Safer Internet Day is a yearly event organized by the European Commission in February. This day highlights the importance of making sure that the internet is a safe space for everyone, especially the younger audience.
As spotit is a security company, we – the students of the spotit Academy – want to give you 9 security tips to make your journey on the web safer.
- Use complex passwords
Using a complex password for your account makes it more difficult for a hacker to guess your password. Make sure that every single account has a unique password. When a website gets hacked, only the account that uses that unique password is affected. This way, you can minimize the impact. We understand it can be tricky to memorize all the passwords, so we recommend using a password manager to help you generate and store all your passwords.
- Use Multifactor Authentication (MFA)
Multifactor Authentication (MFA) is one of the greatest tools to mitigate anybody accessing a personal account. MFA works by requiring additional information next to your traditional username and password. It makes sure that even if your username and password are stolen, the third party cannot enter the account, because they do not have the additional information required from the MFA. The most common way to use MFA is through an authentication app (Google Authenticator, Microsoft Authenticator). Google Authenticator works by generating a random 6-digit number that you need to enter after filling out your username and password. Microsoft’s authenticator sends an approval message to your phone, which you have to approve before gaining access to the account.
- Keep up to date
Regularly updating your software is of key importance! These updates often contain security updates and solutions for known security issues that have been found. If you don’t update your software, those security issues can have a huge impact on keeping your devices safe.
- Be aware of phishing
We all receive emails or text messages stating you won a prize, whether it be money or a brand-new phone, an email from your bank claiming there’s an issue that needs to be dealt with ASAP, a message about a password being expired, or something else that’s too good to be true. Scammers are constantly phishing for your personal information via those messages. They want you to download something suspicious, click on a malicious link or enter the credentials to your accounts. Unfortunately, those phishing messages can look very real and convincing, so it’s important to always stay attentive. Check out our post about phishing for more info and tips.
- Don’t visit fake websites
Easier said than done. Fake websites usually closely resemble the actual website, so how do you recognize a fake one? Our tip is to always hover your computer mouse over a link before clicking. It will show you what the link really is about and where you’ll be redirected to. Keep in mind that scammers will try to outsmart you by obfuscating their link. A common example is Gmail: does it go to “gmail” or “gmaiI”? The subtle difference between a lowercase ‘L’ and an uppercase ‘i’ is almost unrecognizable.
- HTTPS only add-ons
Another trick to detect fake websites is whether they go to a HTTP or HTTPS website, the latter being a secured website.
- Limit sharing personal data
Websites often ask for your personal details. It is fun to answer those questions, isn’t it? Be careful though! Your personal data is very precious, so you should always try to protect it. When you register for a website, you will often be asked for a lot of information. The boxes that are not mandatory (usually without a red asterisk) do not have to be filled out at all! You should also consider the purpose of the data. Does this gaming website really need your birth date, phone number or email address? If this data ever falls into the wrong hands, you’ll become an even bigger target for phishers.
Try to be proactive in this regard and only share personal data you feel comfortable with.
- Watch out for public hotspots
Don’t we all love to be connected to the internet all the time, wherever we go? Thank God for the public hotspots – or not? Unfortunately, those public hotspots are not always secure. We advise to only use them when absolutely necessary. Your own mobile data connection is much safer, so create a Wi-Fi hotspot with your phone. In case you do have to connect to a public hotspot, make sure you only visit HTTPS websites with a valid certificate (look for the lock in the address bar, next to the URL). An even better option is to use a VPN connection.
- Avoid shoulder surfing
Another way your personal data can be stolen is through shoulder surfing, and it really is as simple as somebody watching over your shoulder! They can see you type in valuable information: your phone pin, passwords, credit card info, ATM pin, etc. When such valuable data falls into the hands of a stranger it can be used against you. Here are some tips to mitigate shoulder surfing:
- Always check your surroundings when using an electronic device
- Shield your pin so nobody can see you type it in
- Always lock your device if you leave it unattended
- When using a laptop in a public place, choose a seat with your back against the wall