It’s within your power to take the steps necessary to stay safe and secure.
Subscribe to Confident Computing, my weekly newsletter, and get the 88-page Ask Leo! Guide to Staying Safe on the Internet – FREE Edition digital download as a gift. Based in part on this article, the Ask Leo! Guide to Staying Safe on the Internet – FREE Edition will help you identify the most important steps you can take to keep your computer and yourself safe as you navigate today’s digital landscape.
The very concept of “internet safety” feels like an oxymoron these days.
It seems we hear about some new threat aimed at wreaking havoc across machines connected to the internet almost daily.
Here are some things you can (and should) do to stay safe.
Staying safe online
- Use good security software.
- Keep software up-to-date.
- Secure your online accounts.
- Educate yourself.
- Secure your home and mobile connections.
- Remember physical security.
- Back up.
1. Scan for malware
Sometimes, most commonly via email attachments, malware can end up on your computer.
Security software will scan for, locate, and remove malware from your hard disk. A real-time scanner will notice it as it arrives, even before it hits the disk, but at the cost of slowing down your machine a little, and occasionally interfering with other operations.
Important: Because new malware is being created every day, it is critical to keep your anti-malware definitions up-to-date. Be sure to enable the scanning software’s automatic-update feature and have it do so every day.
- What Security Software do you recommend?
- Why Did My Security Software Not Detect a Virus on My PC?
- When do I actually need to run a virus scan?
- How Do I Remove Malware that Blocks Downloads?
- Will Using an On-Screen Keyboard Stop Keyloggers?
2. Stay up-to-date
I’d wager that over half of all malware infections don’t have to happen. Software vulnerabilities exploited by malware usually have fixes already available by the time malware reaches a computer.
The problem? The user simply failed to install the latest updates capable of preventing the infection in the first place.
The solution is simple: enable automatic updates everywhere.
- How Do I Make Sure Windows 10 is Up to Date?
- Should I Avoid Windows Update? It Burned Me
- Where Do I Get Driver Updates?
3. Secure your accounts
Account hacks are all too common. And yet, there are many tools and techniques available to prevent them from happening, or to dramatically reduce the impact when they do.
Particularly when it comes to your online accounts, it’s not only your responsibility, it’s in your best interest to ensure you’ve secured your account appropriately. That includes:
- Choosing good passwords, and using different passwords for every site.
- Using a password vault or manager to manage your passwords.
- Enabling two-factor authentication wherever it’s available.
- Ensuring that your account recovery information is set, and kept up to date.
Almost all the account hacks I hear of, particularly those where the account is lost forever, have failed to do one or more of those items.
- 12 Steps to Keep from Getting Your Account Hacked
- Your 6 Strongest Practical Password Techniques, Ranked
- Why Password Managers are Safer than the Alternatives
- Why ANY Two-Factor Is Better than No Two-Factor at All
- Please Set Up and Maintain Account Recovery Information
4. Educate yourself
To be blunt, all the protection in the world won’t save you from yourself.
- Don’t open attachments you aren’t positive are OK; attachments are one of the most common ways that malware spreads.
- Don’t fall for phishing scams. Be skeptical. Phishing is a common way that online accounts are hacked into and can lead to more serious issues, like identity theft.
- Don’t click on links in email you aren’t positive are safe.
- Don’t install “free” software without checking it out first. Many “free” packages are so because they come loaded with spyware, adware, and worse.
When visiting a website, did you get a pop-up asking if it’s OK to install some software that you’re not sure of because you’ve never heard of it? Don’t say OK.
Not sure about some security warning you’ve been given? Don’t ignore it. Research it before doing anything.
And of course, choose secure passwords and don’t share them with anyone.
- What Is It About Attachments?
- It Pays to Be Skeptical
- Just What is Common Sense?
- An Easy-to-Miss Source of PUPs
- Resist Those Dancing Bunnies
- I got a call from Microsoft and allowed them access to my computer. What do I do now?
5. Secure your home network and your mobile connection
If you’re traveling and using internet hotspots, free Wi-Fi, hotel-provided internet, or internet cafes, you must take extra precautions.
Make sure your web email access — or, for that matter, any sensitive website access — is only via secure (https) connections, or that your regular mail program is using only encrypted connections. Don’t let people “shoulder surf” and steal your password by watching you type it in a public place.
Make sure your home Wi-Fi has WPA2-security enabled if anyone can walk within range, and you’ve changed your router’s administrative password.
- How do I use an open WiFi hotspot safely?
- Can Hotel Internet Traffic Be Sniffed?
- 8 Steps to a Secure Router
- What VPN Should I Use?
6. Don’t forget the physical
An old computer adage is that “if it’s not physically secure, it’s not secure.”
All the precautions I’ve listed above are pointless if other people can get at your computer. A thief can easily get at all the unencrypted data on your computer if they can physically get to it. Even log-in passwords can be easily bypassed if someone has access to your computer.
The most common scenario is a laptop being lost or stolen during travel, but I’ve also received many reports from people who’ve been burned because a family member, friend, significant other, or roommate accessed their computer without their knowledge.
- How Do I Protect My Laptop Data from Theft?
- What Can a Computer Thief See If I Password Protect My Windows Sign-in?
- Lock Your Computer When You Walk Away
7. Back up
I know that backing up doesn’t feel like a “security” measure, but ultimately, it can be one of the most powerful ways to recover if you ever encounter a security-related issue.
The damage done by almost any kind of malware can be quickly reversed if you have a recent backup to restore to.
Having a back-up copy of your data (all your data) can help you recover after computer is lost or stolen (not to mention when a hard disk dies).
Backing up your email and contacts can be a critical way to restore your world should your online account ever be compromised.
Backups truly are the silver bullet of the computing world: a proper and recent backup can help save you from just about any disaster, including security issues.
- How Do I Back Up My Computer?
- What backup program should I use?
- How to Back Up Windows 10 (& 11)
- Can’t I Just Copy Everything to Back Up?
- How do I backup my GMail?
Overwhelming? It might seem so, but…
This might all seem overwhelming, but please believe me when I say it’s not nearly as overwhelming as an actual security problem if and when it happens to you.
The good news is that the majority of the things you need to do to stay safe on the internet are things you set up once and let happen automatically thereafter, or new habits you form based on the important things that you learn about keeping things secure.
While we might want it to be otherwise, the practical reality of the internet and computing today is that we each must take responsibility for our own security online.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
GREAT Internet Safety SUMMARY which has a perfect timing in the period of severe attacks by all the criminal hackers who’s only objective in their miserable life is to DESTROY ALL THE EXTREMELY USEFUL ADVICE ACCOMPLISHED by the GREAT ACTIVITY OF ‘Ask Leo!’ …
…MANY THANKS FOR THE SERVICE to YOU LEO FROM ALL of US – THE MICROSOFT- LOYAL USERS FOR MANY, MANY YEARS …!!!
How would I know if my regular mail program ( Thunderbird ) is using only encrypted connections? I use Linux OS but I see no difference in the TB interface and settings from Windows. Would you know off hand if TB uses encryption?
When you configure the account, you specify the server to connect to (things like smtp.gmail.com and the like). Along with that specification are checkbox’s to indicate SSL or TLS should be used. Either of those checked indicate encrypted connections. I believe you can review your account settings after the fact.
I bought a new laptop. Lenovo. I am wanting to add my pcmatic to this and microsoft says I can’t while in “S mode”. But advises not to turn off “S mode”. I am so confused.
In my opinion: “S” mode is … awful. As you can see it simply adds more confusion in the name of some kind of increased security. I’d have no hesitation to turn it off.
Leo, as I’m sure you know several of your items can be accomplished simply by using Linux as your operating system. As to malware, so far there’s virtually zero malware written for desktop Linux. Matter of fact, nobody so far has bothered to write an anti-virus program for Linux since it’s not necessary due to the inherent security built into Linux. There is one AV used on Linux but it only detects Windows malware to avoid Linux users forwarding infected files to Windows users. The big AV suppliers do offer commercial AV products for Linux but they’re expensive and aimed at servers, not desktop systems.
Updates are handled much better than those in Windows. 99% of updates (which occur often) run in the background, not affecting operation, and install much faster than those in Windows.
Linux is always free and the overwhelming majority of software is also free including several outstanding backup programs. For instance, BackInTime (for user files), Timeshift (backs up the OS). Both run in the background not affecting operation and feature multiple de-duplicated snapshots. Then there are offline Bare Metal rescue type backups like Foxclone. All are free and actively maintained.
Vigilance is still the watchword because browsers, email and texting are still vulnerable to phishing and malware. Sandboxing programs like Firejail (free) can go a long way toward mitigating those problems.
Linux is not a major target for malware, but it’s still vulnerable. As you mentioned, here are a few antimalware programs for Linux and it’s a good idea to install one. Most are expensive but ESET NOD32 for Linux is only $40 a year, and if you already have a Windows license, you can transfer the license to the Linux installation and vice-versa.
The fact the few people use antimalware protection with Linux might tempt a hacker to try hacking it.
Unfortunately, there are no free AVs for Linux which is ironic because most software for Linux is free.
The only time I’ve ever been compromised was a Linux server hack. Many years ago.
I’ve never had a problem with malware with Linux, and see no reason to spend even a penny on anti-malware. On the remote chance that my computer is compromised I have full daily backups, my important documents are in dynamically updated end-to-end encrypted cloud backup plus the daily full system backup and a weekly full system backup that’s created and then physically disconnected. I’ve had to resort to the backups more than once since I’m an inveterate tinkerer.
Hacking isn’t only installing ransomware or other malware that damages files, most hacking is for profit and backups don’t protect against stealing passwords and other information, or installing bots to send spam and phishing email, mine Bitcoin, and other things the hackers can monetize.
Leo,
I appreciate this item! It provided me a chance to double-check that my anti-malware/Internet Security efforts are up to date (and as complete as possible).
Happily, they seem to be. In fact, I am very pleased to note that my ATT-provided Wi-Fi router came to me with all security settings correctly configured. I live with my adult son. We both have full access to the router, and that is how I want it, so I have no need to change the devices access code, set an administrator password, or change the Wi-Fi connection password. The router comes with unique and long passwords/access keys. Remote access is disabled by default, and I cannot find any way to enable or disable UPnP (so I suspect the service does not exist at all). The router is configured to not respond to incoming requests of any type (ICMP or UDP) by default, so it is effectively invisible on the Internet. Finally, system/firmware updates are checked and installed automatically, so I didn’t have to change/set that up either.
I particularly like that you did not skimp on the part of Internet Security I consider most important (I call it Cognitive Security). It involves remaining very skeptical about EVERYTHING that comes from the Internet until its veracity can be confirmed using other sources. In other words, trust NOTHING until you can verify its truth for yourself.
I have been implementing all your other recommendations in this item for a long while, so I think I’m good to go with system security, encryption, etc. on all my devices. My Samsung phone even comes with Knox Security pre-installed, which greatly impressed me when I got the phone because Knox is one of the best-reputed mobile security providers, based on my research at that time.
For me, the bottom line here is that EVERYONE who reads this item should do as you suggest in each part of it and take the time to read and do as all the linked articles suggest too. It may seem like a lot to do now, but whatever it takes will be very insignificant when compared with what users will likely face if they don’t.
My2Cents,
Ernie
Thanks for the thoughts! I love the term “cognitive security”. I may need to steal that.
Yes Leo,
it’s a good summary & comments by Ernie, and I’m a strong supporter of all measures and efforts by the computer-users-community to fight the increased and ‘criminal abuse by the hackers’ because we all desperately need a substantial help by the legal steps to control this situation more effectively.
Tony H.
I like this article. I have a problem with having to roll back an up a change I made on bios. Can you tell me how to do this?
Unfortunately I cannot. That’s machine specific. You’ll need to contact your computer’s manufacturer. Normally it means reinstalling the prior version of the BIOS but how to get that and how to install it vary from machine to machine.
Your articles and videos are vastly outdated and do not compare to the younger generation.
Truth be told, LinusTech, Austin Evans, etc. have replaced you boomers. You don’t even hold a candle to 1/10th of their knowledge.
It’s okay, if you shill enough to Xbox, you may just get more clout, Leo.
I’m happy where I am, thank you.