The Essential Guide to Managing Internet Privacy & Security

How transparent is your privacy?  

In today’s world, most people are digitally connected. Have you ever worried about what information you have online, and what others can access about you? Or, have you wondered who else can read your email or chat messages? 

It is estimated that 73% of Americans who use the web are concerned with their online privacy. Nearly everyone has provided their personal information somewhere on the internet. Because the web is playing an integral role in our daily lives, it’s important to ensure internet privacy and security are maintained. Our 5 tips can help you and your friends manage your digital footprint across the web.  

1. Antivirus  

Antivirus software is used to protect your computer against potential threats, invaders, and cybercrime.  Often these malicious attacks are performed to gain personal information such as credit card info and email addresses, or even to hijack your computer. By using a reliable and updated antivirus, you add an extra layer of protection for your device. If a hacker DOES decide to attack your device, your antivirus will step in and keep you safe.   

At KNS, we use Webroot. Learn more about this antivirus software by reading our July 2018 blog post, Benefits of Managed Services: Antivirus Protection.

2. Clear Cookies and History 

Cookies and history are stored files used to help you access information on the web faster. Although they do make searching the web quicker and more efficient, they can have a negative impact on your online privacy.

If you are concerned about how websites are using your personal data, clearing your cookies and web history can help to reduce your digital footprint. By clearing that data, you can prevent websites from storing important personal information.  

3. Change Passwords 

Changing your account passwords helps to limit the potential threat of a breach. In some cases, when hackers gain access to your device, they monitor your account for data to steal over time. Changing your password every month will drastically help to prevent unauthorized account access to your accounts.  

4. Lock Your Device 

Locking your computer is a great way to protect your data while you are away. When you press CTRL + ALT + DEL on your keyboard, you will see the option to lock your device. This option does not close any programs that you are currently working on – it will simply prohibit others from accessing your device unless they have the correct credentials. When you are ready to use your device again, just press CTRL + ALT + DEL and log in.  

5. Public Wi-Fi  

Public Wi-Fi can be found in popular areas such as coffee shops, airports, restaurants, and hotels. While public Wi-Fi allows you to access the internet for free, it also opens the door to other users who are connected to the same network. It can be an opportunity for hackers to hijack information you are transferring through the network. Typically, public Wi-Fi networks have minimal and even flawed security.

If you choose to use a public network, there are a few things you can do to minimize risks:  

  1. Use a VPN (Virtual Private Network) whenever you connect to a Wi-Fi network on any device (learn how by reading How to Connect to a VPN in Windows 7). 
  2. Disable file sharing (Control Center > Network and Sharing Center > Change Advanced Sharing Settings> select “off” for all options listed). 
  3. Only visit websites that use HTTPS encryption (each website URL should start with “https”, which means the all communications between your browser and the website are encrypted/secure). 
  4. Log out of all accounts when done.

Top 10 Tips on How to Avoid Phishing Scams [Successfully]

Our email inboxes are constantly under attack. 76% of organizations say they experienced phishing attacks in 2017, and those attacks have cost organizations over $600 million¹. It’s important to educate yourself (and your employees!) on the logistics of phishing attacks so you can fend them off.  

Phishing is when criminals pretend to be a valid sender or organization and attempt to steal your important information. One method phishers use to steal information is through fake emails. These emails contain links to authentic-looking websites, and attempt to lure people into revealing personal information.  

According to Symantec’s 2018 Internet Security Threat Report (ISTR), over 14.5 billion phishing emails are sent every day all over the world.   

So how can you avoid being a victim of these rampant phishing scams? Follow these 10 basic tips: 

1. Examine Email Addresses

Email scams come well-disguised. While some are easy to spot (e.g. containing misspelled words, or odd sender names), others are deceptive and closely resemble emails sent from a valid sender. If you hover over the sender name, you can identify what address the email is coming from (see below). If you don’t know the sender, DO NOT click on any links or attachments included in the email.  

2. Examine Links – Hover over links to view actual website address

Often, hackers and malware distributors try to conceal the destination of the phishing site by using hyperlinks. Hyperlinks can disguise an actual link’s final destination (AKA target URL)- for example, an email may say “Pay your bill immediately… click here”, or it may show an actual URL like this: http://instantbillpay.org. But you often can’t immediately see where you will end up if you click on the link.  

Similar to our first tip, it is important to hover over a link to verify the target URL before you click on it. The target URL will appear as a pop out window, or on the bottom footer of your email. If the URL looks fishy (no pun intended), don’t click it!  

3. Watch for Suspicious Requests

Have you ever received an email where the sender requested your email password? Or said you elected to cancel an account (but you didn’t)? This should immediately raise a red flag – the sender could be disguised as a valid entity (such as Gmail), but is actually a hacker attempting to steal your personal information. Before you share your information, pick up the phone and call the entity to verify it is a legitimate request.  

NOTE: Be careful that you call a valid phone number for that entity – some phishing emails may go so far as to list a phone number to call… we recommend locating an official support line for that entity (legitimate numbers are typically found on a company’s website).  

4. Keep your computer and web browser up to date 

Keeping your computer and web browser up to date helps to prevent any vulnerabilities from being exploited. If you are running on a Windows device, you can easily update your computer by navigating into the Control Panel and accessing Windows Update Settings. Browsers are typically upgraded automatically, but in case you needed the latest version you can also download it on the browser’s website. See a few basic browser update links below: 

Chrome Update 

Internet Explorer Update  

Mozilla Firefox Update 

Updating computers can be time consuming, and it is often tough to keep track of updates while handling the many other demands of your business. Hiring a full-time IT monitoring service or employee is a great way to allow yourself to focus on your customers and business.  

5. Check your accounts and change passwords regularly

Phishing scams exploit important information like login credentials. Phishing can be elusive and account hacks often go unnoticed. Therefore, its best to check your accounts regularly for any unauthorized access, and to change your passwords often. 

6. Use professional antivirus software

If someone in your organization does fall victim to a phishing cyberattack, an anti-malware software can assist in preventing a hack from occurring on your network. Make sure this software is up to date with the latest definitions. It is also a smart idea to have someone monitor your software to ensure all updates are made quickly and effectively.  

7. Count on Authenticated Sites

If you visit a website, ensure that your data is encrypted and protected. How can you know? A protected website includes SSL encryption usually signified by a padlock located near the URL of the website. When you click on the padlock, you can see the name of the organization that applied for SSL encryption. If the names do not match, it is probably not a safe site!  

8. Update your Browser and Use Popup Blockers 

NEVER click on a popup! Instead close them from the system tray menu. It’s important to regularly update your browsers and increase browser security settings. Browsers like Google Chrome offer add-ons that help to remove popups from appearing on your device.  

Chrome Pop Up Blocker 

9. Don’t open unknown attachments unless you know the sender and are expecting the document 

Is that email attachment malware in disguise? Spear phishing is an email spoofing technique where the sender targets a specific organization and personalizes their email attack. Even if an email is addressed to your organization, or has your managers name on it, it could contain malware.  

If you are unsure about an email’s content/source and you can’t contact the source via phone, search the email on google. You may find that other users have received the same email, and can assist you to verify the email’s legitimacy.   

10. Stay Informed

In the end, it all comes down to preparation and smart-clicking! If you don’t open the door for a hacker to attack, you will greatly reduce your likelihood of downloading viruses. Be aware of security-related news, consistently monitor and update your networks, and feel free to ask us experts for any advice!  

 

 

Kitsap Networking Services, Inc. is a great, local choice for outsourcing your I.T.  Let us handle your updates, backup, antivirus, and employee technical training… so you don’t have to!  

 

Post Sources

1. “Wombat 2018 State of the Phish”

2. Phishing image courtesy of www.vecteezy.com

 

3 Internet Scams You CAN Protect Yourself From

 

There are many kinds of scams, malware and dangerous files on the internet. Learning how to stay safe while browsing the internet can help prevent vulnerabilities within your computer and network. Several things to watch out for when surfing the web include the following: phishing scams, unreliable downloads, and spoofed links. 

Phishing   

Did you know that 95% of successful cyberattacks are a result of phishing? 1 Phishing is a form of fraud in which an attacker impersonates a reputable entity to gain important personal information. This can come in many forms, including fake websites, emails, or even phone calls requesting personal information.   

How can you protect yourself?   

No one wants to be victim of a phishing scam. We could write a book about how to avoid these scams, but we’ll start with one sound piece of advice: Be sure to validate the sender before giving out your personal information. Interested in learning more? We will be posting a “top 10 basic ways to avoid phishing scams” on our blog later this month!  

Internet Downloads  

Most important data are stored on personal devices such as computers. Because of this, it has never been more important to protect yourself against hackers. One of the many ways hackers can access (and attack) your computer is by getting you to download unsafe files. These unsafe files are not always easy to identify, and if downloaded can infect your device with malware or viruses. These viruses are then used by hackers to obtain important data from your device.   

How can you protect yourself?   

You can prevent the possibility of your device getting infected by malware by (1) running scans on all downloaded software and (2) evaluating the download site. Sites like https://www.virustotal.com/ include free scans to detect if downloaded data includes malware. However, these free sites only include minimal protection. The best route to take is to get an antivirus software and hire someone to constantly monitor your network.  

Beware of Links  

Legitimate companies occasionally email customers with a link asking to verify your personal information. These types of emails are often forged by scammers to steal personal information. If it is a company you often use (i.e. online shopping, subscriptions, previous business communications, etc.), you may be tempted to immediately click the link to verify the requested information. It is important to educate yourself on how to identify a safe link from a spoofed link.  

How can you protect yourself?   

Check the URL provided to ensure it is coming from the exact correct address. Just because an address looks mostly normal, it doesn’t always mean you are on a legitimate site.  

For example, the URL “https://amazonn.com” is a spoofed website that contains a similar look to “http://amazon.com“. The website is fraudulent and will try to capture and steal information that users enter. 

How can you check if a website is verified?

  

Look for signs that the site is secure and encrypted. The beginning of the website should include “https” or a padlock icon like the one pictured above; these indicate that your data on the website is encrypted and protected.  

For more information on safe practices for internet browsing, be sure to follow us on Instagram and Facebook! We will post each week with alerts about our new blog posts. For our technical services please contact us at (360)-516-6741.  

Sources: 

  1. https://www.infosecurity-magazine.com/news/phishing-remains-top-attack-vector/