10 Tips for Online Privacy
Do you know how easy it is to find certain information about you or your computer online? It’s easier than you might think.
1. Remember to log out
Logging out of your social media and online bank accounts after using them is like locking your front door when you leave home. It’s quick and simple and prevents unwanted intruders from gaining access to your personal data.
Some people believe merely closing the window where you are logged in is enough to prevent others from accessing your account. The truth is, you may still be signed in to your account on that device, leaving you vulnerable to tracking. The only way to be sure is to log yourself out when you are done using an online service—especially if you are using a public machine or network.
Why signing out/logging out is important?
The reason is that you newer know if somebody else is using your computer. Also wen they say log out remember the rule is important if you are using a PC in a diffrent place. Remember what can happen if you forget to not sign out. If it gets stolen and you are loged in to something such as Amazon they can easily find your credit card information.
It is possible that if your computer is infected that leaving your passwords on “remember me” and staying logged in could be used in spamming/hacking of your accounts. Although it’s rare, in the event that someone did manage to “take control” of your PC by using RDC or a program they will have access to all of your information without needing to guess/hack your usernames and passwords.
2. Don’t access confidential accounts on public networks or devices
There are basically two kinds of public Wi-Fi networks: secured and unsecured.
An unsecured network can be connected to within range and without any type of security feature like a password or login. Conversely, a secured network requires a user to agree to legal terms, register an account, or type in a password before connecting to the network. It may also require a fee or store purchase to gain access to the password or network.
Regardless of the connection type, you should always use public Wi-Fi with caution.
• DO connect to secured public networks whenever possible. In the event that you’re unable to connect to a secured network, using an unsecured network would be permissible if the connection requires some sort of login or registration.
• Don’t access personal bank accounts, or sensitive personal data, on unsecured public networks. Even secured networks can be risky. Use your best judgment if you must access these accounts on public Wi-Fi.
• Don’t leave your laptop, tablet, or smartphone unattended in a public place. Even if you’re working on a secure Wi-Fi network, that won’t stop someone from taking your property or sneaking a peek at your device.
• Don’t shop online when using public Wi-Fi. Sure, shopping doesn’t seem like it involves sensitive data, but making purchases online requires personal information that could include bank account and retailer login credentials. Shopping isn’t something you want to do on an unsecured Wi-Fi network.
• Turn off automatic connectivity. Most smartphones, laptops, and tablets have automatic connectivity settings, which allow you to seamlessly connect from one hotspot to the next. This is a convenient feature, but it can also connect your devices to networks you ordinarily would not use. Keep these settings turned off, especially when you’re traveling to unfamiliar places.
• Monitor your Bluetooth connectivity. Bluetooth in the home is an amazing feature on many smart devices. However, leaving Bluetooth on while in public places can pose a huge risk to your cybersecurity. Bluetooth connectivity allows various devices to communicate with each other, and a hacker can look for open Bluetooth signals to gain access to your devices. Keep this function on your phone and other devices locked down when you leave your home, office, or similar secured area.
Come to think about it, it’s best that you don’t log in to your social media or online bank accounts at all when you’re using a public network. Many such networks routinely gather and send your data to third parties, and rogue networks can snoop on your traffic and passwords or inject malware and ads onto your device.
The best way to protect yourself against such risks is to avoid accessing your social media or online bank via a public connection or someone else’s device. But if you have to (or really really want to), you should…
3. Use a VPN
Think about using a virtual private network (VPN) solution to ensure your privacy and anonymity are protected when you use public Wi-Fi. VPN services can encrypt all the data that you send and receive while using a public Wi-Fi hotspot, securing your information from other users of the same connection.
Connecting your device to a VPN redirects all of your device traffic through a secure and encrypted tunnel. This means internet service providers or sketchy parties trying to peek into your device traffic will only see a bunch of meaningless garbage.
In addition, using a VPN allows you to access content that is blocked in certain countries and can even help you save money while shopping. When you’re connected to a VPN, third parties will only see the IP address of the network you are connected to, instead of your real IP address. All said, using a VPN should be standard procedure for all forms of internet usage, public or not.
4. Be wary of services asking for your details in exchange for information or prizes
It’s common practice for companies to ask for your email address or personal details in order to “unlock” certain content or to enter you in a contest. On the surface, submitting a simple email address may not seem like a big deal. The truth is, marketers are collecting your information for direct marketing purposes. Worse still, they are often selling it to other companies for revenue.
Scammers regularly use phone text messages as a means of gaining new victims. You have won nothing at all and the promised prizes do not exist. If you follow the link in the hope of claiming your prize, you may be tricked into downloading malware to your phone.
Or, you may be taken to a scam website that promises the chance to win further prizes in exchange for supplying your name and contact details. These sites will share your information with dodgy marketing companies who will inundate you with unwanted email, text messages, and phone calls.
Some versions may try to trick you into entering your mobile phone number, ostensibly to claim a prize or go in the draw for other prizes. But, by supplying your number, you will actually be subscribing to a very expensive SMS “service” that charges you several dollars for every message they send you.
When faced with these situations in the future, remember to ask yourself: How useful is this content that I’m exchanging my email address for? How likely am I to win this prize? Chances are, you almost certainly won’t win anything, but the marketer will definitely have gained a new lead for future monetization. If need be, create some pseudonymous email addresses. They can be a gateway to a lot of fun.
5. Be careful when sharing your location
What are some of the dangers of sharing your location online? And how can you prevent sharing too much information?
Social media is highly used among adolescents and teens. While there are many perks to social media, it also has it’s dangers. For example, some social media sites, like Facebook, Twitter, Instagram, etc., will share your location without you even knowing. This could be troublesome for your privacy as well as your safety.
By posting pictures of you away from your home for long periods of time i.e., vacation or on work or school trips, you are making yourself a target for burglars or home invaders. If your account is not private, anyone can see that you are not home.
You should not post updates or photos disclosing exact residences or any identifying information. This information could be accessed by anyone and completely exposes your privacy as well as puts you in danger.
Watch how often you update your statuses about where you are or “check-ins” on social media sites. By disclosing your every move, it can make it easy for others to track your daily routine and activity. This constant updating could familiarize them with the exact time of each location that you’re at, the time spent at each location, and whether or not you’re by yourself or with others.
Never post saying that you are home alone. Don’t post at the same time everyday disclosing your location. You want to avoid people learning your routine and where you are during certain times of the day.
Using your mobile’s built-in global positioning system (GPS) functionality allows location-based services (or geo-location) to locate and publish information about your whereabouts. Applications like Foursquare, Facebook and Yelp allow you to “check in” at places using your mobile phone, and then share your location with friends or on social networks. The application knows where you are because it taps into your phone’s GPS longitude and latitude data.
While GPS can help you find places you’re going to and discover local deals, sharing your location with the world could pose some danger, so it’s critical to be aware of the risks that we face when using location-based services or geo-tagging.
For instance, you may not mind sharing your exact location with friends and family, but what about with people you don’t know? When your location is broadcast on social networks such as Facebook and Twitter, you lose control of the information. Anyone can see it. Say you check into a hotel while on vacation. A thief could see your check-in, do an online search for your home address and rob you while you’re away.
GPS data is also used in geotagging. Geotagging includes longitude and latitude data in the image file automatically unless this is turned off. This technology is prevalent in images and videos taken by both smartphones and digital cameras.
This is troublesome because many of us are unaware of this feature, even though sharing images online has become immensely popular. Sites such as Instagram, Facebook, Flickr and YouTube are filled with pictures and videos that include location information. Most of the time, that information won’t matter, but you could be inadvertently telling people where you are just by sharing what you may think is an innocent photo.
Turn off the GPS function on your smartphone camera or digital camera. This is important if you are going to be sharing your images online. Instructions on how to turn off geotagging will vary, but we suggest referring to your phone or camera’s manual for further instructions on how to adjust this feature. You also might want to consider only letting certain apps (like maps) use your location data on your mobile device.
Check your privacy settings on social networks and photo sharing sites. Make sure that you are only sharing information with friends and family. Also, make sure that you only accept people into your network that you know in real life.
Be aware of the fact that the information you share on one social network may be linked to another. For instance, a photo you post to Twitter may automatically post to your Facebook profile. Because of this, it’s important that you check the privacy settings on all your accounts.
Finally, be careful about what images you’re sharing and when you are sharing them. Rather than uploading a picture that reveals your location the moment you take it, wait until you get home to upload it.
Remember that whatever you post online is public, even if your privacy settings are set correctly. Your image could be taken and posted elsewhere, where you have no control over who sees it. Be discreet about what you share and when. Or just turn it off.
6. Don’t interact with suspicious emails
Unfortunately, some phishing emails will always make it to the inbox. And those messages are extremely effective—97% of people around the globe cannot identify a sophisticated phishing email. That’s where customer education comes in.
Even if you don’t exchange your email for online content/prizes, you’ll still receive the occasional fishy email or spam. The first (and only) thing you should do is to delete those emails. By opening the email, or clicking any links inside it, you are likely inviting malicious attacks on your device and personal privacy.
Furthermore, never reply to suspicious emails. You might be tempted to reply and ask to be removed from the mailing list, but not only will that not work, you will also have confirmed to spammers that your email address is indeed active—likely inviting more useless (or harmful) messages in the future. As for your email provider, replying to spam indicates that you actually find these emails useful, making it more likely that they will no longer be labeled as spam moving forward. In short, ignore and delete any emails in your spam folder, and click “report” for any spam emails that have not been identified as such by your email provider.
Here are 10 tips on how to identify a phishing or spoofing email:
Tip 1: Don’t trust the display name
A favorite phishing tactic among cybercriminals is to spoof the display name of an email. Check the email address in the header from—if looks suspicious, don’t open the email.
Tip 2: Look but don’t click
Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it.
Tip 3: Check for spelling mistakes
Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar.
Tip 4: Analyze the salutation
Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.
Tip 5: Don’t give up personal information
Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.
Tip 6: Beware of urgent or threatening language in the subject line
Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”
Tip 7: Review the signature
Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.
Tip 8: Don’t click on attachments
Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
Tip 9: Don’t trust the header from email address
Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address. Return Path found that nearly 30% of more than 760,000 email threats spoofed brands somewhere in the header from email address with more than two thirds spoofing the brand in the email domain alone.
Tip 10: Don’t believe everything you see
Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages – if it looks even remotely suspicious, don’t open it.
7. Use a strong password
Whenever you have an opportunity to create and use a password to protect your information, make sure that you use a strong password. Passwords are the first line of defense against the compromise of your digital information.
By now, anyone still using “QWERTY” or “123456” as their account passwords should probably have their internet access revoked—for their own protection. In a time when cyber thieves are getting smarter and employing more devious methods, the least you can do is to get a strong password.
Don’t “recycle” a password. Password-protected sites are often vulnerable because people often use the same passwords on numerous sites. If your password is breached, your other accounts could be put at risk if you use the same passwords.
Do not include any personal details in your password. Don’t use personal information (your name, birthday, Social Security number, pet’s name, etc.), common sequences, such as numbers or letters in sequential order or repetitive numbers or letters, dictionary words, or “popular” passwords.
Use a mixture of numbers and letters as well as special characters, ideally with the help of a random password generator.
Security Questions – Many websites require you set up security questions in case you forget your password and need to reset it. Like the password itself, it’s important to pick questions and answers that can’t be easily answered by others (your pet’s name, mother’s maiden name and high school could easily be guessed by someone who follows you on social media).
Don’t share your passwords with others. Just remember that anyone that has your password now has access to your private account/information. Even if you trust them, it’s possible that your password could get out by mistake (written on a piece of paper someone else saw/took).
Passwords need to be complex and unique with at least 8-10 characters and a combination of letters, numbers and symbols. And each of your online accounts should have a separate password. Too hard? Consider a Password Manager software which creates and manages complex passwords for each of your online accounts.
8. Manage your cookies
Most internet users have heard of the concept of “cookies” that store information about websites they’ve visited, but not many people realize the scope of information that these cookies capture or how they can be used to monitor your behavior.
Cookies are pieces of data, normally stored in text files, that websites place on visitors’ computers to store a range of information, usually specific to that visitor – or rather the device they are using to view the site – like the browser or mobile phone.
They were created to overcome a limitation in web technology. Web pages are ‘stateless’ – which means that they have no memory, and cannot easily pass information between each other. So, cookies provide a kind of memory for web pages.
Cookies are a tool used by website owners to track your behavior on their site and store information about you for future visits. Information contained in these cookies could include your IP address, browser version information, a user ID assigned by the site owner, the dates you visited the site, and what pages you viewed or actions you took on the site. All of this information is combined to create a unique profile assigned to you.
While cookies usually don’t contain any personal information about you like your name or phone number, these hardware details can still be used to build a “profile” on you that marketers can study and analyze.
One of the most common examples of cookie monitoring is “retargeting” advertising, where a business will continue advertising to you long after you’ve left their website.
Almost all modern browsers provide ways for you to control how your computer handles cookies. This includes the ability to block all or different types of cookies – and preventing them from being placed on your machine in the first place. They also enable you to delete the cookies that you already have.
9. Browse anonymously
Speaking of private web browsers, you should use tools that allow you to use the web anonymously. For a browser that is great for privacy, try Tor. If you’re looking for tracking-free web search, use DuckDuckGo. On a related note, beware of shortened links, and don’t open them unless you’re using a private browser such as Tor.
Oh, and of course, remember to use a VPN.
A very important part of staying safe on the internet is anonymous browsing. After all, if they can’t find you, they can’t catch you. There is no bulletproof way to be anonymous online. If you want true anonymity, close your browser and throw away your computer.
10. Be careful of what you share online
Be careful what personal information you share on social media and other sites. Information such as addresses and locations can be easily shared, even if it’s only initially given out on private networks. Once it’s out there, it’s almost impossible to take back.
Finally, remember that you are the one who controls what information you share online. If you don’t share it, they can’t get a hold of it. In keeping with this idea:
• Do not give away your real email address for online giveaways or for websites that might engage in suspicious marketing.
• Do not share any personal data on public/unsecure machines and networks.
• Even if you are on a secure device or network, remember that anything you share online effectively becomes permanent, and can be shared or manipulated without your knowledge. A good way to see if this is happening is to Google yourself periodically.
Stay savvy, stay private, and stay safe.