The internet continues to become more complex, and the changing social norms and constant scam threats can exhaust even canny users. Stacker compiled a list of 25 tips you can use each day to stay safe, avoid scams, and keep your personal information personal—along with some security specifics and search tips. The best tips from public agencies and portals like USA.gov, the U.S. Department of Homeland Security, Grants.gov, the U.S. Food & Drug Administration, and the FBI were combined; the most recommended tips are saved for last.
Some of these tips may seem obvious, but changing internet norms and the move to smartphones has reset many people’s sense of what’s safe to do or not. Instead of just wild and clearly fake email scams, the internet is full of shiny, professional-looking sites that look exactly like where you planned to buy your concert tickets. On social media, we’re bombarded with ad after ad for legitimate and scammy businesses with no regulation to set the two apart.
On a 2018 episode of the internet culture podcast "Reply All," the hosts helped someone find out who’d stolen her Instagram account—yes, stolen—and experts now suggest we think of identity theft as a matter of when, not if. The same technophiles who’ve shredded the security of major retailers in the last five or 10 years are looking for low-hanging fruit in the form of accounts whose passwords they can easily guess or break.
When it comes to protecting your computer, your smartphone, and your bank account, there’s never been a better time to check and double-check. Giving in to those 50 accumulated antivirus updates, switching on Windows' automatic updates, turning on two-factor authentication, and a few other simple tweaks will help you breathe easier in just minutes. And learning some new paradigms for what you say and where you say it online will serve you just as well in the long run.
Read on for security and safety tips, as well as some best practices for staying happy and connected online.
You may also like: Resilient photos of cities that recovered from war
This tip might feel quaint in 2020, but social media feeds are filled with ads for fly-by-night companies making custom cat beanies or whatever the latest craze is today. Even if these sites aren’t scammy or malicious, you don’t know what payment infrastructure they’re running, how they’re storing your data, or even where their business is technically located. It’s a new version of the same old problems.
If you use a truly secure password, scams and attacks become much less successful. The best passwords are long, weird, full of special characters, and likely hard for you to remember. If it’s all too much, consider using a password manager program.
Whenever a game goes viral, copycats spring up to try to get you to download their versions instead, and famous software brands, or even regular businesses, are imitated by scammers who present fake apps as the real thing. Their goal is to camp out in your phone and begin sending your data to be sold. Make sure everything you download is legit, and if something looks sketchy, honor your gut and do some research first.
It might feel like search results are more crowded with garbage than ever before—and even Google has devalued its own algorithm by returning results that don’t have all the terms you asked for and other strange, user-unfriendly changes. Instead of getting frustrated, level up your search skills by learning about search operators. Putting things in quotes, adding “and” or “not,” and some other simple tweaks can take out most of the trash.
Consider turning your computer and even your wireless router off when you’re not using them. Some people already do this as a way to limit collective “screen time” past a certain time of night. When you’re not plugged in, the number of things that can wheedle their way into your network goes way down.
You may also like: Space discoveries from the year you were born
You can save money by ordering several months' worth of your prescriptions at a time using an online pharmacy, but before you choose one, make sure it’s a legitimate pharmacy with a pharmacist on staff. It should require a prescription and be transparent about everything that’s happening, and you should have a fully secure (https) portal for making payments.
When you’re considering whether to share a photo or a Facebook update, keep in mind that what you post could be floating around for the rest of time. Let that extreme possible outcome put today’s post in perspective, especially if you want to send a mean email or reply. Take a breath, take a walk, and if you still want to say it, go for it.
The internet can really scramble our too-good-to-be-true detectors because sophisticated web design is available everywhere for free or almost free. Offers on Facebook and elsewhere to give you $100 for a five-minute survey are the same old-fashioned nonsense—don't fall for it. Even clicking on offers like this can connect you with servers that will sink malware or spyware into your computer if you’re not careful.
This one is less intuitive, but it’s not always smart to use the same username across everything you do online. If it’s not part of a personal brand, feel free to change up your default. Remember that someone who knows one of your usernames can try the same username on everything else. Even a small change can make it more difficult to guess your username.
Don’t share your passwords. It’s not particularly wise to regularly share them with loved ones if you don’t need to. For shared family accounts, use a password totally different from anything any individual member would choose. If you want to share emails, remember you can set your email account to automatically forward messages to another account—without letting other people log into yours.
You may also like: U.S. Army by the numbers
Being a kid can be difficult in 2020, and for parents or guardians, it seems almost as difficult to decide what kind of internet rules to make. Keeping kids safe online used to have a specific meaning, like making sure they didn’t meet up with strangers. Today, this also must include teaching kids about bullying and peer pressure on social media, and that it’s okay to be flawed and real in your regular life.
A common kind of job listing scam is for fake work-from-home positions. Sometimes these are total scams to the point where they’ll ask for costly investment in some kind of “training” before you can start working, or they might be a cover for some type of investment pyramid scheme. They might also just be exploitative, offering piecemeal work that doesn’t even pay minimum wage.
If you’re sending any kind of personal information to a website, that site should be secure, indicated by the “https” in the address. Most sites offer a secure version in general, and given the option, you might as well. There are plugins like HTTPS Everywhere that will swap the default for the secure version.
Creating a strong, secure password isn’t worth much if you use the same one for everything, and it is one of the most important things you can change in your internet and app usage. Change your passwords and use different ones for different services because if you use one password everywhere, someone who guesses that one password can immediately ruin your entire life. Even a slightly different password will make that a little harder.
Think of the internet as a giant public bookstore, and everything you put on it is published for the public. Homeland Security says to consider your posts a novel, not a diary—would you write down where you live, where you spend your free time, or details about your children in a novel? There’s a reason so many books have a legal disclaimer that everything they contain is fictional and resemblance to real life is a coincidence.
By now, the Nigerian prince who wants to send you $10 million is common knowledge to the point that people can joke about it. But there are those who still fall for subtler scams, like emails purporting to be from friends or family members. Learning more about how common scams work will help you feel more comfortable and less afraid, and you might even be able to help loved ones who are a little less tech literate.
If you’re ready to take your safety game to the next level, consider installing a firewall on your router. Your anti-virus software might already include this, or you can get a free or low-cost solution for home use. Different kinds of connections, like HTTP and the POP servers some people use for email, use assigned ports that are selectively opened and closed to passing information, but a firewall closes more of those ports and protects you from intrusions.
By now, almost every crime show has had an episode that depicts robbers using Facebook to figure out when homeowners were away. When you post public photos of your vacation in Aruba, or the great food selection at your grocery store, the shared location data proves you’re out of your home. But even sharing names and birthdays can make it easier to crack your passwords—another reason not to use those names and numbers in your passwords.
Software updates can be annoying, and it’s easy to click “later” on something that requires a restart, but in general, it’s vital to comply with software and app updates. These updates include security and privacy protections along with minor cosmetic or feature changes.
Everyone thinks they’ll never be tricked by a website, but scammers get more sophisticated all the time. With the right code and Google tricks, their fake version of the store you want can show up above the store you want in the search results, and even on Amazon, the third-party sellers can scam you with impunity. Make sure you know who you’re dealing with, and if you can’t find out who they are, walk away.
Email has become the main vector for various types of scams, and please be wary. Phishing, where a site asks for personal information using some kind of pretense, is still one of the most common forms of security attack online. Don’t enter any personal information into anything you don’t completely understand—if you receive a strange email from a bank or other business, call an authorized number and ask if the email is real.
When you type in a password and go directly to your account, that’s one-factor authentication. Your password is the “factor.” To connect more securely and protect your accounts, you can use two-factor or multifactor authentication, which means the site texts you a code using a software-based authenticator like Google Authenticator to generate random codes that you type in as a second layer of security.
If keeping your general software up to date is important, keeping your anti-virus software up to date is vital. Many of these services push updates daily or near daily, and users can find this annoying, but it’s actually the best way for the software to work as designed. If your software has auto-update, that’s even better.
Make sure your home Wi-Fi network is secure, meaning it’s accessed using a password. When you’re using Wi-Fi networks on the go, don’t send personal information over an open network connection. Anything you say or do on these networks can be skimmed and stolen much more easily, and that alone is a reason to avoid open networks whenever possible.
The final tip is the oldest and most timeless classic—one Stacker found in agency advice dating back to 2000 and even before that. Don’t click on the attachment—just don’t do it! If you’re not certain that this is the specific document you were expecting from your Aunt Janice, curiosity isn’t enough of a reason. Clicking on fishy links is bad enough, but allowing something to be downloaded is next level.
You may also like: 30 famous student protests