The Seven Most Common Internet Security Mistakes (Part 1 of 2)

This is the first part of an important two-part post on Internet security, compiled by one of Bask's outstanding tech experts, Matthew Scholle.

"I have anti-virus protection but somehow I got an infection anyway. How did this happen?"

It's hard to say without knowing more, but chances are the person asking the above question made one of the seven Internet security mistakes on this list. Any one of them can lead to a malware or virus infection—or even identity theft.

Mistake #1
Weak passwords leave your computer, router, and online accounts vulnerable to what are known as “dictionary attacks”. This type of attack uses a dictionary to try different words to log in with your password.A short password is easy to remember, but it doesn’t protect you very well. Amazingly, one the most commonly used passwords is “password”.

How to Avoid Mistake #1
A strong password should be as long as possible to remember; as random as possible; and a mixture of alphabetic, numeric, and upper/lower case letters. A good example of this is if you wanted to use the word poetic for your password, you could change that to P0et1c to include capital letters, numbers or other characters. This new password is great because it’s almost impossible for hackers to guess.

We also strongly recommend you change your passwords every few months. You should never use part of your public identity, for a password—e.g., your name, birth date, home street, etc. Sometimes it’s difficult to keep all your passwords straight. Keep all your passwords organized in a contact book, filing each password under the first letter of the name of the program: Your Outlook password would be filed under O. Keep this contact book in a very safe place, away from prying eyes.

Mistake #2
Clicking on links in emails is convenient but dangerous. A phony or fake email that looks like it’s from your bank may contain a link to a site that looks like your online banking login page (called Phishing) but isn’t. When you enter your username and password on one of these sites, you’re really sending your information to hackers.

Recently there was a scam that involved people receiving an email that looked like it was from FedEx. The email asked for personal information in regards to the delivery of a package. Other examples include emails from major banks—like Chase or Citibank—claiming that the recipient’s credit card has been limited, or that documents require review.

How to Avoid Mistake #2
Instead of clicking on email links, always use the main login for the desired website in your Web browser (Internet Explorer, Firefox, Google Chrome, or Safari) and log in the “hard” way. This a small extra step that can save you from identity theft. Opening links in emails or attachments in emails can lead to dangerous results; it is best to VERIFY the sender and content before opening anything in the email message.

You can also right click on the “from” address in any email to see where it’s come from. If an email is claiming to be from your bank but was sent from a hotmail account, that’s a red flag. Major companies will never ask for your personal information or payment in an email. Always be sure to check the language of the email message; fake emails are often contain bad grammar and spelling.

Mistake #3
Failing to keep software up to date is another common mistake. Most of the Windows Updates issued by Microsoft are security patches that address real and urgent issues. They are not called “critical updates” for nothing. Software programs should also be kept up to date. If you are unsure on how to do such an update, Bask is always willing to help.

Tips to Avoid Mistake #3
Many programs come with automatic update utilities; it’s a good idea to leave them enabled so that you at least get notifications when updates are available. If you are a Bask member, regular TuneUps are every 3 months and help you install critical Windows updates to keep your computer humming along.

Be sure to check in next Monday for the rest of Matthew's invaluable security tips.