Note: The views and opinions expressed in blog/editorial posts are those of the author. They do not purport to reflect the views or opinions of Misbar.
The web is full of falsehoods that may put you and your information at risk. Many resources may be full of incorrect, misleading, or false information that can entice you to click or sign up for fictitious sites and newsletters. Learn some key strategies and methods that will help you protect yourself online.
Watch out for Social Engineering Tactics
Social Engineering is defined as the process of deceiving an individual to gather information that can later be used for damaging and fraudulent purposes. It’s not often easy to know when an attacker is trying to perform this psychological act on you.
Examples of social engineering tactics may include:
- Fake posts that get you to click or entertain them and donate
- Random internet individuals asking you probing questions
- Online scams that interest you by flashing tags and promises
- Social media and email scams that request personal information
Don’t share all of your information online and keep a certain level of anonymity. Your Facebook friends don’t need to know your address, middle name, date of birth, income level, and every single detail of your life. The same applies to your children when you share newborn photos and details of their entire birth, hospital, and more. Protect yourself and your family from attackers.
Don’t download attachments from individuals you don’t know
If you see an attachment available for download on an email, ask yourself who it is from. If the email is from an individual that you’re not familiar with, do not download it! Downloading strange attachments may increase your chance of downloading malicious software to your computer. Malicious software is software intended to launch or pose a threat to a victim’s computer. Malicious software can allow attackers to use your device in a network attack, eavesdrop on your communications, track your web traffic, log your passwords, and even cause annoying spyware popups.
This type of software can be hidden in attachments such as PDFs, ZIP files, and documents.
More often than not, these attachments may be easily identified by factors such as:
- Unknown Sender
- Unexpected arrival
- Strange file name
Don’t click links in emails
Hackers and illegitimate individuals may send links to your email in hopes you will click on them and provide them any requested information. These are commonly known as email phishing attacks. If you ever get a phishing email that appears to be from your bank, instead of clicking the email link, simply google your bank and go to their website directly. This allows you to avoid the middleman and ensure you’re using the correct site.
Remember to not engage and click random email links. These links may redirect you to sites that are posing as your favorite sites but are instead collecting your username and password to pose as you on the actual websites. This puts your information in grave danger and has the potential to expose you to identity fraud.
Use Multi-factor Authentication
We all get those annoying emails and notifications from our popular websites, often asking us to sign up for multi-factor authentication. Next time you see one of these, don’t ignore them. Multi-factor authentication is the practice of using more than a single verification method for the purpose of identifying an individual to gain access to a system. The intent is to ensure if someone gets access to your password or PIN, that they aren’t immediately allowed access to your account. Considering that most individuals use insecure password practices, you should definitely be worried.
Common multi-factor authentication methods:
- Password + Face recognition
- Badge + PIN
- OTP sent via text + Password
Don’t use sites that aren’t secured
There are a variety of sites online that have adopted to changes online and now use secure encryption methods. These sites are labeled with “https” which is indicative of a secure connection. Inversely, sites without this security start with “http.” HTTPS stands for Hypertext Transform Protocol Secure and uses encryption to properly secure your online transactions and traffic. Without this security, your information is vulnerable to various attacks.
Here’s what you should be looking for:
- Good: https://www.SITE.com
- Bad: http://www.SITE.com
Use VPNs for secure connections
A VPN, formally known as a Virtual Private Network, is an encrypted connection that establishes between a device and a network. This encrypted connection allows you to protect your information when using the Internet. There are many free and affordable VPNs available online that will allow you to download software that you can easily toggle on and off when needed. VPNs should be used whenever you’re online, but most importantly when traveling, working remotely, or using public wi-fi.
Only read and review information from legitimate sources
Have you ever seen a captivating headline that when you clicked it navigated you to a sketchy website covered in ads? That’s probably a site you should stay away from, but hopefully you had your VPN on. This critical mistake can be avoided by only gathering information from legitimate sources. Whether it’s information about changes to your bank policy, celebrities, or trending news, refrain from misinformation that is populated all over strange sites on the internet.
___
Most importantly, if you see something, report it! Whether you get a phishing email and report it to your bank, or see a false news statement on social media and report it to Facebook, you are making a difference online and helping protect the integrity of information.
As technology continues to advance, individuals will always leverage technology to attack your personal interests and information. Be sure to use these techniques to ensure your information is secure. Don’t always trust every link or document you see online.
