So what can you do to protect yourself, your privacy and your identity? Here are five tips that should have you surfing more securely:
1. Use strong passwords.
With everything requiring a password, from your email, to your facebook, to download accounts and bank accounts, it's easy to choose a simple password to make it easier to remember. Unfortunately, this leads to hackers finding it easy to bypass your passwords and gaining access to YOUR information. Make sure that it's protected by using a strong password :
- must contain at least 8 characters.
- contains a mix of letters, numbers, and special symbols.
- must not be a word in the dictionary.
- should never be any personal information such as a name or address.
Oftentimes, it's easy to just click OK to every pop up that comes along. "Remember your password?" Click OK. "Always trust content from this publisher?" Click OK again. What you may not know is that you may be clicking OK to a hacker to access your browser. Increase security in your browser by always reading the pop up messages and understanding before you click OK. Increase the security levels of your zones in the browser, by using the Security option under your browser options menu.
3. Keep a clean cache.
Every website you log into will populate a cookie on your browser. Cookies are little bits of text files that are stored in your cookie folder, which essentially logs your IP, activities, username and passwords. They are also used to prove authentication during a session. For instance, once you have logged into your bank Web site, a cookie is created and stored on your system. If an attacker acquired this cookie, it could then be used to impersonate you. To prevent this, do not surf other Web sites while still being logged into a bank—or any secure Web site for that matter. Be sure to log out of the bank site because this will usually delete the session cookie.
4. Beware of phishing.
Websites that are configured to look like the real thing - frequent websites that are targetted are bank websites, shopping online sites and even car retails. Anything that is connected to something that you transact with either your bank account or your credit card. When you log in unsuspectingly, your details will be captured and leads to identity theft. For more information on phishing attacks and how to report them, please visit Report Phishing provided by US-CERT Coordination Center.
5. Verify a secure website.
Make sure the website you enter your personal information on is secure. When a site is “secure,” the communication is encrypted using Secure Sockets Layer (SSL). There are two ways to verify that the page utilizes SSL :
- The first method is to look at the address bar to inspect the URL or Web page address. It should begin with “https” rather than “http.”
- The other method is to look for the lock icon. Depending on your browser, this icon will be located in a different place. In Internet Explorer 6 and 7, the lock is on the bottom right hand corner of the window. In later versions of the browser the lock is by the URL as part of the address bar. By clicking on this icon, you will be able to view the SSL Certificate by a Certificate Authority.