10 Steps to Improve Your Internet Privacy

Hackers, scammers, and cybercriminals lurk everywhere. They are the dark web denizens, who spy, pose, steal identities through a variety of tech-savvy and old fashioned flim-flam subterfuge, and endanger everyone’s online safety.

So, staying safe online is a three-pronged approach: 1) threat awareness, 2) shoring up defenses, and 3) staying off the threat radar by using a VPN from this page https://surfshark.com/servers/uk

Threat Awareness

Today’s online threats range from simple social engineering—email phishing, etc.-- to sophisticated backdoor attacks—Zero-day attacks, bots, Trojans, etc. In the leapfrog battle between cyber criminals and the professional defenders who provide online security that users need, the average user can become part of that defense.

Shoring up you online defenses

Here are 10 steps you can take to stay safe online:

1. Beware of browser-based social engineering

In browser social engineering, the victim clicks on a legitimate appearing web link. The link triggers a download through vulnerabilities in browser plug-in weaknesses inherent in programs like Java and Flash.

So, surfing the web can be hazardous to your privacy and security. Malicious websites can contain so-called drive-by downloads requiring absolutely no interaction other than visiting the infected page. The page will contain an exploit kit, which is prewritten code designed to search for software vulnerabilities and inject malware into the victim's computer.

2. Only visit HTTPS secured websites

Look for the little padlock icon in the top left corner next to the URL on the web browser address line. It signifies that the connection between the user and the website is encrypted. While it does not guarantee absolute safety, the HTTPS is the best option to maximize online privacy.

The best advice is to limit browsing as much as possible on unsecured sites, and never do online transactions on those unsecured pages.

3. Always log out of websites after use.

Log out of social media accounts, email clients, and online banking accounts when finished. Closing the browser window without logging off keeps the user signed in until the connection times out, which provides a window of opportunity to a potential hacker.

4. Keep social media accounts private

A public Instagram account allows anyone with an internet connection and knowledge of the user’s handle to find that user for online stalking. Loading a Facebook account with detailed personal information with stories, photos, and information on friends and families is the bait that phishing scammers and spam ad targeters rely on to invade the user’s privacy.

5. Don’t become a socially engineered “phish.”

Social Engineering is an especially popular way to deliver malware. It relies on human curiosity and emotions and tries to trick the user into downloading intrusive malware or visiting a compromised website that hosts drive-by attacks.

A socially engineered email message, for example, can contain scare tactics like "Your bank account has been compromised! Please change your password immediately" Clicking on the email link takes the user to a fake sign-in page. The user is tricked into entering authentic user and password information.

There are variations on the phishing theme, which include:

• Spear phishing based on the hacker's knowledge of the victim or organization. The attacks are focused on knowledge gained about the victim from public or social media. They have an air of authenticity because fraud perpetrators customize their attack emails with the person's name, position, organization, and other information.
• Whaling, which is a type of spear phishing that targets CEOs (i.e., “big fish”). The top official compromises login credentials, which begins phase 2 of the scam. In phase 2 the attacker impersonates the boss and uses the CEO’s email to authorize fraudulent financial transactions, for example.
• Pharming, which is the targeting of an authentic web site and changing its IP address to redirect users to a malicious website. This can occur even if the victim enters the authentic alphabetical name of the website.

6. Install the latest antivirus software and antispyware technology.

Commercial grade antivirus software is the first line of defense against hidden malware. State-of-the-art antivirus software performs on-demand malware scans, and immediately scans a file or website when the user opens or enters it. Also, reputable antivirus software will block malicious web links, provide basic phishing protection and perform periodic system vulnerability scans.

7. Use the computer operating system’s built-in protection.

Both Windows 10 and MacOSX have file encryption and automatic firewall features. Some features are installed by default; others must be activated. Encrypting the computer’s hard drive will protect everything stored on a computer. If a laptop is lost or stolen, the files cannot be read. Also, a firewall is an essential connection protector and monitors all traffic entering the network.

8. Avoid public Wi-Fi networks, the major source of Man-in-the-Middle (MITM) attacks.

During an MITM attack a hacker gets between or eavesdrops on two parties. Each party believes they are talking only to each other. So, the MITM attacker could take over a conversation and trick the victim into disclosing personal identification or security credentials.

MITM attackers employ a variety of strategies which allow them to:

• detect and access unsecured networks
• send victims to fake websites through spoofing a DNS address
• hijack session cookies which have unsecured login information to help them steal a victim’s email account.
• detect online activity through “sniffing” software and quickly launch a MITM attack
• employ a cleverly spoofed web application to fool the user into disclosing login credentials.

The best protection against MITM attacks is to never connect to a public Wi-Fi server. However using a VPN will protect the user’s privacy when using a public Wi-Fi is the only option.

9. Use strong passwords.

Passwords are the padlocks that can slow or even defeat unauthorized entry to online accounts. As a general rule, the longer a password is, the harder it is to crack. Longer passwords are more resistant to brute-force password cracking. That is where hackers use software to guess every possible combination of letters and numbers to hack a user's password.

While complexity--a variety of characters--in passwords might seem to provide more security than simple but longer ones, the opposite is true. Take the seemingly complex password "kqwbc932," for example. A brute-force attack would be able to crack it in about 11 minutes. However, a simple pass phrase like "i own 2 CATS and 1 dog" would be secure virtually forever.

The best password advice, then, is to compose an easy to remember, but unusual sentence. Use the first letters of the words in the sentence with punctuation as the password. For example, "My dad's favorite program in 1970 was “All in the Family" would become "Mydadsfpw1970wAitF."

Also, when available, use both a traditional password accompanied by some other follow-up authentication that an intruder cannot access or use. This could be anything from receiving a secure smartphone or email text with a single-use additional access code, or by answering a personal question.

As an additional safeguard, use a ridiculous answer to a personal authentication question. Example: "Q: What is the name of the city in which you were married? A: Lower Slobovia."

Then there are some common sense password hygiene practices, which include:

• Never write the password and tape it in plain sight or other obvious places, like beneath the computer keyboard.
• Use a different password for access to every site and every device.
• Use the browser password manager or password management software to store multiple passwords. Password management software can generate random, impossible-to-hack passwords for quick and convenient access.

10. Back up everything.

No one is completely immune from downloading a virus or falling for a clever ransomware ruse. Hackers exploit weak points, and those weak points are usually people, who want to be helpful and cooperative. So, when the breach occurs, the best insurance for restoring everything to normal and quickly is a reliable system backup.

The backup can either be offsite or local. The key is to isolate the backup method and storage from the main system, because malware will frequently look for backup devices and go after them as well.

Use a VPN as the third element of online security

A virtual private network directs all internet connectivity through a secure and encrypted tunnel. Internet service providers and other snoopers wanting to detect the user’s online activity see only meaningless, encrypted garble when VPN is in use.

Benefits of the VPNs encrypted connection include:

• Masking of the user’s IP address and login location
• Defeating man-in-the-middle attacks (see Step 8 above) on public Wi-Fi locations
• Accessing blocked content and net censorship in certain countries through logging into remote VPN servers

Summary and Takeaways

Staying safe online requires a knowledge of the threat, employing the proper defenses, and using the encrypted browsing of a VPN. Today’s threats involve social engineering and traps online through poisoned websites.

Shoring up online defense means safe browsing using only HTTPS secured websites, logging off sites when finished, and keeping media accounts private. Also, be aware of the types of phishing traps that rely on inside information as well as social engineering that relies on a person’s natural desire to cooperate and be helpful.

Then there are measures that can protect the user’s equipment from online hazards. Install the best anti-virus software and use the computer operating system’s built-in safeguards.

Avoid unprotected public Wi-Fi networks and use strong password strategies. Finally, remember to back up everything, and do it off site or isolated from the main system.