internet's nastier elements.
The Internet is a dangerous place. Of course, it's given us the endless entertainment of Netflix, the invaluable wisdom of Google and Wikipedia and the ability to shop 'til we drop without ever leaving our homes, but those boons have come at a serious a price. Protecting one's anonymity amid the ever-changing technological underpinnings of the World Wide Web have provided new opportunities for unsavoury individuals to take advantage of the more-trusting and less computer-savvy Internet users out there, scamming them out of their hard-earned livelihoods.
It's not just shonky emails from Nigerian princes that you need to keep an eye out for, either. Not only have cyber criminals gotten better at crafting believable fake emails and ad pop-ups that look like Windows alert messages, they've developed malware (malicious software) capable of infecting your computer through no fault of your own. Even the most capable computer users can unwittingly find themselves at the mercy of a deviously-designed virus tunnelling its way through a hole in the security of a big-name software suite or other innocuous application.
As troubling as this all is, there are some simple measures you can take to protect you and your data while surfing the lanes of the information superhighway. Though none of them is entirely foolproof, each will dramatically reduce your risk of becoming the innocent victim of a cyber-age shyster.
1. Install antivirus software
The first and most obvious means of shielding your online identity is to install a robust antivirus security suite on each and every computer you have connected to the Internet. As the name suggests, antivirus software monitors all the files going into your computer and cross-checks them against a regularly-updated database of known viruses, spyware, adware and many other types of malicious applications.
There's more, though, as many antivirus suites also offer additional security services like firewall protection to prevent unauthorised users from accessing your computer; email monitoring to check for phishing scams and other types of fraud; and even support for smartphones and tablets – an area that more and more criminals are focusing on these days.
2. Use a VPN
If you're concerned about your privacy online, you might want to consider signing up for a VPN, or Virtual Private Network. VPNs are remote servers that act as intermediaries between you and the Internet. When connected to a VPN, every site you visit only sees the IP address of the remote server you're connected to, masking your identity from anyone who might be listening in. Any files or data you send or receive are completely encrypted, even protecting them from your own internet provider nosing around.
While this is especially handy for those unsettled by the Australian government's recent data-retention scheme and how it forces telcos and internet providers to store your Internet data for use in criminal investigations, it's important to be aware of the trust you're placing in your VPN provider. Since it has access to all your data, you'll want to be confident it's not storing or selling off that data for its own shady purposes before signing up.
Save 66% off NordVPN with a 2-year plan from NordVPN
Sign up to the super fast and secure NordVPN 2 years of service for the low price of only $95.75 in total, or $3.99 per month.View details
3. Back up your data
An increasingly common tactic used by modern malware is to lock you out of your personal files and hold them ransom until you transfer some not-insignificant sum to an anonymous Bitcoin account – Bitcoin being the untraceable currency of choice for many shrewd cybercriminals.
To prepare against the possibility of such an attack slipping by your antivirus software, it's a good idea to maintain a regular backup of your most important files separate from the computer you access them on. For the best security, you'll want to perform a daily back-up to both a local device like a USB hard drive, DVD or another non-volatile storage medium as well as to an online repository like OneDrive or iCloud. If you'd rather not deal with the hassle of managing physical back-ups, you'll want to at least maintain a regular online copy of your critical files – just remember that you're then placing the security of those files in the hands of a third-party, and even the biggest companies aren't invulnerable to security breaches.
4. Always look for the lock
If you've ever shopped, banked or simply logged in to any reputable website in the last decade, you've probably noticed the small lock icon sitting beside the URL in your browser. This icon indicates that a website is using HTTPS, a secure form of data transfer that encrypts all the information sent between you and that website so that any unauthorised entity that manages to intercept it will only see gibberish.
Though HTTPS isn't 100% unbreakable, it's robust enough that you can confidently expect that any passwords or personal information you enter on an HTTPS-certified website will reach its recipient safely and securely. Anytime you go to log in, sign up or reveal private details online, make sure that you can see that all-important lock next to the URL.
5. Be smart with your passwords
Just because you're sticking to HTTPS-certified websites it can still mean your online accounts are open to attack. Database breaches, social engineering and old-fashioned brute-force guessing are all viable tactics for breaking into password-protected accounts, and there's not always a whole lot you can do to stop a determined hacker. However, what you can do is minimise the chances of someone busting into your accounts by choosing strong passwords – and we don't mean "strong passwords" as determined by some websites.
A truly strong password must be something difficult to guess, so anything tied to your personal information like birthdates, cherished pets and nicknames is out. So too is anything inherent in pop culture such as book titles, movie quotes, celebrity names and cultural catchphrases. Mixing letters, numbers and punctuation is helpful, but you'll get even more mileage out of devising longer passwords, as every extra character exponentially increases the time a password cracker would take to break it.
However, the most important element to password security is to never reuse passwords. Every one of your online accounts should have its own unique password so that if someone does crack one, they can't immediately access to your entire online identity. Since remembering multiple passwords for the dozens of different accounts you have can be tough, the best option is to use a password manager.
Password managers help you create unique passwords for each of your accounts then relieve you of the burden of remembering them all by encrypting and storing them on your computer or in secure cloud servers. You only need to remember one master password for the password manager, which then decrypts the required account password on your device so that no one can pinch it.
6. Use two-factor authentication whenever possible
Better than even the strongest password is two-factor authentication (2FA, also known as two-step authentication). When a website supports 2FA, every login needs to be approved by a secondary device such as a dedicated security token or a smartphone. For phone-based 2FA, a limited-time security code will be sent via SMS or through a code-generator app which you enter into the device you're logging in on to prove your accounts.
Since a physical security token or smartphone is much tougher to steal than a simple password, 2FA is a far superior way of keeping your online accounts safe. Whenever it's available, you should always activate 2FA to protect your online identity.
7. Pay with PayPal
Online shopping is only gaining in popularity every year, a fact that is hardly surprising given how much cheaper and easier it is than hoofing it around brick-and-mortar retailers. As convenient as it is, buying online comes with the added risk of relinquishing your credit card details to a website that may or may not be adequately secured.
Rather than cross your fingers that the bargain-priced clothes retailer you're ordering from spends more on its security than its graphic design, a safer option is to simply use PayPal. Providing PayPal with your credit card details allows it to serve as a go-between in your online transactions, paying the appropriate retailer without ever revealing your financial information to them. Since PayPal uses high-level encryption to secure all your transactions, it's far safer than relying on smaller online retailers less stringent security measures. Best of all, most retailers accept PayPal in their online transactions, with the likes of eBay, Woolworths, Kogan and ASOS as examples of the Aussie companies on board.
8. Keep your devices up-to-date
The war between those who protect your data and those who seek to exploit it is endless. Every security breach is inevitably patched; every "infallible" firewall is eventually broken. The only way to stay on top of the constant back-and-forth is to ensure all your Internet-connected devices are kept current with the latest versions of all installed software.
That means much more than updating the operating system and your web browsers – any application, from word processors to the widget that controls the lighting on your flashy keyboard, can become a vector for exploitation in the wrong hands. By staying on top of every bug fix and security patch, you'll greatly reduce the chances of suffering an uninvited attack.
Lower your household bills
Find out how much solar installation costs and how much you'll save.
Tips to save on your energy bill this summer (and all year around).
Ask an Expert