Checklist: 7 essential online security steps you can’t skip
February 28, 2021
By Kim Komando
Security threats are pretty much everywhere online these days. Data breaches, phishing scams, ransomware attacks and identity thieves are just a few things we need to watch for.
While some threats are out of our control, many can be prevented with just a little time and effort on our part — but that’s the problem. Not enough people take security as seriously as they should. Want to find out if your data has been part of a breach? Tap or click here for a tool that can show you.
Whether it’s laziness or just a lack of knowledge, too many people leave themselves open to attack. The good news is everyone can change their ways and protect themselves — it’s not too late.
That’s why we’re going to share seven online security basics everyone should be doing. There really is no excuse to ignore these habits anymore — not if you want to be protected.
1. Missing out on important security patches
One mistake lots of people make is not paying attention to operating system (OS) updates. Some don’t realize exactly how important these are.
Most OS updates include patches to fix security flaws that hackers can take advantage of. Without installing the update ASAP, you’re leaving your device open to attack. The process to keep all of your devices up to date is rather simple. It only takes a few minutes.
Here is how to check for Windows 10 updates:
Tap the Start button (the Windows key), then select Settings. From here, choose Update & Security, then Windows Update. On the next page, you’ll see if your machine is up to date. There’s also a Check for updates button.
To manually update macOS:
Choose the Apple menu, then go to System Preferences. Click Software Update. If any updates are available, click the Update Now button to install them.
To update software downloaded from the App Store, go to the Apple menu, click App Store and choose Updates. Click Update next to an app to update only that app, or click Update All.
For Apple gadgets:
Updating your iOS is easy and doesn’t even require a computer anymore. All you’ll need is your charging cable and adapter, your iPhone and a stable Wi-Fi connection.
Note: Your device will not update if your battery is too low, which is where your charging cable and adapter come in. If your device has less than 60% battery life, you will need to charge it during the update.
To get started, open the Settings app on your device and scroll down and select General. Next, tap Software Update and you’ll be taken to the landing page for iOS updates. Here, you can select Download and Install, which will begin the process of loading your new operating system.
While you’re on this landing page, make sure to check Automatic Updates, which will install critical security patches and bug fixes overnight while you sleep if your gadget is at 60% battery or more (or is charging) and is connected to Wi-Fi.
For Android gadgets:
Since Android phones have multiple manufacturers, the OS updating process can be different depending on which model you have. Here is the most common method:
To update your phone, open the Settings app (the one with the gear-shaped icon). Near the bottom of the page, tap System, then Advanced and finally, choose System Update.
If you’re on an older version of Android, you can open Settings, then System and tap About this phone if you don’t see an option for Advanced.
The menu you arrive at will allow you to check for the latest update and download it if you haven’t already. Make sure to follow any instructions that appear on your screen carefully, and stay plugged into a power source to prevent your device from powering off mid-update.
2. Do you really want everyone to know that?
We live in the era of oversharing. Or should we call it the error of oversharing?
These days, it seems everyone shares everything on social media platforms like Facebook. It’s often innocent oversharing, like your friend who “checks in” to every restaurant and posts pictures, so you always know where they are and what they’re eating.
Unfortunately, it’s easy to overshare with hackers, too. How often do you mindlessly click through buttons that say, Allow Access? If you’re taking a mindless Facebook quiz, playing an online game or entering a contest, it’s understandable because you want a chance to win.
RELATED: How to check if any sketchy apps have access to your Facebook profile
But stop and think about what you’re doing before you give away your information. One no-brainer? You should NEVER post your address or other personal information on social media sites.
Companies like Facebook are too careless with our privacy as it is, and you don’t want your sensitive information in the wrong hands. Identity theft is a growing problem and oversharing on social media can be a big contributor.
The same goes for more basic criminals. If you’re always sharing when you’re away from home, this can open you up to burglars. This is especially true if you add just anyone to your accounts. Always be aware of what you’re posting to your social media accounts. You never know who might be paying attention.
3. Wait, you’ve already used that one
This mistake is way more common than it should be. We’re talking about using the same password on multiple sites.
Yes, it’s so much easier to remember that one good password from oh so many years ago, so you keep using it over and over. But it’s a terrible practice and puts your security at risk in a big way.
Why? Well, the answer is simple. If one website has a data breach and bad actors can get to your account credentials, they can easily check to see if that login information works on other sites. This can spell disaster and cost you big time.
The solution is to have a different password for every online account. But remembering all those passwords can be difficult. A password manager can help you keep them straight. Tap or click here for details on the best password manager.
Now that you know how to keep track of all your passwords, let’s talk about creating stronger ones to really safeguard your accounts. Tap or click here for techniques to creating stronger passwords.
4. Sharing isn’t always caring
Keeping your critical information safe can be difficult, especially when cybercriminals keep finding new ways to rip us off. That’s why you really need to be careful with sharing passwords.
And we’re not just talking about the passwords to your financial institutions. It’s all passwords. Even those streaming services you subscribe to.
Sure, it’s pretty common to swap information for streaming services. If your friend offers their Netflix login in exchange for your Hulu credentials, it’s easy to say, “OK.”
RELATED: You may have to stop sharing your streaming credentials
But what if the other person isn’t as careful with online security as you are? Your credentials could fall into the hands of a cybercriminal. All it takes is for your friend to connect to your streaming service over public Wi-Fi. Hackers could get into your account and steal your payment information. Not good.
Then there’s your home Wi-Fi. Many people don’t think twice about sharing their Wi-Fi password with guests. But that, too, could lead to disaster later if your network’s password falls into the wrong hands.
The good news is there is a way to let guests use your home Wi-Fi without giving them the password. Tap or click here to find out how.
5. Is that person really who they say they are?
We don’t only have to worry about security threats in our personal lives. Scammers don’t just target individuals anymore. They also target businesses.
According to an FBI report, the worldwide numbers for Business Email Compromise (BEC) crimes have reached a devastating new high. It’s a growing epidemic in the business sector, with most of the crimes perpetrated against U.S.-based businesses, regardless of size.
The FBI describes BEC scams as:
[A] sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.
FBI
The report continued, explaining these scams compromise legitimate business email accounts to trick employees into transferring funds from the business straight to the criminal. They do this through “social engineering or computer intrusion techniques.”
Basically, a BEC scammer attempts to trick employees into sending money transfers or handing out sensitive information by impersonating executives via email. These attacks are initiated either by social engineering tricks, email spoofing or malware — targeting anyone with access to company funds.
There are a few simple things to watch for to avoid falling victim to one of these scams. One step is to incorporate two-factor authentication (2FA) whenever it’s available. This is good advice for both business and personal accounts. Tap or click here to learn more about 2FA.
That’s just one way to outsmart BEC scammers. Tap or click here to for more methods.
6. Always have a plan B
In the early days of the internet, we had to worry about hackers infecting our computers and stealing critical data. It was hard enough to stay protected back then, but things have gotten worse.
Now, it’s not just that desktop PC to worry about. Cybercriminals can attack your smartphone, laptop and tablet, too. Every time you connect to the internet, you’re putting your files at risk.
That’s why it’s critical to have everything backed up. You don’t want to be at the mercy of a crook behind devious attacks like ransomware. There are a few simple ways to back up your files. One is by saving them to another drive, like an external hard drive or a USB flash drive.
But there are even more options. Tap or click here to back up your data before it’s too late.
7. Keep snoops out of your phone
Think about how much valuable information is stored on your phone — from banking apps that have access to your finances to email accounts that have personal and business communications.
That data is all housed on your phone. Smartphones have basically become access points to everything important in our lives, which is why it’s so critical to keep criminals and snoops out.
The way you lock your phone matters. Any easy passcode or no security at all makes it easy for someone to access your device. And granting too many app permissions gives app creators and advertisers access to way too much information.
Many of these common mistakes are easily correctable. For example, changing your phone’s password to make it more difficult for a crook to crack. That’s just one way to beef up your phone’s security. Tap or click here for six ways to protect your phone from hackers, snoops and intruders.
https://www.komando.com/tips/cybersecurity/online-security-basics/