The top 10 check list for your internet security
Internet security software is a first and important step to protect yourself from online threats. An up-to-date virus scanner, enabled firewall as well as the latest patches and updates ensure that a majority of the threats are ineffective. But software alone cannot provide 100 percent protection.
Your active participation is a necessity. But do not worry; you only need to observe a few basic internet security rules that have more to do with common sense than with technical knowledge. Simple ways of going about this are at the top of your instant-relief list and should always be heeded:
Tip 1: Installing an up-to-date virus protection and switching on automatic updates
A virus protection with the latest update is the basic protection that each device should have – be it a PC, laptop or smartphone. Once installed make sure that the software is always up-to-date.
A free virus protection like Avira Antivirus is sufficient for most applications, but those who intensively browse the internet should invest in the additional functions that are available from the vendors.
Tip 2: Use an active and correctly configured firewall
No computer should be roaming the internet without an activated firewall. Usually it makes sense to reject more or less all incoming connections; no services that must be accessible from outside (the internet) run on a normal PC.
Tip 3: Everything is always up-to-date
Software contains errors. This applies to the operating system as well as to the application programs. That’s why it is important to fix the error immediately after it has become known. Updates, patches, fixes – every vendor offers software patches that fill dangerous security gaps. If you have a hard time keeping up with all the updates, consider installing a software updater which will help you with this task.
Tip 4: Using strong passwords
Even if it hurts: secure passwords are more complicated than your cat’s name or 123456. Modern password-cracking software allows hackers to crack a simple six-digit password in under a minute. The worst: All security measures are undermined by anyone who has the password. Luckily there are numerous tricks which let you memorize passwords better, for example by using the first letters of a long sentence.
Password managers are also helpful. They automatically insert passwords into websites and applications when necessary. Likewise: every account or access needs its own password that is changed regularly.
Tip 5: Browser safety inspection
The browser is probably the most widely used program on computers. That’s why it should always be up-to-date and dangerous default settings must be changed. The following aspects are especially important:
- Executing active codes/Disabling contents. Examples of active contents are Java, ActiveX applets, Silverlight, Flash, etc. These settings can be used for all websites (general settings). Exceptions can also be defined for guaranteed benign websites.
- Preventing identification. Modern browsers can signal to websites to store fewer records about the visit (do-not-track). If the browser does not support this function, then the corresponding extensions (“add-ons”) take over.
- Deactivating cookies. Websites should not be able to identify visitors unless this is expressly desired. Identification is mostly done using cookies. Cookies can be disabled, even for each individual website. Extensions that disable and block cookies are available for all browsers.
Security software, such as Avira Browser Safety for Google Chrome or Firefox, can alleviate some of these tasks or take them over completely.
Tip 6: Caution: a perennial issue, e-mails
Do not open unidentified attachments. Documents or supposedly exciting photos and videos can hide malware – any suspicious e-mail should be scanned beforehand.
Do not respond to undesired (spam) e-mails. Never respond to undesired mass mailings (spam), not even to unsubscribe yourself from the respective mailing list. The sender uses the logout attempt merely to confirm that the address is valid and will only send you more spam.
Spam is a scam. Always. Buying products from a spam e-mail usually means you get nothing or cheap junk in return. In any case, you have unwittingly thus supported spammer, and encouraged him to flood the internet with millions of annoying e-mails.
Tip 7: Online banking with caution
A reputable bank will never intentionally ask for personal information via e-mail. If the e-mail looks as if it could be genuine, then it you should make a quick verification call to the bank. Alarm bells should also be ringing whenever the bank’s website looks different (even if only slightly) than usual.
Tip 8: Two-factor authentication secures online accounts
Most major website operators, such as Google, Facebook (in the security settings) or PayPal, now enable login with two security settings, for example with a password and smartcard or by sending a code to your smartphone. The setup is quite simple and described quite well by the respective vendor.
Tip 9: Human weakness
Cyber criminals are only too happy to exploit human weaknesses in order to spread malicious software and, unfortunately, are successful in doing so again and again. Typical examples are:
- banner ads suggesting you’re their 1,000,000th visitor. The banner is the same for everyone who sees it – the offer or winnings are very questionable.
- Very popular among cyber criminals are supposedly lurid videos or photos on social networks: car accidents, scandalous scenes from popular TV shows, scantily clad women or spectacular sporting events. Clicking on the link takes you to sites teeming with malware.
- Incredibly sounding offers, such as leftover tickets for soccer’s World Cup or the Olympics, cheap brand name watches or holiday offers. What sounds too good to be true is just that: not true.
Tip 10: A user account does not need administrator rights
A user account without administrator rights reduces the risk posed by the operating system and the programs installed on it. This is one of the reasons why many corporate IT departments restrict access to administrator rights.
This article is also available in: German