From working, to shopping, to dating, we are conducting an increasingly larger proportion of our daily activities online. With our laptops and smartphones becoming akin to virtual extensions of ourselves, it is easy to become complacent about online security and unknowingly reveal personal information over the Internet. However, when you’re not careful about what you share on the web, you are vulnerable to online fraud, personal data mining, and even identity theft. While, unfortunately, it isn’t really possible to use the Internet without leaving any digital footprint, following these online privacy protection best practices can ensure that you’re better protected from malicious hackers and fraudsters.
Make sure you have antivirus software and a firewall installed on your system. Windows Firewall comes as standard with the latest Windows installations, so you just need to make sure it’s turned on. Anti-virus software may seem like a no-brainer, but many of us neglect to purchase anti-virus protection after the 30-day free trial of the anti-virus software that comes with the computer expires. For basic protection, AVG or Avast are good, free anti-virus software options.
Although many of us use our laptops to connect to the Internet via WiFi when we’re on the go, such as at the coffee shop or the airport, remember that any data you enter over an unsecured Internet connection may be compromised.
Finally, make sure your PC is protected by a strong password.
Check all the security settings on your browser to see what information is being stored. One important browser setting has to do with cookies – bits of information that web servers store on your hard disk, such as user names and passwords. Cookie settings are important because they can allow sites to track your navigation on those sites. Depending on your preferred level of security, you should either set your browser to block all cookies, turn on cookie notices to warn you when a cookie has been installed, or accept cookies only from certain sites or certain types of sites.
Also, remember to always clear your browser cache and browsing history before leaving your computer for any length of time. Or if you’d like to keep your browsing history private at all times, take advantage of private browsing now available on most browsers, assuming you have the latest version. You’ll find this feature labeled as “InPrivate Browsing” when using Internet Explorer, and “Incognito” when using Google Chrome.
It can be a pain to have to remember a million different user names and passwords, but you should vary both user names and passwords across your various online accounts to protect them from hackers. For example, your Gmail log-in credentials should be different than your credit card log-info, which should be different from your PayPal login, etc. You should also, every so often, change your passwords for important accounts, such as your primary email address and financial accounts. The best passwords contain a mixture of numbers and symbols.
To further complicate things, you also need to avoid using actual words in your passwords because hackers use scripts that run through all of the words in the English language to try to guess your password. A good password doesn’t have to be impossible to remember, however. For the text portion of any given password, you can make up a silly acronym that means something to you, such as ILTGFWIR, to stand for I Like To Go Fishing When It Rains (just make sure you don’t use this same made-up “word” across all your accounts). When you change an account’s password every six months or so, you don’t necessarily need to come up with an entirely new password – you just need to alter it slightly, by changing one of the numbers, for example.
Finally, for optimum online account security, don’t rely on your computer to remember passwords – don’t select “Remember Me” or similar options on online accounts.
A growing number people are connecting to the Internet primarily from their mobile devices. If you have a smartphone or an iPad, it’s important that you employ some of the same security precautions you would when going online with your computer, such as being wary of using public WiFi “hotspots.” Set a password for your phone, especially if you use banking apps, or you’ve entered other personally identifiable information on your phone. Be careful about which apps you authorize and what information these apps will access – some apps require you to authorize full access to all of your data.
Today’s smartphones also support various geo-location services. If you feel uneasy about complete strangers having the ability to track your every movement (as you should), turn this feature off.
Generally, you want to avoid using public computers to access your online accounts. If you absolutely must, do everything you can to erase your tracks afterward (such as clearing the browsing history and temporary Internet files cache, making sure you haven’t accidentally clicked the “Remember Me” box or left the computer without logging out of a personal account, etc.). Keep in mind, though, that a sophisticated hacker can install a keystroke logger that will record whatever information you type into a given computer, regardless of whether you’ve logged out of your accounts and cleared the browser history.
Your primary email address is pretty important – after all, it’s the account to which all your other online accounts are connected. Accordingly, be careful about whom, and which websites, you give your personal email address to. As mentioned above, it is wise to change your email address password every so often. It’s also a good idea to set up a secondary email address that you can give to people you don’t know that well or that you can use any other time you feel pressured to give up your email address – depending on the situation, you can even give out a fake account! You also want to use separate email addresses for work and personal matters.
Another option is to use an alias through your primary email address. For example, Google allows you to add a + after your username, followed by any additional text, which then becomes an email alias. Taken straight from the Google help pages:
Gmail doesn’t offer traditional aliases, but you can receive messages sent to email@example.com. For example, messages sent to firstname.lastname@example.org are delivered to email@example.com.
You can set up filters to automatically direct these messages to Trash, apply a label or star, skip the inbox, or forward to another email account.
Aliases are especially useful in detecting where spam is coming from. For example, the next time a website asks for your email address, give them an alias (firstname.lastname@example.org). Then check the spam to see which alias it’s being delivered to.
Another excellent security feature available through Gmail is “2-step verification“, which in addition to your username and password, also requires that you enter a code that Google will send you via text or voice message upon signing in.
A note on phishing – While most of us think we’re too savvy to fall for phishing attempts, it’s important to note that some of today’s phishers are highly sophisticated, to the point that they are able to create a phony bank website, for example, that is almost impossible to distinguish from the real one. Therefore, you should never respond to or click on a link contained in ANY email – regardless of whether it appears to have been sent by your bank, your friend, or a government agency – that requests personal information such as your bank account info, account password, social security number, etc.
Facebook’s security policy is always changing, so make sure you stay up-to-date with the latest policy changes and max out the security settings on your account. Make sure only trusted friends can see your profile and that you don’t share your real birthday (if you must, share the month and day, but leave out the year) on your social media accounts. As with your smartphone, be cautious about sharing your location and about which apps you authorize. And for God’s sake, close that old MySpace account (and, for that matter, any other old accounts you don’t use anymore). Someone could potentially hack into that account and use it to impersonate you.
Many users and privacy advocates are not happy about Google’s latest policy change which allows the firm to build a more comprehensive online “profile” for you by gathering and linking your user data across its various services (Gmail, YouTube, Android and others). However, as with Facebook, the only way to completely “opt out” of what many consumers consider to be an overreaching use of user information is to not use these products at all.