Safety

We are all using the web more than ever before and saving information including digital photos and videos on our laptops, tablets and PCs; shopping online and sharing information via the social networks we have joined. Something we need to think about however is how safe is our data and what are we sharing? It is important to consider what personal information we are sharing and to know how to adjust the privacy and security settings on social networks to avoid the risk of identity theft. Don’t openly share details such as your date of birth or home address.

Ensuring you have the latest security software to eliminate viruses and spyware should be looked at regularly. Being careful about clicking on links or opening attachments from unknown sources; if in doubt don’t do it. Be these in emails or tweets, cybercriminals have become quite savvy in their attempts of spamming and phishing. Cybercrime is big business and includes online identity theft, financial fraud, stalking, bullying, hacking, e-mail spoofing, information piracy and forgery, intellectual property crime, and more.

Here are some other tips you should consider about creating safer passwords, shopping safely online, backing up your data, and what to do if your Twitter account is hacked.

1. Creating safer passwords

Choose a strong password that is at least 10 digits long and includes upper and lower case characters, numbers, and symbols. It is recommended that you have a different password for each account you create and to change these several times a year. Writing your passwords down is fine, but keep this information safe and away from your computer. Google suggests the following tips:

Problem 1: Re-using passwords across websites
With a constantly growing list of services that require a password (email, online banking, social networking, and shopping websites — just to name a few), it’s no wonder that many people simply use the same password across a variety of accounts. This is risky: if someone figures out your password for one service, that person could potentially gain access to your private email, address information, and even your money.

Solution 1: Use unique passwords
It’s a good idea to use unique passwords for your accounts, expecially important accounts like email and online banking. When you create a password for a site, you might think of a phrase you associate with the site and use an abbreviation or variation of that phrase as your password — just don’t use the actual words of the site. If it’s a long phrase, you can take the first letter of each word. To make this word or phrase more secure, try making some letters uppercase, and swap out some letters with numbers or symbols. As an example, the phrase for your banking website could be “How much money do I have?” and the password could be “#m$d1H4ve?” (Note: since we’re using them here, please don’t adopt any of the example passwords in this post for yourself.)

Problem 2: Using common passwords or words found in the dictionary
Common passwords include simple words or phrases like “password” or “letmein,” keyboard patterns such as “qwerty” or “qazwsx,” or sequential patterns such as “abcd1234.” Using a simple password or any word you can find in the dictionary makes it easier for a would-be hijacker to gain access to your personal information.

Solution 2: Use a password with a mix of letters, numbers, and symbols
There are only 26^8 possible permutations for an 8-character password that uses just lowercase letters, while there are 94^8 possible permutations for an 8-character password that uses a combination of mixed-case letters, numbers, and symbols. That’s over 6 quadrillion more possible variations for a mixed password, which makes it that much harder for anyone to guess or crack.

Problem 3: Using passwords based on personal data
We all share information about ourselves with our friends and coworkers. The names of your spouse, children, or pets aren’t usually all that secret, so it doesn’t make sense to use them as your passwords. You should also stay away from birth dates, phone numbers, or addresses.

Solution 3: Create a password that’s hard for others to guess
Choose a combination of letters, numbers, or symbols to create a unique password that’s unrelated to your personal information. Or, select a random word or phrase, and insert letters and numbers into the beginning, middle, and end to make it extra difficult to guess (such as “sPo0kyh@ll0w3En”).

Problem 4: Writing down your password and storing it in an unsecured place
Some of us have enough online accounts that we may need to write our passwords down somewhere, at least until we’ve learned them well.

Solution 4: Keep your password reminders in a secret place that isn’t easily visible
Don’t leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. Also, if you decide to save your passwords in a file on your computer, create a unique name for the file so people don’t know what’s inside. Avoid naming the file “my passwords” or something else obvious.

Problem 5: Recalling your password
When choosing smart passwords like these, it can often be more difficult to remember your password when you try to sign in to a site you haven’t visited in a while. To get around this problem, many websites will offer you the option to either send a password-reset link to your email address or answer a security question.

Solution 5: Make sure your password recovery options are up-to-date and secure
You should always make sure you have an up-to-date email address on file for each account you have, so that if you need to send a password reset email it goes to the right place.

Many websites will ask you to choose a question to verify your identity if you ever forget your password. If you’re able to create your own question, try to come up with a question that has an answer only you would know. The answer shouldn’t be something that someone can guess by scanning information you’ve posted online in social networking profiles, blogs, and other places.

If you’re asked to choose a question from a list of options, such as the city where you were born, you should be aware that these questions are likely to be less secure. Try to find a way to make your answer unique — you can do this by using some of the tips above, or by creating a convention where you always add a symbol after the 2nd character in the answer (e.g. in@dianapolis) — so that even if someone guesses the answer, they won’t know how to enter it properly.

Adapted from http://gmailblog.blogspot.co.uk/2009/10/choosing-smart-password.html

2. Shopping safely online

• Keep a Clean Machine: All the devices you use for shopping – including smartphones and tablets – should have up-to-date software including security software, operating systems, programs and apps.

• When in Doubt, Throw it Out: Links in email, tweets, posts, and online advertising are often the way cyber criminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.

• Think Before you Act: Be wary of communications that offer amazing deals that sound too good to be true, implore you to act immediately – including those about a problem with an order or payment or ask you to view the website via a provided link.

• Get Savvy about Wi-Fi Hotspots:  Don’t share personal or financial information over an unsecured network (a connection that doesn’t require a password for access). Using the direct web access on your phone (via a 3G/4G connection) is safer than an unsecured wireless network when on your mobile device.

• Make Sure the Site is Legitimate: This includes a closed padlock on your web browser’s address bar or a URL address that begins with shttp or https. This indicates that the purchase is encrypted or secured. For new sites, check online reviews.

• Protect your Personal Information: Be alert to the kinds of information being collected to complete the transaction. Make sure the information requested is only that needed to complete the transaction. Only fill out required fields on checkout forms. Check the website’s privacy policy. Make sure you understand how your information will be stored and used.

• Use Safe Payment Options: Credit cards are generally the safest option because they allow buyers to seek a credit from the issuer if the product isn’t delivered or isn’t what was ordered. Credit cards may have a limit on the monetary amount you will be responsible for paying. Never send cash through the mail or use a money-wiring service.

• Keep a Paper Trail: Save records of your online transactions, including the product description, price, online receipt, terms of the sale, and copies of email exchanges with the seller. Read your credit card statements as soon as you get them to make sure there aren’t any unauthorized charges. If there is a discrepancy, call your bank and report it immediately.

Adapted from http://staysafeonline.org/stay-safe-online/resources/top-tips-for-safe-online-holiday-shopping/

3. Backing up your data

Problem: Unfortunately the hard drive on your computer won’t last forever and may at some point crash or your SD card might crack resulting in lost data that you won’t be able to recover. Signs of a declining hard drive may include frequent freezes, seeing the blue screen of death or beginning to find files won’t open and have become corrupted.

Solution: You can purchase an external hard drive and use free software to automatically back up your data. Whilst this does not save your hard drive from crashing it does mean that your data can be retrieved.  A useful guide to setting up Windows 7 back-up and restore can be found here.

4. Knowing what to do if your Twitter account is hacked (compromised)

Accounts may become compromised if you’ve entrusted your username and password to a malicious third-party application or website, if your Twitter account is vulnerable due to a weak password, if viruses or malware on your computer are collecting passwords, or if you’re on a compromised network. Unexpected updates don’t always mean that your account was hacked. Occasionally, a third-party application can have a bug that causes unexpected behavior. If you see strange behavior, changing your password and/or revoking connections will stop it, as the application will no longer have access to your account. It’s best to take action as soon as possible if updates are appearing in your account that you did not post or approve.

Problem: If you have noticed unexpected Tweets made by your account; seen unintended direct messages (DMs) sent from your account; observed other account behaviors you didn’t make or approve (like following, unfollowing, or blocking) or received a notification from Twitter stating that “You recently changed the email address associated with your Twitter account.” (even though you haven’t changed your email address)

Solution: Twitter advises that you take the following steps:
1. Change your password immediately from the Password tab in settings. Select a strong password you haven’t used before. If you can’t log in to your account, please see this troubleshooting page.
2. Revoke connections to third-party applications. While logged into Twitter, visit Apps in your settings.
3. Update your password in your trusted third-party applications. If a trusted external application uses your Twitter password, be sure to update your password in that application. Otherwise, you may be temporarily locked out of your account due to failed login attempts.
If you’re still experiencing issues, file a Twitter Support request for assistance.

Adapted from: https://support.twitter.com/articles/31796-my-account-has-been-compromised

Further information

For more more information about staying safe online visit http://staysafeonline.org/stay-safe-online/

Image source via: http://www.welldonestuff.com/2013/01/what-happens-on-web-in-30-seconds.html