How do security experts keep themselves safe online?

How do security experts keep themselves safe online?
(Image credit: Shutterstock)

With hackers seemingly lurking around every corner of the Internet, how do you keep yourself safe online? We turned to the experts to find out. In this guide, we’ll explore six tips that security experts recommend to keep yourself safe online. 

1. Don’t wait to install updates 

Have you been snoozing that system update for several months now? Taking the time to install the update is one of the simplest and most effective precautions you can take to protect yourself against a hack. Often, software developers are pushing out updates primarily to patch vulnerabilities that hackers could exploit rather than to introduce some exciting new features.

If you’re still not convinced that software updates are worth your time, you only have to look back to the WannaCry ransomware attack in 2017. This virus propagated through a flaw in Microsoft’s operating system—a flaw that Microsoft had already identified and issued a software patch for in a system update. More than 200,000 computers were infected by WannaCry, all of them because Microsoft’s system update hadn’t been installed. (Two years later, there are still an estimated 1.7 million unpatched computers and WannaCry continues to cause infections.)

2. Only connect to secure networks 

Cybersecurity experts are quick to warn about the danger of public WiFi networks. When you connect to unsecured WiFi, anyone in range of your signal can get in between your computer and the router—what’s known as a man-in-the-middle attack. Instead of sending your browser requests and data directly to the router, you’re really sending them to an attacker.

Man-in-the-middle attacks aren’t just an issue for your computer, either. If you have a mobile device, its signal can also be intercepted when you connect to a public WiFi network.

If you have to use public WiFi, you have a few options. The first is to stay away from transmitting any secure information. That means no online shopping (which requires that you enter your credit card and possibly a username and password) and no logging into your bank account. The second option is to use a VPN, which can encrypt your data before it leaves your computer in the first place.

Another good practice when connecting to public WiFi is to make sure that file sharing is off. This is a simple step to make sure that no attacker can connect to your computer via the network.

3. Use a password manager 

Reusing passwords is common practice, but you won’t find any security experts doing it. That’s because the first thing a hacker does when they get hold of one of your passwords is to try it on your bank account, your credit card accounts, your email account, and more. If you reuse passwords, a single leak—perhaps one that you have no control over, like from a hack on a company you have an account with—can expose all of your online accounts.

The best way to avoid this problem is to create a unique password for every online account. Of course, you’ll need some help to remember these dozens of unique passwords. That’s where a password manager comes in.

Password managers are typically very secure and most come with a password generator to help you create stronger passwords. At the end of the day, you’ll only need to remember two passwords—one for your computer login and one for the password manager. These should be multi-word phrases that can’t be easily guessed or brute-forced.

4. Think before you click 

Did you receive an unusual email with a link in it? Think carefully before you click. Phishing schemes often include a link that will take you to a compromised website, where malware can be downloaded onto your computer without your knowledge. Attachments can be just as dangerous since even seemingly innocent documents can contain hidden malware.

There’s no magic formula for deciding whether an email is legitimate or not. Even if it seems like it comes from someone you know, there’s no guarantee that their email account hasn’t been hacked. Get in the habit of inspecting links and attachments before you click on them. When in doubt, email the sender back to confirm their authenticity.

Of course, if an email asks you for sensitive personal information, that’s a major red flag. You should never share your credit card information, social security number, or account passwords over email. Legitimate businesses will never ask for this data over email.

5. Install antivirus software 

Security experts also recommend using antivirus software to protect your computer. Many new software packages use artificial intelligence to flag never-before-seen code as malware based on its similarity to known malicious code. That gives you a leg up in the fight against attackers if you do accidentally navigate onto a compromised website.

That said, antivirus software isn’t a cure-all for malware. Experts note that it’s less effective than installing software updates at preventing hacks, and it won’t always be able to save you if you download malware after clicking on a link in a suspicious email.

6. Turn on two-factor authentication 

More and more online services are offering two-factor authentication as an extra measure of security when you log into your account. If it’s available, opt in. Turning on two-factor authentication can prevent an attacker from getting into your account even if your password has been compromised.

However, security experts warn that two-factor authentication is a measure of last resort. For it to be useful, the leaked password must be limited to accessing that single account—meaning you need unique passwords for every account, and therefore a password manager.

Practice safety while planning for the worst 

While cybersecurity professionals point to these six practices as some of the best ways to stay safe online, they’re also quick to point out that these security measures aren’t bulletproof. They may keep your identity from being stolen, but even if you follow all the guidelines there’s no guarantee that a malicious attack won’t slip through to your phone or computer. Thus, it’s important to always keep backups of all your files in case an attack succeeds. 

Michael Graw

Michael Graw is a freelance journalist and photographer based in Bellingham, Washington. His interests span a wide range from business technology to finance to creative media, with a focus on new technology and emerging trends. Michael's work has been published in TechRadar, Tom's Guide, Business Insider, Fast Company, Salon, and Harvard Business Review. 

Latest in Security
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
Latest in News
Google Gemini Robotics
Gemini just got physical and you should prepare for a robot revolution
Lilo & Stitch Official Trailer
Stitch crashes into earth and steals our hearts with the first trailer for the live-action Lilo & Stitch
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
The Discovery+ homepage
Discovery+ just got a big update to its streaming app that makes it more like Max – here are 5 great new features to try
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'