When you use the internet, you are continually sending and receiving data. Data you send and receive often contains sensitive information including credit card details, passwords or other personal information. To keep this information safe ensure the website you are connected to is using an encrypted connection. To tell if a website is encrypting your data when it transmits it check the address bar starts with HTTPS. When browsing a website using HTTPS, your communications with that server are encrypted helping to protect you from cybercriminals. If the website in the address bar only starts with HTTP, any data you supply such as a password or credit card details, will be sent in plain text to the server. This makes you a target for cyber-criminals to intercept your data.
Not all websites will load HTTPS by default. Many, not all of these websites, but will support an encrypted connection. To load supported pages as HTTPS instead of HTTP you can install a plugin for your browser called ‘https everywhere’. This will ensure that every page that you load that supports HTTPS, will use it. This plugin can be downloaded from here.
Many websites make money by selling advertising space to third parties. While this helps provide free content, this third party company running the advertising may have lower security precautions than the website you are visiting. If the third party is compromised, a seemingly legitimate website can spread malware via this advertising. This is known as Malvertising. A recent example of this happened to MSN.com, where users who visited the site had malicious software installed onto their computer. To prevent this kind of attack you can install a plugin for your browser called ‘AdBlock Plus’. It can be downloaded from here.
Malware is often installed by taking advantage of security holes in popular software. Programs such as Adobe Flash Player and Reader, Google Chrome, Mozilla FireFox and Internet Explorer are very popular programs and are a target for cybercriminals. If you are running an outdated version of any software, security holes exist that allow cybercriminals to install malware or remotely access your computer. Ensuring you are running the most up to date software will help to protect your computer from being compromised.
Security holes in your operating system can also be exploited in a number of ways. Always ensure you are running the latest version of your operating system by running Windows Update if you are a Windows users or Software Update if you are a Mac user. Windows Update can be run on a PC by holding the Windows Key on the keyboard and pressing the letter ‘R’. In the run dialog box, type in ‘control update’ and then press enter. You can then click ‘Check for Updates’ and ‘Install Updates’. Software Update can be run on a Mac by clicking the Apple Button at the top right of the screen and clicking on ‘Software Update’. When the window appears click on ‘Check Now’. If updates are available you will be prompted to install them.
Creating strong and unique passwords is another way to stay safe online. If a cybercriminal compromises a website you access, they can steal the password you use to access the site. If you use the same password on your banking, email, Facebook and other accounts, cybercriminals will have access to all of your accounts. Creating unique passwords for each online service will help keep you safe. Creating and managing strong passwords can be done using KeePass (available from www.keepass.info), which can be installed on both PC and Mac. If the idea of a password manager is daunting, you can write unique passwords down in a notebook stored in a safe place. This won’t protect you from a break-in, where the burglar has access to your password notebook and physical access to your PC and all your files, but it will keep your passwords safe from cybercriminals.
Malicious attachments and links in emails are another way your computer can be compromised. The best way to avoid this kind of attack is to never click links or open attachments in emails if you are not sure of the source. Even if you do know the source it’s a good idea to check with the sender to ensure they meant to send you the attachment or link. Innocent looking PDF and Word documents may exploit security holes when opened. Legitimate looking links may lead you to a clone website that has been created to steal your passwords.
An alternative to AVG free is to use Microsoft Security Essentials. It is available for free download from here. This offers similar security to AVG Free without compromising your privacy. Paid internet security offers better protection than free products. The program I recommend is ESET Smart Security which can be purchased from Grenfell Internet Centre.
If you would like to know more about protecting yourself online or if you have any other technology related enquiries, give a call on 02 6343 1720 or pop into Grenfell Internet Centre next door to the Community Hub in Main Street.