There are three golden rules to protecting yourself online. 1.) Always use a strong password and never share it. 2.) Learn to identify fake sites, links, and emails. 3.) Remember that if it’s “too good to be true” it’s not true!
Let’s go through these three golden rules now.
You should always use strong passwords. What is a good and strong password though? The most important element of a good password is that it is long. Yes that’s correct, a good password is long. This is because the longer the password is, the harder it is to automatically guess by just guessing many different combinations (this is called “brute forcing”). The longer a password is the more different things an attacker would have to guess. It’s really that simple.
Special characters, upper-case, lower-case.
You may have heard or been told that you need to add special characters like “$” to your passwords. Or use numbers like “123” and upper and lower case letters. It’s true that these things help make your password stronger, but – it’s more important that you can remember your password. If you can’t remember your password then the chances are you will end up having to write it down somewhere and may leave it where anyone can get it.
Therefore, just choose a nice phrase that you will remember. A decent example would be “myfavoritefoodisd0sA”. That password is nice and long, has a single upper case letter at the end and the number zero instead of the “o” for dosa. It’s two small modifications that you can get in the habit of remembering. It’s also a phrase which makes it longer. This way you will remember your password and it will be strong.
Never share your password.
Really, just don’t ever do it. There is never a reason you need to share your password with anyone. If someone is asking for your password they are either a) scamming you or b) unaware that they don’t need it. You don’t ever need to give your password to anyone for anything. Anyone who tells you otherwise is wrong.
Learn to Identify Fake Sites, Links, and Emails
Every time we interact with someone online, there is a real person on the other end. Therefore we need to find a way to verify the authenticity of the person we are talking to otherwise it could be a scam or attacker. How do we know that the site we are looking at is the “real” one? How do we know if the email is actually from the person who it appears to be from? These are very hard questions without simple answers. But we have some tools we can use.
Websites: Do your own search
If you get an email from a bank that says “we need you to verify your account details, please click here” then you can verify this easily. Instead of clicking on the link, go to google and search for your bank’s name. Then select the result that has your bank’s name in it. Now you are much more certain that you are visiting your bank’s actual website. Once you are at your bank’s website and trying to login then they should direct you to verify anything that needs verification (if it really needed to happen).
Searching for the website of the company that is trying to talk to you is a good idea, this way you can be sure it’s a real website and that the offer or requirement is real. Always verify suspicious emails on your own.
Look for the “lock” symbol
The lock symbol in the browser bar tells you that your connection is secure. It means that anything you are sending to the website is encrypted. This guarantee is not very strong, because attackers can easily get an https connection for their site. However, if it’s missing from a website then you should not use that website.
The best way to check if a link is real or not is to search for the link yourself. You can do the exact same steps we outlined above for searching a website. If the link doesn’t show up in a google search it’s probably fake.
Emails: examine the “from” address
The best way to check if an email is real or not is the examine the “from” address. For example if you can get an email from “Dr. Maneesha Rao” but the email address is listed as “firstname.lastname@example.org” this is called name spoofing. Someone is pretending to be Dr. Maneesha Rao. This is the most basic kind of scam. If this happens just mark the email as “spam”.
However it’s also possible that you will get an email from Dr. Maneesha Rao that is actually from her email address. This still doesn’t mean that Dr. Maneesha sent the email, instead it’s possible that someone is spoofing her email via a hack, or has actually hacked into her account and is sending emails on her behalf. Basically, if the email seems strange, you should find another way to communicate with the person who sent you the email. Call them, text them, find a second way to confirm that they actually sent you the mail.
If it’s “too good to be true”
Scammers and Cybercriminals rely on what’s known as “lures” to trick you into clicking on their links. One of the most common lures is to prey on your desires and emotions. Most people need money, we are all struggling to make ends meet in this world. What better way to get someone to click that offer them something free? This is a very common method. But… if “it’s too good to be true”…It’s not true!
No, you did not win 1.25 crore rs. No, they do not have the cure for COVID-19. No there is no 356 USD dollars waiting for you. I am very sorry to inform you, but you have not won the lottery. Mark all these spam and move on.
Antivirus software is a good thing! It will scan your computer regularly and alert you when you have a virus. It can also be configured to restrict you from making mistakes. Antivirus software is not perfect though it can be bypassed.
Antivirus software is not a complete protection. Viruses can still slip by and still infect your computer. This is because new viruses are always being developed by cyber criminals and the anti-virus companies are always trying to catch up to them. It is much easier to write virus software than it is to write protection software.