Is your online “trip” secure?

If you haven’t read our previous blog, kindly take a few mins and check it out before proceeding >>>HACKED WE CAN HELP!

Did you know anything that connects to a network can be compromised? Thats right, anything from humans to devices.

Massive data breaches, marketers tracking your every step online, shady people exploring the photos you shared in social networks - the list of digital annoyances goes on and on.

We often hear about cyber attacks, disaster events such Wannacry, NotPetya among others can’t be forgotten easily and are able to seriously damage even the biggest and well-prepared firms. Obviously, we are not just talking about huge cyber attacks against corporations and official institutions, but even of online frauds and data thefts to the detriment of small, medium-sized enterprises and individuals. However, it’s not completely hopeless.

Here we shall highlight some of the extra checks you need to perform to stay safe online.

1. Safe password and PINs
Everyone who has ever used a computer, a phone, digital device, or visited the internet has a username and password to login to something. Have you ever taken a few minutes of yourself to think about the passwords or Personal Identification Numbers (PINs) you use?. We use a lot of accounts with simple password, easy to recall, never changed, Usernames share the same password or format, saved them in favorite web browser, your friends know the logins, no second step verification, no Two-Factor Authentication (2-FA) or Multi-Factor Authentication (MFA) in use.

If you meet the above, then you either need to unplug your internet cable, take the next 15 minutes to add a layer of security to your online accounts (create different and complex passwords for each account i.e. a mix of numbers, capitol and lowercase letters, special characters and avoid sequences of only numbers or letters, as dates or names. If you find difficult to remember all those passwords, you can use a password manager) or call/email us for assistance. Otherwise the eagle Man In The Middle (MITM) is preying on you.

2. Attachments and shared links.
Care must be taken on email attachments, external files and shared links, in particular when the sender and/or the subject seem suspicious. Some even seem simple work documents or file received from friends. In that case its recommended not to open it rather trash it directly. Be careful also to all the email communications seem to be coming from banks, postal services or similar, which ask you to confirm your credentials: never do that, because no institution would ask something like that through email (See our previous blog for more details).

3. Secured websites and Online payments
Most of the time we open a browser and head directly to the URL or ask Google search for assistance in getting to the URL. Afterwords we enter login credentials and hit that submit/login button and patiently wait for the information to be presented to us. Depending on the response, we might press F5 key.
But how often do you check on the URL if it matches the actual domain name?, if the URL is secured with an SSL certificate (responds on https rather than http)?, What are the details of the SSL certificate?, Are there any redirections from the website you have visited to other websites?
When we make online purchases is better to use a prepaid card instead of a traditional one, especially if we don’t consider the website 100% safe, use double check mechanism (password plus sms code) to authorize the transaction, monitor our bank accounts using mobile and email notifications, so we can immediately notice if it was made a suspicious transaction.

4. Stay Private on Public connections
Public Wi-Fi networks usually do not encrypt traffic, and that means anyone on the same network can snoop on your traffic. Avoid transmitting any sensitive data e.g. logins, passwords, credit card data, and so forth over public internet. Always use Secured VPN to encrypt your data and protect it from preying eyes.

5. App Permission settings, Terms and conditions
Always check the app settings and especially control the authorizations you gave to your apps. Applications often request the access to camera, contacts and even microphone. Be careful about these details and avoid to give authorizations that apps don’t really need to function properly. Always read the terms and conditions and understand them. Additionally, use messaging apps with end-to-end encryption.

6. Social media
Social media are tools which expose our life to others but not always safely. We need to be aware of that and keep an eye on which contents we publish online. At all times control what kind of information is available through your platforms and change the privacy setting to protect better sensitive data where possible.

7. Don’t use public storages for private information
Oversharing is not limited to social networks. Don’t use online services that are meant for sharing information to store your private data. For example, Google Docs isn’t an ideal place to store a list of passwords, and Dropbox is not the best venue for your passport scans unless they are kept in an encrypted archive. Key point here is, Don’t use apps meant for sharing to store your private data.

8. Evade tracking
Browsers discloses a bunch of stuff about you and your surfing history. Marketers use that information to profile you and target you with ads. Incognito mode can’t really prevent such tracking; you need to use special tools like private browsing.

9. Keep your main e-mail address and phone number private
Your reward for sharing your e-mail address and phone number? Tons of spam in your e-mail inbox and hundreds of robocalls on your phone. Even if you can’t avoid sharing this info with Internet services and online stores, don’t share it with random people on social networks. And consider creating a separate, disposable e-mail address and, if possible, a separate phone number for these cases (please see our previous blog).

Back in the 80s and before, our parents would keep confidential documents including money in the following order:
1.Verify the documents and put them in a clean sealed envelope.
2.Put the envelope at the bottom of a drawer and place other items on top of it.
3.Lock the drawer with a key and place the key in another drawer of another cabinet.
4.Wrap the key of the drawer of the second cabinet in a polythene bag and hide them beneath a huge bathing rock.
5.A chain of trust would be done on the keys whenever documents access is required.

To find out how we can help you email us on info@myisp.co.ke or give us a call on 0730911000

Previous Blog >>>HACKED WE CAN HELP!

Posted in Internet, Security.