Last update: 09/02/2022

Checking the URL of an email, using passphrases to create robust passwords, verifying the security settings of social platforms, updating your device's software, and reporting if you suspect malicious activity online are just some of the tips experts recommend to stay safe online.

Surfing the internet is a daily occurrence for 3.8 billion people. In other words, 51% of the world's population use the internet, according to the Internet Trend Report by Bond. It is, therefore, essential to know how you can stay safe online. Below, are five simple recommendations to help you protect yourself.

Rule #1: Think before you click or respond

According to Cofense Research, 90% of attacks originate from malicious emails, also called phishing.  According to the Verizon 2019 Data Breach Investigations Report, mobile users are more likely to fall prey to a phishing message. 

Cyber criminals invite users to click on a link or download attachments in a phishing message that infect devices with malicious software or tricks you into sharing personal data.

To protect you against such attacks, it is essential to be very careful with unexpected emails or messages you receive. When in the slightest doubt, be wary if the email address of the person sending the message seems strange, if you have not had a request for that information before, or if you are not a user of that service. Instead of clicking on the links in a suspicious email or SMS, visit the website or directly contact the company or service provider the email claims to be from. Always validate the email by using information you have rather than going off of the information in the email.

Rule #2: Keep your passwords secure

Today, it is common to have numerous profiles on websites that require a username and password. That is why some of us are likely to repeat the same password on several websites. Most of us choose simple passwords with dates or words that mean something to us. Using passphrases (a password made up of three or more words) is the best way to avoid forgetting your passwords; the more complex and longer a password is, the harder it is to decrypt. For example, it would take various centuries to hack “rooster dog cat bunny”, while “#sK8/aD” would take five years. It is best to use randomly chosen words (a full sentence is also advisable). This increases the strength of the password without it being a difficult password to remember.

Remember, you should never use the same password across different platforms. This helps you prevent a person from accessing all your accounts if they have your password.  If you have trouble remembering all of them, you can use a password manager. Furthermore, use multi-factor authentication (MFA) whenever possible, as it adds an extra security layer to your login. In addition to passwords, MFA requests information that only you have (e.g. a code that is sent to your mobile phone).

Rule #3: Be discreet online and in public

Connecting through social networks and other platforms is part of our daily lives.  Having control over what you reveal about yourself on the internet makes it harder for those who attempt to scam using "social engineering" techniques.

Decide which personal information should be publicly available on your social networks and other platforms. Think about it and check your security and privacy settings configuration across your accounts.

Rule #4: Protect your information and equipment

We often store our whole lives on electronic devices: photos, videos, documents, contacts... losing that information would be disastrous.

To protect it, it is essential to update the operating systems, programs and applications installed. Failure to do so makes our devices an easy target, making them vulnerable to new viruses, since most updates contain security improvements.If your device is not up-to-date, follow the instructions to do so or set up automatic updates to make this good practice a regular part of your digital routine. To avoid losing information in the process, it is advisable to back-up your device regularly or before updating the software.

Rule #5: If you have suspicions, report them

When you detect any suspicious activity online, such as an infected website or a fraudulent email, SMS or social networks, you must report it. Know how to report these types of phishing incidents directly to the company or service provider being impersonated. By reporting, you will help share information with cyber specialists who work to stop and prevent the spread of attacks. By informing other people, you are helping everyone who uses the internet to stay safer online. 

If you are a victim of a cyberattack, take the necessary measures:

  • Change your passwords
  • Report the situation to the companies involved 
  • Notify your contacts not to open emails or messages that come from you until the situation is resolved.

Finally, there are public institutions dedicated to advising you on what to do in the event of an attack online. Make sure you always have the right contacts and resources at hand.  

You might like