Basic Online Security

Posted on: September 6, 2016

In today’s day and age, it is almost impossible to get by without easy access to the Internet. We use it to communicate with one another, pay bills, buy things, sell stuff, settle bets, and look at lots and lots of cat pictures. Unfortunately, the Web also opens us up to a variety of threats, some more serious than others.

Identity Theft
This is one of the most serious risks we face online. Except in very rare cases, we’re not talking about someone literally stealing your identity and living their life as though they were you, showing up at your house and trying to convince your spouse that they are the one who has lost their mind as you’ve always looked like this.

No, identity theft typically refers to someone taking some of your personal information and opening credit card accounts and such in your name, then buying a metric ton of crap with the card. Sometimes it will also involve them hijacking one or more of your current accounts, too. This crime is extremely damaging to your credit score as well as your financial well-being. It can take years to undo the damage, too.

As a society, we buy a ton of stuff online. Books, music, gadgets, gizmos, even groceries and prescription medications, all that and more arrive on our doorstep after a couple of mouse clicks. Shopping is more convenient than ever. The downside, though, is that there are tons of scammers out there, all trying to separate you from your money. A Craigslist ad where someone is selling an item that isn’t what it seems. A buyer who wants to overpay you by a few hundred dollars using a chek and have you send the extra back to them. Even the now legendary banker in Nigeria who wants to enlist your help in stealing several million dollars.

Phishing is a specific type of scam perpetuated via email. You’ll receive a message in your inbox that purports to be from ebay, PayPal, or your bank. It’ll say that you need to verify some sort of activity on the account and will include a link for you to click. Going to that link takes you to a fake website that will capture your log in information and send it to a thief in some country whose name you can hardly pronounce.

Cyberstalking / Bullying
It used to be that if you had a disagreement with someone, you might holler a bit back and forth but at the end of the day, you’d basically agree to disagree and you’d all move on with your lives. With the advent of the Internet and with it the idea of being able to remain somewhat anonymous, some folks lost their damn minds. It has become commonplace for an individual to be targeted by one or more cyberbullies for seemingly infantile reasons.

Victims of cyberbullying have had their personal information shared publicly, been shamed and mocked, had personal photos altered and then posted on social media, and far worse. While it isn’t impossible to identify the culprits, many in the law enforcement community feel this is a low priority investigation. Compared to murder and kidnapping, it sure is, but to the victim it can be horrible to experience.

Invasion of Privacy
Somewhat related to cyberbullying are instances where someone’s private information is stolen and shared publicly. Often, though not always, this involves personal photos, typically those of a racy nature. Occasionally, it is a former lover who shares photos that had been sent to them while still in the relationship but more often it is someone who has hacked into an online data storage account, such as Dropbox or something similar. There have even been instances of blackmail, where someone threatens to release personal photos or other information if they aren’t paid a specified sum.

It is creepy enough to know that someone we’ve never met has seen racy photos we’d intended strictly for a spouse or significant other. Far worse when we learn those photos have been shared over and over among countless people online.

What can we do to protect ourselves?
Our goal with this article is to share with you some basic strategies that will help protect you in the online world. Naturally, there are no guarantees in life and you could follow each and every suggestion to the letter and still end up victimized in some way. But, these ideas and suggestions will go far toward preventing a negative experience online.

Password creation
Passwords seem to control our online existence, to a large extent. We need a password for every online account, including banking websites, social media, and email. A password is our chief line of defense against hackers. As hackers and their software become more and more sophisticated, though, it becomes difficult to create a password that is both hard to crack and, at the same time, easy to remember. Granted, once you’ve used a password a few times, it should be fairly easy to recall, even if it is just a string of gibberish. Even so, there are ways to create a very formidable password that can be easily remembered with a second or two of thought.

A strong password should have 8 or more characters. It should use letters, numbers, and special characters (i.e. %, $, #, etc.). The letters should be both upper and lower case. The password should not contain any names or recognizable words. A study some years ago found that a high percentage of women incorporated the name of one of their children into their password and men used the name of a vehicle. I don’t know if that’s still true but most brute force hacking programs will use names, words, and phrases.

With those considerations in mind, try this. Pick a favorite book or song. We’ll use The Dark Tower: The Gunslinger by Stephen King, one of my personal faves. Take the first sentence and write down the first letter of each word. So, “The man in black fled across the desert, and the gunslinger followed.” becomes Tmibfatdatgf. Now, think of a phone number you’ll always remember, but not your own. Perhaps the phone number you had when you were growing up, if you still remember it. Write down the last four digits of that number. In my case, that’s 7834. Mix that in with the first few letters. Now we have T7m8i3b4fatdatgf. So, we have upper and lower case letters as well as numbers. All we’re missing is a special character or two. Put in the @ symbol for a letter a in that password and we’re good to go. T7m8i3b4fatd@tgf would be very difficult to crack and would be nigh impossible just to guess. At the same time, it should be easy to remember after using it a few times and, until it becomes memorized, it’ll be easy to figure out since you know how it was created.

You shouldn’t use the same password on multiple accounts, either. Because of the sheer number of passwords we use on a daily basis, this can quickly drive you crazy. There are software programs, such as Roboform, that can help with this. You need only remember the password for the program and it will keep track of all your individual passwords and even create them for you if needed. However, this also means that you are relying on the program to gain access to your online accounts. If you forget that password or the program glitches, you might be dead in the water. While it seems to fly in the face of security, you might consider keeping a written log of your passwords. Don’t keep this on the computer, I’m talking about actually writing out by hand the passwords you use. Keep the list somewhere easily accessed by you but perhaps difficult for someone else to find.

Dummy email accounts
Most online accounts, whether we’re talking about Amazon, banking, or social media, require us to provide an email address. In some instances, it is primarily just for password recovery but with others the email account is used for regular communication. What I suggest is that you create an email account just for use with these websites. A Gmail account would work well. See, many people use an email account provided by their Internet provider. That’s all well and good but if you switch providers, then you need to go back and change that email address on each and every one of those online accounts. This is a giant pain in the ass, trust me.

Not to mention, the email account you use for these websites is going to be inundated with an ungodly amount of spam. We have one account that receives roughly 100 spam emails each and every day. Once you get the hang of creating filters and folders, though, it becomes nothing more than a mild nuisance.

What you might want to do is create two email accounts. One for use with the more secure stuff like banks and online bill paying and the other for social media and such. This way, if one of the accounts is hacked, it won’t jeopardize the other stuff. Either way, get in the habit of checking the email at least once a week so you can clear out the spam and read any actual messages that arrive.

We as a society do a ton of shopping online, no question about it. Amazon and other sites have made it incredibly convenient to have just about anything you can imagine delivered right to your door in a day or two. I’ll admit, I’m a huge fan of Amazon Prime and have taken advantage of the free shipping many times this year.

If you do much of any online shopping, here are a couple of suggestions. First, if possible, stick with one specific credit card for every online purchase. Monitor that account diligently to ensure it hasn’t been compromised. If you only ever use the card for online purchases, it should be very easy to see if something is amiss when you check the account. Plus, if something does go awry, there’s only the one account you’ll need to cancel.

On top of that, stick to shopping on well-known and familiar sites like Amazon. While the larger sites are admittedly more appealing targets for hackers, they are also more likely to have better security as well as being less likely to be run by some shady thief sitting in his mom’s basement.

Always double check an online order before finalizing it. Be certain there are no hidden fees and such being tacked on at the last minute.

Social media
To cover social media security in detail could take an entire book but I’ll try to summarize a few key points for you here.

First, and this goes for all of your online activity, anything you post on the Internet is essentially there forever. Comments, Facebook posts, tweets, photos, videos, all of it can conceivably be found and retrieved later, even if you try deleting it. Yes, this should concern you. No, you shouldn’t have posted that picture last week.

While we’re on the subject of photos, before posting a quick pic or two, take a look at the background of the photo. Make sure there’s nothing in view that could be embarrassing or worse.

Avoid posting comments about your vacation until you’ve returned from it. While your friends might be reasonably trustworthy, all they need to do is share your post and suddenly a whole mess of people you’ve never met know your name and that you’re out of town for a week. Might not be all that difficult for someone to figure out where you live and suddenly you’re coming home to a living room that looks like a hurricane went through it.

More and more employers are checking social media accounts, too, when researching applicants. Something to bear in mind before you post that rambling diatribe about how jobs suck and bosses suck worse.

Accepting friend requests can be a dicey issue. On the one hand, you want to limit the number of people who can read your posts and see your photos. On the other hand, though, no one should live in a bubble and meeting new people can be a great thing. Like many bloggers and other quasi-famous people (I’m actually very well-known…in very small circles), I maintain two different Facebook profiles. One is my professional one, where I interact with readers and fans and accept most friend requests without much worry. The other is personal and, with rare exception, the people on my friend list are those who I’ve either personally met or I’ve known online for several years.

What I suggest for most people is to avoid accepting friend requests that come from people with whom you have zero connection. If you have several friends in common, you might go so far as to sending a message to a few of them to see if they truly know the person. Never hurts to ask. Remember, once you’ve accepted their friend request, they will likely have access to all of your photos and the information you’ve put into your profile.

The Internet has long been likened to the Old West. There’s little in the way of actual authority and people need to learn to fend for themselves. A little common sense goes a long way, of course. Keep in mind that nothing is guaranteed, online or in real life, and even the most diligent can fall victim to scams, hacks, and other hazards. But, taking care of the basics will take care of most risks before they become true problems.

1 thought on “Basic Online Security

Leave a Reply

Your email address will not be published. Required fields are marked *