By now, we all know not to reply to emails we get from someone in Nigeria asking us to wire them money. We roll our eyes at comments that say “I made $10,000 in just three hours for staying at home and going on my computer! Click here to find out why!” We ignore things in our inbox that claim we’ve won a lottery we’ve never played and we run far, far away from things that outright ask us for our credit card info.
But that doesn’t mean being secure on the internet is always easy. While we recently covered some tips for maintaining online privacy in your personal life, there are so many other ways you could be “vulnerable.” Sometimes there are things beyond our control: Heartbleed, the biggest security breach in internet history, recently threatened the security of nearly half a million websites, while an Internet Explorer bug has allowed hackers to take control of computers and steal information. Other times, the email, ad, or website seems so convincing it’s hard not to become a victim.
Here are some ways to keep you, and your information, safe on the internet.
Make your passwords guess-proof
Believe it or not, the most common passwords in 2013 were “123456,” “password” and “12345678.” Seriously, guys, we can (and must!) do better than that.
Many sites are actually doing all they can to make it so that you have a strong password by requiring its users to do things like include capital letters, numbers, and symbols. Although it’s a pain, it’s also worth it to create strong passwords — given how much more of ourselves, our information, and our lives go on the internet, keeping our accounts secure is crucial.
Some general rules of thumb when creating your passwords:
- Create a password that’s at least 8 characters in length.
- Use a combination of numbers, letters, and (when possible) capitalization and symbols, such as B3y0nc3&J4yZ!
- Try a phrase. You can either make the phrase nonsensical — C4kesLoveL1GhT — or you can take the first letter of every word in your phrase. “My pet loves to play fetch” becomes “MPLTPF.” Be sure to take on some numbers or symbols.
- Don’t make all of your passwords the same. If someone can guess one of your passwords, then they’ll have access to all of your accounts.
Avoid phishing emails
Phishing emails are tough because they often look like emails from an official source. Check out this email from PayPal.
The subject line looks okay (there are no spelling mistakes or grammar issues). The send address says @paypal.com. It even looks like an email from PayPal — so it’s probably legit, right?
Unfortunately, the links in the body of the email don’t go to Paypal.com; they go to some obscure site that will likely have you input your information and steal it.
So how the hell do you avoid this?
Straight away, know that most official companies will not send you an email that:
- Asks you to change your password by clicking a link
- Requests some type of “verification” of your account
- Asks you for any personal information whatsoever
But on the off-chance this does happen, as it did recently when many sites emailed its customers to tell them to change their password because of the Heartbleed bug, don’t bother clicking links in the email.
Instead, always go to your browser and type in the URL yourself. This will guarantee you’re going to the correct site and, more often than not, it will alleviate any fears that your “password has been compromised” because you’ll be able to log in just fine! Find more phishing email tips here.
Avoid any email that offers you a service for free or cheap
I never realized how often this happens until I became the co-owner of Positively Smitten. We get emails all the time offering to “help” us with everything from making our site rank better in search engines, to providing us with content for a “low cost,” to giving our site a complete makeover. These are all scams. Delete and don’t look back.
Don’t click random internet ads
The thing about advertising on the internet is anyone can do it. This means some ads are completely legitimate, while others direct you to sites with less-than-honorable intentions. Those weird ads that pop up for weight loss or the best places to meet local singles or whatever else — don’t click on them, ever! Even Facebook ads can sometimes be misleading, so proceed with caution.
You should also be careful when you’re Googling (or Binging, or whatever). Many of the links that you think Google or Bing are providing you are actually ads (typically at the top or on the right-hand side of the search results page) — and they can be malicious ones intended to steer you away from official sites.
Download an ad blocker, such as Ad Block Plus, to help eliminate most issues with ads.
Stick with secure sites
Need to make a purchase for something online? Try to stick with either sites you’ve previously had experience with, sites that come highly recommended from people you trust (because they’ve had experience with them), or sites that have brick-and-mortar stores. Don’t buy a TV from a site called High-Quality-TVs-For-You.org. Don’t buy tickets to see your favorite band from CheapestTicketsEverWeSwear.com. Stick with what you know.
If you’re unsure, either don’t purchase from that site, or do a little research. You’ll be surprised what you can find when you type in a company name plus the word “review.” (You can also try it with a company name and the word “scam” after to see what comes up.)
Use your wits
If it sounds too good to be true, it is. This is true in real life, and it’s most definitely true online. CraigsList ads that offer you a 5-bedroom house for only $600 a month in rent in the state of Connecticut are simply a scam. An email telling you that you’ve been selected to win $1 million from your credit card company is not real. And there’s no such thing as a “free” anything. Sorry.
Shady sites are relying on you not to pay close attention to what you’re clicking on. So pay attention! Always know where you are clicking, where you are on the internet, and what information you are giving a site (and why, of course). A purchase from a clothing store does not require your social security number, so don’t give it out. Capiche?
Keep on keepin’ on
With all this information and the talk of this security breach and that, the internet can sound like a very scary place. It can be, sure, but it doesn’t have to be. In the real world, we take precautions every single day to make it so that bad stuff doesn’t happen to us. We look both ways before we cross the street. We don’t answer the door for people we don’t know. We ask officials to show us their credentials. We keep our credit cards and private information tucked away someplace safe. We lock our doors. We duck our heads and say “no thank you” to the salespeople who are offering us “free trials” of X, Y, or Z. Why should the internet be any different? If you’re careful, if you’re alert, and if you take a few precautions, the internet suddenly becomes less scary and more like a fun place to look at pictures of puppies.