Get CactusVPN for $2.7/mo!
With the total number of Internet users nearing 4 billion, the world is more connected than ever. While that’s usually a positive thing, it also means that cyber crime will become more and more common.
That sounds scary, we know, but we’ve got you covered with 10 ways to stay safe online in the current year, and the ones to come.
If you happen to be in a hurry, though, and can’t read through the whole article right now, feel free to skip to the last section of the article (“10 Ways to Stay Safe Online – Let’s Recap”), right at the bottom. We’ve got a summary of all the main tips to stay safe online we’ll be discussing in this article.
Well, the Internet is simply not what it used to be. That’s not to say there weren’t any cyber threats 15 years ago or so, but the average online user generally had an easier time staying safe on the web. Today, that’s a bit harder to do. While the Internet became more advanced, so did the tactics used by hackers.
Right now, it’s expected that web-connected devices will become huge targets for cyber and malware attacks. What’s more, it’s extremely likely that we’ll continue seeing a bigger and bigger spike in cyber attacks and cyber crime in the next years since that kind of illegal activity have become much more profitable than major illegal drug trade. Then again, research already showed that a hacker attack takes place every 39 seconds, so that’s not really surprising
Overall, all the available data just shows one thing – you either learn how to stay safe online, or you eventually end up losing your money in a cyber attack or the victim of identity theft.
While there are many ways to stay safe online, we’ve decided to focus on the 10 most efficient ones:
It’s hard not to do that – we know. Public WiFi is right there when you need it, and it offers you quick, free access to the web.
But that convenient access comes at a cost – a pretty big one: Your personal and financial details. According to statistics, around 24% of worldwide WiFi hotspots don’t use any reliable encryption at all. The percentage might not seem that bad, but consider this – it’s estimated there will be approximately 432 million hotspots around the world by 2020. So, that means around 100 million hotspots are unsecured.
If you happen to use such a WiFi network, anyone could eavesdrop on your connections to see what you are doing online. If that were to happen, any hacker could easily steal any information they want from you, like your:
And while the majority of hotspots do use WPA2, you can’t let your guard down yet. You should actually take care when using secured public WiFi too – be it at a hotel, at a restaurant, or even at home. Why? Because it was already shown that even WPA2 is susceptible to a specific type of cyber attack. WPA3 is supposed to fix that problem, but it’s likely going to take a few more years until it’s widely adopted – to the point where it becomes a requirement – since it’s an optional certification for now.
So what can you do? You can’t just stop using WiFi all together, after all.
Well, you don’t have to do that. You just need to make sure you aren’t using public WiFi (secured or unsecured) to access sensitive information. Ideally, you should only use it for regular online browsing. Don’t use it to check your email, bank account, or social media profile(s). If you really need to do that, use your data plan instead.
If you want a better option, though, consider using a VPN (we’ll be discussing it at tip #3). The service can secure your online connections on hotspots with no encryption to ensure your private data isn’t exposed.
Many devices (especially mobile devices) are set by default to automatically reconnect to familiar WiFi networks. So, if you go to a friend’s place, connect to their WiFi network, and then visit them again in two days, your device will automatically connect to their network.
It sure is, but it’s also pretty dangerous too. Why? Because cybercriminals could set up fake WiFi networks to confuse your device, and trick it into accidentally connecting to them instead. Worst of all – it’s not an extremely complex process for them.
Let’s say you go to a bar, have a beer, and use the WiFi. When you leave, you automatically disconnect from the network. But as long as the “remember” feature is turned on, your device will continue broadcasting a signal that asks nearby WiFi networks if they have the same SSID (WiFi network name) as the bar’s hotspot.
All a cybercriminal would need to do in that case is use a device that can scan the SSIDs your device broadcasts, and then rebroadcast them as its own – effectively making your device believe the hacker’s fake network is a legit one.
So, it’s much better to just have your computers, laptops, and mobile devices forget WiFi networks. If you don’t know how, here’s a list of useful guides you can use:
You should know that some operating systems or devices (usually the more modern ones) call this feature “Auto-Connect.” So, be sure to disable that too if you notice it.
Using a VPN is a very smart way to stay safe online, and it’s an especially effective method if you follow all the other tips that are discussed in this article.
CactusVPN is just the service you need. We secure your data with high-end encryption, and we offer access to highly-secure VPN protocols like SoftEther and OpenVPN.
What’s more, we offer access to user-friendly apps, we outfitted our service with a Kill Switch to make sure you’re never exposed on the web. Also, we offer reliable DNS leak protection, and we don’t store any user logs to properly protect your privacy.
And once you do become a CactusVPN customer, we’ll still have your back with a 30-day money-back guarantee.
One of the best ways to stay safe online is to make sure you use a reliable antivirus/antimalware program on your device. It will help protect you from online threats – like malicious cookies, malware, viruses, spyware, adware, etc.
Besides antivirus/antimalware software, you should always try to keep your operating system up to date. Don’t forget – crucial security updates can be released even within the tinies system updates. That, and make sure to keep your firewall turned on – it’s an extra layer of security that’s worth having.
As for your browser, you should consider using script blockers – essentially extensions that prevent unauthorized scripts from starting up when you access a shady or malicious website. For example, a script blocking extension could prevent a malicious website from loading a crypto-mining script that harms your CPU, or stop a website from displaying malicious pop-up ads.
With phishing attacks on the rise and spam emails accounting for 45% of all emails that are sent on the web, it’s more important than ever to avoid falling for them. If you do, you risk having your identity stolen, your bank accounts emptied, and your business ruined.
Spam emails are usually easier to recognize than phishing emails since they take less effort. The poor grammar, aggressive tone, and vague context tend to be a good giveaway. Some phishing emails can be recognized that way too, but many of them tend to be better crafted. Scammers take the time to research their victims and personalize the messages, so that they have a better chance of getting the recipients to engage with the emails.
Examples of phishing emails can include:
There are many more other scenarios, but you get the idea – phishing emails can be very diverse and – sometimes – quite convincing. Luckily, there are some red flags you can look out for:
All in all, if you ever get spam or phishing emails, just ignore and delete them. Ideally, you should contact the real alleged sender to see if they really emailed you or not. You should also consider using Stanford’s anti-phishing extensions, and maybe contacting the authorities if the law in your country allow you to take legal action against them.
Like most people, you likely already know how important it is to have a reliable password for any account you use. But while that is well-known, people still don’t seem to listen. In fact, statistics show that approximately 86% of global passwords are extremely weak.
Safe to say that hackers are rejoicing at this kind of news.
So then, what makes a good password? Well, before we offer you some tips, we need to highlight one important thing: You need to have a different password for each account. Having one strong password you use for all accounts isn’t the safest way to go. Just think of it – if that password (no matter how strong it is) were to be cracked, a cybercriminal would get instant access to all your accounts. If you have multiple passwords, only one account gets compromised.
Something else you should know is that you need to change passwords on a regular basis – it’s simply much safer to do so. Now we don’t mean you need to change them every day (unless you want to, of course), but you could change your passwords every month, for example.
With that out of the way, here is what you need to do to create a strong password:
In case you’d like to read more about this, check out our guide on how to create a strong password.
As for how to keep track of all your passwords, we recommend first writing them down in a notebook you keep in a secure place in your home or at a bank. Secondly, consider using services like KeePassXC or Bitwarden to manage your passwords.
It’s always best to avoid using HTTP websites – especially for online purchases – because they are simply not secure. That’s not just a speculation – even Google started marking all HTTP websites as being unsafe back in 2018.
Basically, if HTTP is used on a website instead of HTTPS, it means there is no security in place to encrypt your online communications with said website. So, anyone could see what you’re doing on it. See the problem? It’s very easy for a hacker to compromise your passwords, bank accounts, and credit cards this way.
And no, it’s not just HTTP websites that handle payment information that are a problem. HTTP blogs and forums are an issue too. Why? Because they usually collect your email address when you sign up. Due to the lack of encryption, there’s a chance that email can end up in the hands of cybercriminals. If that happens, your email address will become the target of phishing, pharming, and spam attacks.
How can you tell if a website uses HTTPS encryption? Pretty simple – here are some signs:
However, you should know that while HTTPS websites can’t really be spoofed, there’s nothing usually stopping hackers from setting up a fake website that imitates the original one, and using homograph attacks to fool online users. That, and hackers or scammers could just register a “legit” website for an HTTPS certificate, and use it to steal your credit card details, for example.
A good way to protect yourself against such attacks is to always double-check the website URL to make sure there are no misspellings, and to use password managers since they will only auto-fill your login credentials if the website is actually the real one. If it’s fake, they generally won’t do that.
As for malicious HTTPS websites that don’t imitate other platforms, your best bet is to do a lot of research on it to see if it’s really legit. You can also try clicking on the padlock icon to get more information about the company’s certificate.
Oh, and you should also consider using the script blockers we mentioned above (uMatrix and uBlock Origin). They’re not 100% guaranteed to protect you from fake HTTPS websites, but they can – at the very least – stop any malicious scripts from running in the background when you access such platforms.
Listing your phone number and email address on your social media page makes it easy for people looking to make new friends or interested employers to contact you, right?
Sure, that can happen, but doing that also makes it very easy for cybercriminals to target you with scams. Not to mention that’s exactly the kind of information that gets sold on the deep web for a profit.
You should also avoid giving out too much information about what you are doing or your whereabouts on social media. While it might give you something to talk about with your friends, it also gives robbers some pretty useful information too. For example, if you post a picture from a restaurant, and tag yourself as being there, you’re essentially letting burglars know you’re not home.
And that’s no fear-mongering. Many robbers used info from social media to plan their heists. Plus, back in 2011, statistics showed that around 80% of robbers checked social media when planning a theft. That was some time ago, true, but it’s highly unlikely that things got better now – especially since social media contains even more information about you. In fact, it seems social media is more popular with burglars than ever.
Of course, we’re not saying you shouldn’t use social media at all, but try to limit the amount of info you make public about you. At the very least, you should make sure all your profiles are set to private, so that only people you trust can see what you post. Naturally, you should make sure you don’t add anyone to your Friends list who you don’t know, or who seems like a fake, copycat profile.
Oh, and when it comes to sharing private info, that includes your IP address too. Don’t forget – people can learn a lot from it, like what country and city you live in, and what your zip code is. That’s why it’s always a good idea to use a VPN when you access the web – your IP address will always be hidden that way.
As a general rule of thumb, you should only turn Bluetooth on when you need to share files with someone you know on the spot. When you’re done, though, you should immediately switch Bluetooth off. Why? Because leaving it on can compromise your online security.
Unfortunately, while Bluetooth can be safe, it has a lot of security flaws. Back in 2017, it was discovered that cybercriminals could use a vulnerability to hack mobile devices without anyone noticing. A year later, a new security issue was discovered which allowed MITM attacks to be used to steal your cryptographic key.
But that’s just the tip of the iceberg. Bluetooth is susceptible to various cybernetic attacks, such as:
So, make sure you never keep Bluetooth on at all times. Also, take the time to ensure your device isn’t “discoverable” through Bluetooth if there is a setting for that on the platform you use.
In case you’re not sure how to disable Bluetooth on your device(s), here are some guides that might help you:
If you don’t know someone personally in real life, it’s best not to be too open about your personal life and financial/business details if you only met and talked with them on the Internet. You never know if it’s a genuine person looking to befriend someone, or if it’s a hacker, scammer, or someone involved in corporate espionage behind the profile.
Don’t forget – it’s not that hard to set up a fake social media profile. A few stolen or stock photos, some generic “About Me” information, a simple email address, and a burner phone is all a cybercriminal would need to set up and confirm a fake profile.
What can happen if you share too much information with a stranger over the web who seems friendly enough? Sometimes, nothing. But, other times, there’s a chance things could go wrong:
Those are just some possible scenarios, but you get the idea – don’t blindly trust anyone who is too friendly with you on the Internet, especially if you’ve never met them in person. And no, seeing them over a webcam doesn’t mean you get to know the real person. The webcam stream can actually be faked, and there are tons of software that can help someone do that.
Online safety is more important than ever nowadays since security threats almost around every corner on the Internet. Well, our research shows that the following 10 ways to stay safe online seem to be the most efficient ones: