Nowadays, using social networks and buying merchandise from online retail stores is as common as washing the dishes, and the more it becomes ingrained into our everyday lives, the more we get comfortable and maybe even complacent when it comes to guarding our personal information.
Throughout the years we've all heard millions of tips on how to protect our private data, and with all of those warnings, it's easy to be a little confused about just what's the most important safeguard.
So what's the first thing one should remember while losing themselves inside the vast world of the Internet?
“Don't click on links in email messages or open attachments purporting to come from retail or social networking sites as notifications. When you do, you might be taken to a fake site and prompted to type in personal account information, or infected with malware, said security researcher Cameron Camp in an interview with ConsumerAffairs.
“If you click on an attachment in a notification email, you may be unwittingly starting the process of infecting your computer. Instead, visit the website directly to make sure you're visiting the legitimate one, then interact with your account directly,” said Camp, a researcher at ESET, a company that deals in IT security.
What can be so tricky in today's digital world is the fact that hackers perpetually develop new ways to steal your information, so just as consumers protect themselves from one hacking scheme, a new and more advanced one follows.
And just what do some of these new hacker tactics entail?
“Fake notification emails with malicious attachment payloads,” said Camp. “Leaving your mobile device unprotected (no password or other lock), paving the way for scammers to open it up and harvest information in a few easy steps, especially if they steal the device.”
Consumers should also not be “using Java when it really isn't needed, or isn't patched and up to date,” he added. “This can allow tricky malware in the back door, so to speak, and can allow disturbingly powerful tools and techniques to be used against you, regardless of the platform or operating system.”
Camp also says using the same password for all of your accounts is still one of the most common mistakes people make in their daily computer use.
“If one of your accounts becomes compromised by hacking or any other means, your others might soon follow in a cascading fashion, messing up a lot more of your life,” he said.
“Shopping at websites that aren't reputable, or connecting to shopping websites using unencrypted connections,” are also common errors people make, said Camp. “Instead, use https (encrypted), rather than http (unencrypted). Your browser should tell you when you are using an encrypted site by displaying a lock symbol.”
He also says that although there are more ways to guard your data nowadays, there are also a lot more ways for you to be scammed.
“While there may be some improvement in securing single pieces of your information, the average user interacts with hundreds more services directly, and many more third party services that share that information secondarily,” explained Camp.
“This mean there are now exponentially higher numbers of ways to scam you and/or get a very complete digital snapshot of your life, and they would all have to be secure which is unlikely,” he added.
Camp also says using only one method of protection to guard your information isn't good enough, and online users should install backup safety measures just in case the first level of protection is compromised.
“This is the argument that it's better to have one super-secure lock on a box and hope no one breaks it, because if they do then they get everything,” he says. “A better approach is to have a reasonable lock on the box, and also a reasonable lock on the door to the room, the front door to the house, and the gate.”
“Layering defenses in this manner creates a sufficiently high barrier that criminals will go elsewhere to look for easier targets,” said Camp.
Such as ...
And what are some of the software and other safeguards consumers should buy to protect their personal data?
“Find a method (other than post-it notes, don't laugh, that's extremely common) to keep track of your passwords, and make sure it's encrypted in case it falls into the wrong hands, says Camp. “Sometimes a browser has this feature, but search customer and security reviews before you choose.”
Also “have basic anti-malware software for your computer devices, both traditional PC's and mobile. Remember, users interact with their mobile devices in many of the same ways as they did on their PC and the same protections and scams are also both applicable too, especially in the future,” he said.
“Have a firewall on your primary network you use. This doesn't have to cost many thousands of dollars, just try to enable the defenses on the unit you have. Many modern home routers have surprisingly sophisticated defenses, like intrusion detection/prevention (IDS/IPS) — if you enable them,” Camp said.