Cybersecurity awareness month: the 4 biggest security mistakes to avoid

Young woman using mobile phone against neon light display on city street at night
(Image credit: Getty Images)

Cybersecurity Awareness Month has been celebrated in October since 2002. It's a time for everyone, from everyday internet dwellers to private companies, to come together and work to raise awareness about the importance of cybersecurity in the world we live in.

Today I'll take a look at the four biggest security mistakes that, even now, people still make, and explain why they're so risky.

Mistake #1: reusing passwords across accounts

In a world where security breaches are a common occurrence, reusing passwords is one of the most dangerous digital habits to have.

Protect your digital life

A padlock resting on a keyboard.

(Image credit: Passwork)

Looking for a password manager you can trust? Check out our selection of today's best password managers.

Using the same password across multiple accounts means that a cybercriminal only needs that one password to access your entire digital life.

It's hard to remember all of your login credentials, sure, especially if you have dozens of them – and when many sites force you to create a 14-digit combination of numbers, special characters, and capital letters.

Luckily, this is where password managers come into their own, and I consider them a vital addition to your online security toolkit.

Mistake #2: not updating software

This might seem like a relatively innocuous sin in the grand scheme of things. So you haven't updated your copy of Windows since you installed it, or that copy of Acrobat Reader that sits quietly in the background until you need to view a PDF. What harm could that possibly do?

The answer is far more serious than you might think. As well as bug fixes, updates often contain security patches that block newly discovered vulnerabilities.

In fact, many hackers rely on people not updating their software, because that leaves them with an easy way to access your system and steal your data or install something malicious.

Getting through these updates can be a pain – especially if you're unable to use your device for a little while – but keeping up with them is a no-brainer if you value your digital privacy.

Fake emails and phishing attacks are growing ever more sophisticated. Many of us are bombarded by emails claiming to be from delivery companies, banks, and even family and friends, all of them encouraging us to click on a link to verify delivery, check our bank statements, or send money to help with a broken down car.

Don't click links in emails if it's a message you're not expecting or from an address you don't recognize

At the risk of repeating what has been said many times in the past, please don't click on links in emails if it's one you're not expecting, or it comes from an address you don’t recognize.

These links will send you to fake sites that exist solely to harvest your personal data and login details and, if you’re still making the mistake of using shared passwords, you might have just compromised all of your accounts.

Mistake #4: not using a VPN on public Wi-Fi

Wi-Fi is everywhere, in every shop, pub, bus, train, and office, inviting you to connect and browse the internet. But how do you know that the open Wi-Fi hotspot you're connecting to is what it claims to be?

Sure, some of them have a confirmation page that reassures you you're connecting to the real thing, but it's shockingly easy to make a fake webpage. There's also the simple truth that if a Wi-Fi point is completely open then you have no idea who might be connected to it, who might be trying to peek at your browsing habits or your messages to see what information you're sharing.

If you do use public Wi-Fi, then protect yourself with one of today's best VPNs. If you'd rather not pay for an additional subscription, then even choosing one of our best free VPNs is better than using open Wi-Fi without any protection at all.

Disclaimer

We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.

Shaun Rockwood
VPN Expert

After graduating from Stirling University with a qualification in Education, Shaun accidentally fell into the technology sector in the late 1990's and has stayed there ever since, working for companies such as PSINet, IBM and ProPrivacy in a variety of roles from Systems Administration to Technical Writer. Being around since the birth of the modern internet, he's seen the way that technology has expanded to become an integral part of everyday life, and how people's understanding and ability to retain any kind of privacy has lagged behind.

Shaun is a strong believer in the rights of the individual to have their personal data protected and their privacy respected – a belief made all the stronger in an age of surveillance from both governmental bodies and private companies all around the world.

He spends his spare time cooking, riding his motorbike and spending far too many hours in Star Trek Online hunting Klingons and Borg.