10 Golden Rules To Safely Surf The Internet

The increase in ransomware attacks is calling for attention. But what kind of strategies should we apply to avoid becoming part of the statistics?

We made a selection of 10 golden rules to help everybody surf the internet safely:

The increase in ransomware attacks is calling for attention. But what kind of strategies should we apply to avoid becoming part of the statistics? We made a selection of 10 golden rules to help everybody surf the internet safely:

1 - Use strong passwords

Most people tend to have weak passwords because not every site requires a strong one with special characters and numbers, but why wouldn't you have a strong password if it's not needed? Well, passwords are keys, and as the complexity of the key increases, the complexity of the invasion increases. So, instead of using your mum's birthday or your pet's name, try to use something abstract with special characters, upper and lowercase letters, and numbers.

2 - Be careful with phishing emails

Phishing emails are one of the most common practices of cybercrime. There are many types of phishing; the most common type works like bait, trying to deceive the victim. The hacker sends an email to the victim, pretending to be a company with a similar domain, asking the victim to click on a link and fill out a form. That way, the hacker can steal (your) sensitive data that could be used to harm the victim (you) in many ways, from selling the data to illegal parties to hijacking your credentials to make purchases or steal money from your bank account. With that in mind, always pay attention to the email addresses and never open links from unknown senders, especially those asking for personal information.

3 - Be careful opening email attachments

It works similarly to a phishing email: you receive an email from a hacker asking you to download an attachment. The hacker might be mimicking a big company or even someone you know, and when you open that attachment, an embedded script runs on your computer. This script can do whatever it's developed to do, from deleting files on your hard drive to transforming your computer into a "zombie" and doing whatever the hacker has in mind. Again, pay attention to the sender and never download files from strangers.

4 - Don't click on pop-ups and ads from suspicious websites

An advertisement pop-up can contain malware, and as you click to close the window, it's not guaranteed that the pop-up will close. The close button will instantly download a file to your computer if there is bad intention behind it. With that in mind: be very careful with pop-ups and suspicious ads, especially the annoying ones popping up in a random place at an unexpected time. You can avoid these by updating the security settings on the web browser. Many browsers, such as Brave, automatically block pop-ups to keep their users safe. For an additional layer of security, you can install ad blockers to your browser and enable the "Do not track me" setting.

5 - Don’t use your browser to store your passwords

Many browsers suggest storing your password for you, so you don't need to type it in every time you access a site. Have you ever asked yourself how the browser stores your passwords? Google Chrome, for example, keeps your passwords in the folder "%UserProfile%\AppData\Local\Google\Chrome\User Data\Default\Login Data". If you have any software for database visualisation, you can open it. 

Of course, it's encrypted, but it's not hard to decrypt it. Instead of using your browser to store passwords, think about using software to manage them, such as 1Password or KeepassX. Firefox has some interesting tools to keep users safe and informed about data leaks, with a Password Manager with Alerts for breached websites. 

Read Also: A guide to safe passwords and extra digital security tips for the ultra paranoid 

6 - Don’t give out your personal information

When it comes to personal information, be very cautious about what you sign up for a free service or app; many companies are selling your data as a product. Embedded in their privacy policy or terms & conditions, you allow the company to collect your data and sell it to third parties through trackers that supply advertisers with detailed information about where you live, work, and shop. There are lots of ways to avoid it, from disabling the collection of data in your browser settings to simply denying sites and apps access to your location or your microphone if it's not necessary (if you ever had the feeling that your phone was "listening" to your conversations, and then suggesting ads, you know what we're talking about it). 

Be careful with the privacy policy and terms & conditions you accept online. Reading them might take some time, but it may protect you from bad surprises and help you keep control over your data.

7 - Use Two-Factor-Authentication every time you can

Two-Factor-Authentication, in simple words, is a second-step verification of identity. The most common form of it is embedded in the login process of a site or app. When logging into your account, besides entering your password, you will receive a code via SMS or email, which you must paste or type into the required field. It adds a second layer of security, meaning to hack you, the hacker will need not only your password but also your phone or email credentials (if you don't use the same password twice). You can check in your account settings if it's possible to activate Two-Factor-Authentication.

8 - Use a safe browser 

As a user, your web activity and data access are sold to the highest bidding internet giants, which are becoming richer every second by using your data. Choosing a safe browser that doesn't save your private information avoids being possibly breached and that your personal data is not sold. This means you can surf safely on the internet without being spied on by those internet giants. Rely on browsers with a strong commitment to security and privacy, like Brave or Firefox.

9 - Never download files from unknown sources

As mentioned before, when it comes to downloading files from people with bad intentions, the results can be very harmful. An analogy to downloading a file is letting someone enter your house. Would you let anyone enter your home? No, right? No matter how curious you are, always check the integrity of the source you are downloading from, and always scan files with antivirus software before opening them. 

10 - Avoid HTTP sites

HTTP is the default protocol for the web. Using it allows browsers to request web pages from servers. The problem is that this protocol is based on plaintext; it has no encryption whatsoever. With that in mind, anyone between the client and the server could manipulate the data sent from the client and sent from the server. Hackers could easily abuse that to fake transactions involving money or sensitive data. To solve that, HTTPS was created, an HTTP protocol with security principles like confidentiality, integrity and authentication.

Always pay attention to the page URL (the link in your browser search bar) to stay safe, especially regarding personal or financial transactions. If it starts with HTTP, better avoid it. HTTP sites are not secure and do not protect the communication between your device and the website. When you visit an HTTP site, any information you enter or share, such as login credentials or credit card information, can be intercepted and stolen by third parties. On the other hand, HTTPS sites use a secure sockets layer (SSL) or transport layer security (TLS) to encrypt the communication between your device and the website, providing an extra layer of protection for your sensitive information. Therefore, it is always a good idea to use HTTPS sites whenever possible to ensure the security and privacy of your online activities.