Tips to stay safe on the Internet.

The Internet can be a dangerous place. “Hacking” by all sorts of unsavory people and organizations is widespread and growing. It is essential to keep your sensitive personal information secure and the first line of defense is you.

Protect your information.

Passwords:

• Use a strong password! Using something like 1234 or your birthday is not a good idea. Passwords should be at least eight characters and have upper case, lower case, numbers and special characters such as @ (at sign) . (period) - (hyphen/dash) _ (underscore) in your password. DO NOT USE spaces, other characters or symbols, or non-English characters (such as é) in passwords.
• Passphrases are a good idea too. Make it something that you can remember without being totally obvious. Something like “Open-the-pod-bay-doors-HAL9000” is a little too common. Intentional misspellings can be an effective way to thwart hackers.
• And change your password regularly like every ninety days or so. If you think you might have been hacked or somebody might have gotten your password, change it just to be sure.
• You can test your password at a number of sites on the Internet like http://www.testyourpassword.com/ or http://www.passwordmeter.com/ to see how “strong” it is. Do not use the same password for all your sites! At the very least use subtle variations like FBXXXXXX for your FaceBook account and GMXXXXXX for your Gmail account.
• Beyond just passwords many sites offer Login Notification and Two Factor Authentication for additional security.

Junk Mail Filtering:

• For example you receive an email informing you that you have a deposit pending and need to login to verify it. Phishing schemes start out with something that looks completely innocent but then lead you to a site that is designed to get information from you. If you receive an email, ostensibly from your financial institution, open a new tab and go there directly instead of clicking the link provided. Most legitimate sites will never as for your login credentials.
• Increasing the level of junk mail filtering with your email client will catch many of these phishing scams before they reach your inbox.

Think before you click:

• Never open email from sources you don’t know or only slightly familiar with. When a distant relative who you haven’t heard from in years suddenly sends you a message about some great thing that you should checkout right now your “Spidey Sense” should start tingling! You might want to call, (or text) that person and see if they are really the sender.
• Even if the apparent sender is well known but you are not expecting a deposit, check or money order you should verify the message. When you hover over the link the URL will be displayed on your screen. If it isn’t the same as the senders email address you should be suspicious. If it ends with a .ru, .cn or some other strange extension don’t click it. Delete the message right away. Your financial institution should be informed if others are trying to contact you in their name.

Secure locations:

• Only access your accounts from secure locations. While it only take a few seconds to check your bank account on the free Wi-Fi at the coffee shop that is more than enough time for a hacker to get your information if the network has been compromised.
• If you must use a public Wi-Fi use a VPN, (see the article from my June 2016 newsletter). Or just turn off the Wi-Fi and use your cell phone connection for quick things that don’t transmit a lot of data like checking your bank account.
• Use the HTTPS access. Most browsers and sites with a lot of information have an SSL connection available. Look for a padlock in the URL bar or check the URL itself for the “S” as in HTTPS instead of just HTTP. This makes it harder for the hacker to gather your information.

Stay Up to Date:

• Keep your machine current with the latest updates. Regardless of what security programs you run or what type of machine you have. Both your anti malware and operating system needs to have the latest updates.
• When the manufacture releases an update to fix certain “vulnerabilities” every hacker in the world knows about it, often that very same day. They will move to exploit it right away hoping that you haven’t updated your machine yet.

Backups

• Here is another reminder to keep backups. Just in case everything else fails you have something to restore from. Whether some “malware” destroys your files, a failed update scrambles your machine or a hardware failure forces you to rebuild everything from “bare metal” you can restore your important data from the backups.
• Keep your backups current too. Even if the worst happens you may lose one day but you don’t want to lose everything.