Are You Really Secure Online? - Disgruntled Tech
Luis Izquierdo | On 09, May 2014
Most people never think twice about security when they are posting their status on Facebook or Twitter. When they think of computer security, they think of viruses. But there is another major threat in the cyber world that is becoming more common everyday.
With today’s social media generation, people use numerous sites to keep in touch with their friends. Some sites like Facebook also offer games, apps and other features that you can play right from their site. While this may sound convenient and fun, you may be putting yourself at risk.
Hackers and Identity thieves rely on “phishing sites” in order to get the information they need. A phishing site is a mock website made to look exactly like another website. The most common one is Facebook. With Facebook’s millions of users, these cyber criminals cast out a large net with their phishing sites and bring in a fair catch.
Here is how it works:
Lets say you log into Facebook, you see a post from a friend on their wall showing you some cool feature about Facebook. You click the link and you go to a site that looks exactly like Facebook saying that you need to confirm your login to continue. The majority of people will enter their Facebook credentials and the page will redirect you back to its intended destination. Little to you know, you just emailed your Facebook email address and password to someone sitting in the shadows of the internet.
Though your Facebook login may not seem like much, look at the bigger picture. With the tons of sites you log into everyday such as your bank, Facebook, Twitter, tax return sites, etc., most people use the same email and same password to make it easier to remember. Having the same password across sites may seem very convenient to you, but it is also convenient to anyone looking to hack into your bank account and transfer funds or use your email to verify new accounts.
Today’s digital world leaves us at risk for a security attack from many angles. But you can protect yourself and lower your risks.
Here are a few tips to help you keep your internet footprint secure.
- Avoid using the same username on all sites. We recommend that you use at least two different usernames that are not affiliated with each other in any way. For example, do not use the same words in your usernames.
- Make sure your passwords are strong and have no significance. The most common password is some formulation of a name with a birth date or year. This is all information that can be gathered very easily with a little research. Using a password generator is the best way to go as they normally generate a long password with a mix of numbers, punctuation and both lowercase and uppercase letters. If you are someone who forgets passwords try using a password generator like the one found here. This generator lets you put in a master password and then generates numerous different passwords for you to use on different sites, The best part is, you do not have to save them. If you forget a password, just return to the generator, enter your master password and your passwords will regenerate exactly as before.
- Set up a “dummy” or “junk” email address. Use this email address when filling out random forms on sites you do not completely trust. This way, if you need to verify something, you have access to it but if someone is using your information for suspicious purposes, that email would not be attached to anything of importance.
- On most important sites like banking or credit card sites, check to see if they offer a text verification service. Most sites will offer this service where you will receive a text message to verify activity rather than an email.
- If you are on a site and you are asked to log in again, verify that the site you are logging into is a legitimate site. You can do this a couple of ways. If it is a secure site such as a bank, credit card, PayPal or any other site where credit card information or personal information is being sent, the site should have a security certificate. To check this, look in the left side of the address bar where you would normally type the website URL and you should see a lock icon just before the ‘https’. Also, verify that the website URL starts with https:// and not http://. You can also look at the actual URL of the site you are being asked to log into. Make sure that the URL matches whatever site you are logging into. For example, if you are logging into a page for disgruntledtech.com then the URL should have ‘disgruntledtech.com’ in it. There may be other parts such as ‘disgruntledtech.com/page/xx-xx-xx’ or even ‘xxxx.disgruntledtech.com/page’ but the name of the page should never be separated from the extension such as ‘disgruntledtech.somerandomsite.com’. You can also tell by the extension. If the site you are on is supposed to be a .com site, make sure the URL does not have .net, .co, .org or any other extension other that what it is supposed to be.
There are many other ways to help protect you against the dangers of browsing online. You can always contact us for more information, tutorials and advice.