How to Protect Yourself from Online Snooping
Tips for browsing the internet safely
Cybercrimes continue to grow at great speed: in Spain there were more than 16,900 legal proceedings for cybercrime in 2020, a figure that represents a growth of 28.69 percent compared to 2019, according to data from the State Attorney General’s Office.
On the other hand, the Study on Cybercrime in Spain, published by the Ministry of the Interior in 2020 , says that ” it is foreseeable that attacks and vulnerabilities related to home networks or personal devices will increase” The good news is that we can use some strategies to protect us from these threats.
A password for everything Passwords
should not be reused on different web pages or services is a key premise. The reason, we use the same password and it is compromised, it would affect all the services in which we have used it. ” Furthermore, if one of the sites is of doubtful reliability, they could even be storing that password expressly and then selling it to third parties
Forget about words of common use for our passwords
Likewise, it is important to avoid choosing words of general use as a password, and of the popular ones such as ‘0000’ or ‘1234’, since, being very common, ” they are, with great probability, the first that an attacker will try,
The longer the password, the better
Another recommendation regarding passwords is to increase their length, in addition to adding special characters, mixing numbers and letters, and using upper and lower case letters.
Using a second factor of authentication
Although all of the above help prevent attacks, the most effective way to prevent someone from using our passwords is to use a second factor of authentication, which is that they « send us a message or use an application in the mobile when we correctly enter the password”
Also Read: file:///sdcard/
the password manager Password
managers help us save the passwords of the different services and websites that we have, so that they allow us to save all the access codes, which are increasingly more, in a single place. « We just have to be clear that the master password that we put in these managers must be unique and as complicated as possible so that the passwords stored inside in encrypted form cannot be deciphered
Backup when buying a new computer
One recommendation of the experts is that, when we buy a new computer, we create a backup of the entire hard drive, so that we always keep that full copy of the unused hard drive. Thus, if necessary, it could be reinstalled keeping the computer as new as the first day without any problem, although the next thing we would have to do is apply all the available updates that have come out later.
A user other than the administrator to work with
Another piece of advice from the UOC professor is to create a new user to work with and save only the administrator user, with a different password, for installations and configurations. It is important that we do not work as computer administrators on a daily basis.
Restore the software if we install third-party applications
It is not necessary to restore it from our computer if we do not install untrustworthy third-party applications, but « if we do, or if we install unknown games or do similar tasks, then yes it is necessary”
Do not trust if the beginning of the URL is not https
an address that begins with https indicates that the HTTPS communication protocol is being used, which is a version of the HTTP protocol that offers encryption and data integrity and authentication of the server. On the one hand, data encryption is important, since «prevents an adversary listening to network traffic from seeing the information being sent to the server. For example, if we are making a purchase over the internet using a bar’s Wi-Fi, it is important that the communication is encrypted, to ensure that the owners of the bar cannot see the card number that we are using to pay or the products in our cart. of the purchase”, points out the UOC professor. On the other hand, the integrity of the data ensures that they have not been modified. «Continuing with the previous example, it prevents the owners of the bar from changing the prices of the products that we are going to buy or modifying the delivery address of the product without us noticing”, he adds. Finally, authentication allows us to confirm that the website is what it claims to be.
The lock does not guarantee security
The lock icon that appears next to a web address can convey a sense of security. However, it is false. As Serra warns, « the padlock only serves to warn that the communication to the web server is encrypted and that they have paid to have it, but it has nothing to do with the fact that the web is legitimate or a fraud. It only indicates that this website works with HTTPS, nothing else.
What to do to control cookies
Cookies have become a problem, because, although we are constantly receiving the information to configure them, few already configure them when entering a web page so that they are not tracked. However, it is necessary to do it. “You have to stop for a few seconds and take a good look at the configuration of the cookies that we accept, since many track us and know all the web pages we visit,
Avoid browser footprint
Today there are other mechanisms beyond cookies that allow web pages to track their users. For example, the browser fingerprint can be used as an identifier. the browser footprint is a set of characteristics that identify our browser in an almost unique way and, therefore, allow us to be tracked while we browse the Internet, even if we delete the cookies .Or let’s change IP. The browser footprint uses properties such as browser version, installed extensions, screen resolution, operating system, or the way different fonts are rendered. To facilitate browsing and private searches, you can use browsers such as Tor or use the Tor anonymity network. “ This system does ensure us a bit of anonymity and privacy of the data that circulates on the Internet”.
Be wary of ” incognito mode “
Despite its name, ” incognito mode” does not protect us from possible attacks. According to experts, the only thing that characterizes it is that it does not save the websites we visit in the history and that cookies are not saved, ” but that does not mean that it is anonymous,” warns Jordi Serra. The reason is that it does not hide our IP address or the point from which we connect, and secure or encrypted connections are not established.
Also Read: What is electronic logbook
Yes to antivirus
An antivirus will protect us from known Trojans and viruses, so it will provide us with some security. As for the new viruses, they are not often used in private homes. However, in case they did, we would not be protected.
Beware of permissions to install extensions
Extensions are programs that add functionality to browsers. Consequently, in almost all cases they need to access the data on the disk or from the programs, so we must be very careful with which ones we install. For this reason, before granting permissions, we think about whether the application really needs to access the data for which it is requesting permission to function correctly, and we do not install applications that request more data than they need. . «Many extensions request the permission to ‘read and modify data from all websites’, and this can be very dangerous, as it gives them carte blanche to see and modify everything that is done from the browser. For example, they can capture the passwords used to authenticate on websites or add advertising to the web pages we visit, “he warns.
If we install them, they must be legitimate
It is also important to ensure that the application is legitimate, so it is preferable to download the extensions from the browser’s official page (for example, the Chrome Web Store or the Firefox add-ons page), since that these extensions have already passed a previous validation process. In addition, some details can give us additional information, such as the number of downloads of the application or the comments and ratings that other users have written. ” Personally, I am wary not only of apps that have poor ratings, but also of apps that have ‘too good’ ratings, especially if they are all similar, written in a short period of time, and have the highest rating,
One-time use virtual card for online purchases
A good idea when making purchases online is to use a one-time use virtual card to make the payment. These cards have, in the same way as the “normal” ones, a number, an expiration date and a security code (CVV), but they are characterized in that they only allow a single purchase. “In this way, if an adversary clones the card or obtains the data in an attack on the database of the website where we have bought, it will be of no use to him, since it will no longer be valid a second time,” he says. the UOC professor. In addition, these cards can also be combined with prepaid cards that can be recharged with a specific amount.
Pay attention to the website where you buy
Regardless of whether or not we use a virtual card, before making any payment, we must take a look at the stores where we buy and we have to look at their reputation, or if there are comments on the network on them (if there are none or they are bad, it is preferable not to buy that “mega offer” that they have at less than half the cost price). By distrusting new websites, and above all inserting our credit card into them, we can save ourselves a possible disappointment.
Do not provide data or click on suspicious links
If we receive an email from a supposed company or provider that we believe to be illegitimate, it is best to visit the company’s website directly and look there for the link with the service that the email is offering us. For example, if we receive an email from our phone company offering us a discount on our rate, it is best to visit the phone company’s website and look for the offer they are offering us by mail there to avoid clicking on the link that they send us
Be very careful with open or shared Wi-Fi lines
Experts advise using open Wi-Fi networks only to browse and search for information about general queries, but never -even when they have a password- to connect to the bank or a store and enter the data of payment.
When to use VPN networks
Using a VPN connection to surf the internet when we use public Wi-Fi can be a good alternative, since it ensures that the data travels encrypted and allows us to hide the destination of our connections. « Now, it is important to select a VPN provider with certain privacy guarantees, since, if not, we can flee from the fire and end up in the embers,
Protect home networks
To protect home networks there are two basic premises: that they always have a password and, if we have very old devices that do not allow it, use WPA3 algorithms, the third revision of a security protocol used in Wi-Fi networks and certified by the Wi-Fi Alliance foundation.
What precautions to take with QR
codes QR codes are a representation in image format of a text. This text is converted to binary code and the zeros and ones are represented in black and white, so we cannot see what is written inside that QR code. « Due to this, the recommendation is to read the QR code and, before opening it directly, look at the URL that the browser will take us to. If we see that it is a URL that is not known, or that seems fraudulent to us, the best thing to do is to consider not opening the link associated with that QR”,
Refresh the browser
All browsers show the web information that you want to access and notify you of expired certificates. However, we must bear in mind that they also have to be updated and that it is necessary to discard those that are obsolete, such as old versions or Internet Explorer, which has stopped supporting it and, therefore, is no longer updated.
When to analyze if a file is free of viruses. It is not necessary to always analyze a file before opening it, but if it seems suspicious to us, the advice of the experts is that we visit one of the websites that pass online file antivirus.
Also Read: QuickBooks Error 404