How to Stay Safe Online

What is a reliable way to stay safe while on the Internet? If you were to ask my fourteen-year-old self, he’d tell you to just go into Incognito mode when you open your browser and you are good to go. Online privacy and safety secured. Turns out that wasn’t quite true.

Many users (of all ages) still believe that browsing in incognito mode offers some kind of anonymity and invincibility on the internet. Nothing like it. The truth is that this doesn’t make you invisible to anyone and anything that matters. Sure, your browsing history doesn’t get stored on your device, but so what? Your internet service provider (ISP) and the websites you visit can still track your activity. And if they can do that, then what’s left for scammers, snoopers, hackers, and other types of cybercriminals?

So don’t be me from when I was 14 and think that just because your browsing history and cookies aren’t’ saved, you can’t get scammed or hacked. There’s a lot more that goes into staying safe on the Internet than just pressing “Shift + Ctrl + N” and it will be explored in detail within the next paragraphs. If you care about your online safety, I suggest you read carefully and diligently apply the provided tips.

Online threats that surround our everyday life

Before I get into the specific tips, I must quickly go over the main types of threats you can be exposed to on the Internet. This is for those of you who aren’t completely convinced that spending time and effort on protecting yourself on the web is worth the hassle:

• Identity Theft: Cybercriminals have an entire toolbox of methods to steal sensitive personal information that can be later used to impersonate you.
• Data Breaches: Even when you are keeping your data safe, hackers can still gain unauthorized access to it from external sources, where it’s being stored.
• Malware and Viruses: Bad online safety habits often lead to attacks from various types of malicious software designed to harm your device or steal information.
• Phishing and Scam Emails: These are deceptive messages that aim to trick you into revealing sensitive data. Knowledge and rational thinking are the best ways to protect yourself against them.
• Fake Websites and Online Scams: Cybercriminals can create sites that very convincingly mimic legitimate ones, which lets them lure you into sharing personal info or even spending money on such sites.
• Romance Scams: Some online scammers lean heavily into the emotional manipulation aspect to extract personal information or funds.
• Inappropriate Content and Cyberbullying: The Internet is doubly dangerous for children, who are much more impressionable and easier to manipulate.

Of course, this is by no means an exhaustive list. I just listed a bunch of the more common threats people face every day when they go on the Internet. The good news is that the following list of actionable tips will greatly reduce the chances of getting tricked, scammed, hacked, blackmailed, or having your virtual security and privacy compromised in some other way.

Tips to Stay Safe Online

You’ll need a combination of awareness, good habits, and the right tools if you want to stay safe online. I strongly recommend that you implement as many of the following strategies as you can if you want to maximize your security levels while on the Internet:

Consider the Type of Network You Are Using

Your home network is a lot more secure compared to public Wi-Fi, which is something important to consider when browsing the web:

• Avoid Sensitive Transactions: When you are using public Wi-Fi, I strongly recommend that you refrain from online banking or shopping. Hackers can more easily intercept your connections on public networks and steal sensitive data, including credit and debit card numbers.
• Consider Using a VPN: If you absolutely must perform a sensitive action while using public Wi-Fi, then at least do it through a VPN (Virtual Private Network). Reputable VPN providers offer greatly enhanced connection security, ideal for when the Wi-Fi you are using might not be the safest.
• Assess and Improve Your Home Network’s Security: Most home networks aren’t as safe as they could be, but there’s a lot you can proactively do to make yours more secure.

If you want to learn how you can greatly improve the safety of your network, check out our How to Secure Your Home Network Guide. LINK!!!

Create Strong, Unique Passwords

Most people don’t pay nearly enough attention to how strong and reliable their passwords are. Don’t be one of those users who use “abc123” as their go-to password for all their accounts:

• Password Length: Use at least 12 characters. The usual 8-character password requirement on most sites is too weak.
• Password Complexity: Always use a combination of upper and lower case letters, numbers, and special symbols, or your password will be too easy to brute-force.
• Avoid Common Patterns: No sequential numbers, repeated characters, or personal info that’s easily guessable if someone knows when you were born and where you live.
• NEVER RECYCLE PASSWORDS!: Each of your accounts must have its own unique password that’s not used anywhere else.
• Use a Password Manager: Some people are better at keeping track of multiple complex passwords than others. If you think you are in the second category, consider getting a password manager to help you with that.

Passwords – you must never underestimate their importance or overestimate the strength of the ones you are using. If you want to learn more about how to create beter passwords and manage them more easily, check out our dedicated How to Create a Strong Password article.

Enable Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is a must nowadays, especially for highly-important accounts, such as your email accounts or your accounts on financial sites.

• How It Works: MFA is a second or third security barrier in addition to your password. It might require a one-time code sent to your phone, answers to security questions, or biometric data like fingerprints.
• Avoid SMS-based MFA: Scammers have very clever ways to bypass SMS-based authentication, so I strongly recommend replacing it with something more secure if possible. Use encrypted messaging apps like Signal or specialized authenticator apps like Google Authenticator or Authy.

I know having to enter a single-use code in addition to your password every time you try to log in is annoying but, trust me, it’s worth it considering the alternative.

Keep Software and Operating Systems Updated

Outdated software can have vulnerabilities that cybercriminals exploit. Most apps and programs have automatic updates enabled by default, but it’s still worth checking that.

• Regular Updates: If any of your OS or any of your programs or apps don’t have auto-update enabled, make sure to turn it on.
• Manual Updates: If any of your programs/apps don’t have an auto-update function or you keep it disabled for some reason, then make sure to manually download and install new updates.

It’s usually a bad idea to keep outdated software on your PC. Bear in mind that anything that hasn’t received an update in a while can be a potential security vulnerability.

Verify Website Security

Insecure/fake sites and pages are one of the most prevalent ways of tricking users and stealing their data/infecting them with malware.

• Look for HTTPS: Secure website URLs begin with “https://” and display a padlock icon in the address bar. If you don’t see that for a particular site, leave the site immediately.
• Assess Website Quality: Legitimate sites are professionally designed, free from spelling errors, and have consistent themes.
• Trusted Payment Methods: Reputable e-commerce sites use standard payment gateways like credit cards or PayPal. I recommend not purchasing anything on sites that use payment methods you haven’t encountered before.

Most modern browsers will immediately warn you when a particular site is potentially unsafe and block you from visiting it. You can override the warning and still go to the site, but I strongly recommend against it.

Also, though this security feature exists, it’s not flawless, so always use your own common sense to assess if a particular site looks trustworthy.

Review Privacy Settings and Policies

Personal info that’s publicly available on social media can be exploited by scammers. Take control of what personal info is visible to strangers on the Internet.

• Adjust Privacy Settings: Configure your social media profiles’ settings to limit what information can be seen by people outside of your friends list.
• Read Privacy Policies: Understand how websites and apps collect and use your data.
• Be Realistic About Privacy: Remember that no setting guarantees complete privacy; always be cautious about the information you share both in your profiles and in your social media posts.

Be Cautious with Links and Emails

Phishing is a very real danger, so you can never be too careful with random links and file attachments sent to you, even if they appear to be from a well-known entity or organization.

• Don’t Click Suspicious Links: Never interact with any links or download anything attached to emails or messages if you aren’t a hundred percent certain it’s not something malicious.
• Verify Sender Identity: If an email sender claims to be a well-known organization or company, cross-reference the sender’s address with the official email addresses on that organization/company’s contact form. Then also check for email spoofing. Only if both checks are passed should you consider trusting what’s in the message.
• Contact Sources Directly: Even if a particular email you’ve received seems legitimate, I still recommend contacting the company/organization directly through their official contacts to inquire about the message they’ve supposedly sent you.

Generally, your rule about assessing the legitimacy and safety of email messages (especially ones with links and/or file attachments) is to assume they are a scam until proven otherwise.

Device Security

I recommend making use of all available ways to secure your various devices. A bit less convenient but a lot safer.

• Biometric Authentication: Most modern devices can be locked using biometrics such as facial recognition or fingerprints, and they are generally safer than passwords, so I recommend using them when they are an option.
• Install Antivirus Software: If you really care about the security of your devices, especially your laptops and desktop machines, I recommend getting dedicated security software. One such tool I’ve been using for a while now is SpyHunter 5 and I can verify it has saved me from a number of malware threats over the years.

Regular Data Backups

One of the biggest data security mistakes that almost all users make is they overlook the importance of regularly backing up their data.

• Use External Hard Drives or Cloud Storage (or Both!): I strongly recommend having at least one external SSD and one cloud storage space, and use both for backups of your most important files.
• Automate Backups: Manually backing up stuff can be a tedious chore, but you can set that process to happen automatically, according to a backup schedule you determine.

Backups can save you a lot of headaches if you get attacked by ransomware or another type of malware. But aside from that, it’s also invaluable in case your main device gets lost or if the files on it get corrupted due to hardware damage.

Close Unused Accounts

Old accounts can be weak links in your security, especially ones you haven’t accessed and updated in a while.

• Delete Inactive Accounts: Remove accounts that you’re no longer using.
• Request Data Deletion: An additional security measure is to contact the respective service providers to ensure your data is fully removed from their servers.

Deleting old accounts that you no longer use is important mainly because data leaks can expose personal info stored in them. This can help scammers and hackers target your other online accounts.

Additional Ways to Stay Safe Online

Here, I quickly go over a bunch of additional security suggestions that aren’t as essential or may seem pretty obvious to you, but are still worth mentioning:

Log Out After Use

Always log out of accounts after you’re done if you are using shared or public devices. This reduces the risk of unauthorized access or cross-site request forgery attacks.

Use Privacy-Aware Software

• Choose Secure Browsers: Browsers like Brave or Firefox offer enhanced privacy features.
• Get an ad-blocker: If your browser of choice doesn’t have a built-in ad-block, get an ad-blocker extension. Seriously, this can save you from tons of misleading and malicious ads.

Separate Work and Personal Activities

Keep your professional and personal online activities distinct. Use separate email addresses and, if possible, separate devices for your work and personal activities.

Be Wary of Online Interactions

It’s been said many times, but it has to be said again: Do not blindly trust random people on the Internet, especiallyif they start asking you for personal info.

Also, remember that photos of you publicly available on the web can be used to impersonate you, so make a conscious decision about if you want to let random strangers access real-life images of you.

Encrypt Everything

• Encrypt Hard Drives: Use built-in tools or third-party software to encrypt your device’s storage.
• Secure Communications: Opt for encrypted channels for messaging and emails when sensitive information is being shared. VPNs can help here.

Utilize Open-Source Software

Some of you may disagree with this but I recommend using open-source software that allows for community scrutiny if you care about online privacy. Obviously, you still need to be careful with the specific programs you install. Always research them prior to downloading them to see what the online community has to say about them.

Online Safety Rules for Kids

If you have children and you allow them to go on the Internet, then it’s your responsibility to first teach them some basic online safety tips and rules. This is crucial both for their own safety and for the overall security of your devices and data Here are key areas to focus on:

Digital Footprint Awareness

Explain to your kids that their online actions leave a lasting impression and that what they do online can have real-life consequences:

• Encourage them to think before posting and to avoid sharing personal information.
• Explain how online behavior can impact their future.

Importance of Strong Passwords

Instill good password habits early on. Teach your children the importance of using strong passwords, but also ones that they can remember.

Safe Communication Practices

Guide your kids on interacting safely online.

• Teach them to identify and avoid phishing attempts or inappropriate messages.
• Encourage kindness and educate them about cyberbullying.

Parental Controls

No matter how much ou strive to teach your children good online safety habits, kids will be kids, so you can never fully trust that they’ll remember and apply your advice. There’s a reason why most devices and apps offer parental controls and I suggest you make good use of them.

Create a separate user account for you children on your computer that place restrictions on some actions or, if the child/children have their own devices, turn on parental control in the browser and other apps to ensure that inappropriate or harmful content can’t be opened or downloaded.

How to Stay Safe on the Internet: Conclusion

Staying safe online is an ongoing process. There isn’t a single action or set of actions that will ensure yoru online safety for good. Instead, you must apply vigilance, make informed choices, and take proactive measures constantly to ensure that your and your family’s virtual privacy and security don’t get compromised.

If you adhere to the tips and advice provided here, this can significantly reduce the risks associated with internet use, but I recommend digging even deeper. The Internet landscape changes every day and new dangers arise all the time, so I advise you to always update your knowledge just as you always update your OS and antivirus. Only this way will you make your devices, data, and online profiles as safe and secure as possible.