Many services on the Internet are protected with an access code, in order to protect the privacy of the information. If this password is simple or common (very easy among users) it could be easily guessed improperlyaccessing the account as if it were the real user. For this reason, the use of strong passwords is recommended, with more than 8 characters in combination with letters (upper and lower case), digits and special characters; avoid personal information such as the national identity number, names of relatives or acquaintances and never use very simple patterns, or dictionary words. For greater security, it is recommended to periodically modify passwords. Passwords should never be recorded in notebooks or unencrypted files.
- Security technologies
Create several backups of all your important data and make sure that they aren’t all stored in the same place. Always keep your software up to date. Install a phishing filter/software on your email application and also on your web browser.
Antivirus, firewall and antispam solutions represent the most important applications for protecting the computer against the main threats that spread over the Internet. Using these technologies reduces risk and exposure to threats. To protect against viruses run regularly scheduled scans with your anti-virus software and make sure your anti-virus and anti-spyware software are compatible.
- Trusted pages
Through Social Engineering techniques, many websites are often promoted with data that can attract the user’s attention – such as discounts on the purchase of products (or even free offers), scoops or exclusive materials for current news, multimedia material, etc. . For safe browsing, it is recommended that the user is aware of these messages and avoid accessing webpages with these characteristics.
Verify the SSL credentials of the website and never use personal/sensitive information on sites that do not have a valid SSL certificate installed.
Through Black Hat SEO techniques, attackers often place their websites among the first places in search engine results, especially in cases of searches for keywords widely used by the public, such as current affairs, extravagant news or popular themes (such as sports and sex). In the event of any of these searches, the user must be attentive to the results and verify which websites are being linked.
If we do not want to leave our mark on the Internet, one of the safest ways is through a private virtual network or through a proxy server that acts as an intermediary in communication with the website we visit.
- Share information
All the information we upload to the internet about ourselves, the images we share on social networks leave a digital trail that make up what is known as our ‘digital identity’. For this reason, it is necessary to be aware especially with the digital l identity that we create and only upload information about ourselves that we consider one hundred percent public.
Do not give access to your location, camera or microphone to avoid giving extra information. Don’t use the GPS to show on your publications where you are.
In both instant messaging clients and social networks, it is recommended to accept and interact only with known contacts. This avoids accessing the profiles created by attackers to communicate with victims and expose them to various threats such as malware, phishing, cyberbullying, or others.
- Free WiFi networks
If you use a free Wifi network to browse public pages, the risk is minimal. However, we must avoid browsing web pages that allow us to enter personal data, such as passwords or users’ names, since the Wifi could be compromised and therefore someone could intercept our personal data. We must pay the same attention when we connect to known Wifis..
- Suspicious links
One of the most widely used means of directing victims to malicious sites is hyperlinks or links. Avoiding clicking on these prevents access to webpages that have threats capable of infecting the user. Links can be present in an email, a chat window or a message on a social network: the key is to analyse whether they are offered in any suspicious situation that make you doubt (an invitation to see a photo in a language other than your own, for example), come from an unknown sender or refer to an unreliable website.
- File download
One of the biggest security breaches comes from downloading files. If you are not completely sure of the origin of what you are downloading, avoid it or check it before downloading. Many sites pretend to offer popular programs that are altered, modified or supplanted by versions that contain some type of malware and download the malicious code at the moment the user installs it on the system. Therefore, it is recommended that when downloading applications always do so from the official web pages.
On the other hand, malware propagation is usually done through executable files. It is recommended to avoid running files unless the security of the files is known and their provenance is reliable (whether it comes from an Instant Messaging contact, an email or a website).
- Updating the operating system and applications
Having the operating system (Windows, Linux, Apple …) and all the installed applications correctly updated is one of the main guarantees for not leaving open doors to your computer that cyber criminals can exploit. Although updating computers takes time, and sometimes requires a reboot, it is essential to fix security vulnerabilities in installed software.
If you are already taking the precautions of the case when browsing from your desktop or laptop PC, do not forget your mobile, it is very important that you take into account the same rules for this case. Through devices such as smartphones, the owners of others are more likely to violate security elements that your operating system may offer you.
- Avoid entering personal information in dubious forms
When the user is faced with a webform that contains fields with sensitive information (for example, username and password), it is recommended to verify the legitimacy of the site. A good strategy is to check the domain and the use of the HTTPS protocol to guarantee the confidentiality of the information. In this way, phishing attacks that try to obtain sensitive information can be prevented by simulating a trusted entity.
A cookie is a file created by a website that contains small amounts of data that is sent between a sender and a receiver, in order to know the preferences of the user and to make their experience on the site easier. However, the information that is shared is likely to reach third parties, so it is convenient to assess the traffic of this data and in any case, from the browser we can decide to delete these cookies to avoid unnecessary scares.