The Ultimate Guide to Online Privacy

Every day, more and more of our daily interactions are taking place online. We interact with our family and friends, with our colleagues and clients, and with our schools and banks through online platforms on our computers and phones.

As we spend more and more time online, it is wise to take a step back and really understand how we should approach our online privacy and safety. We need to be better informed about cybersecurity risks and precautions.

While our shift towards complete online lifestyle integration has crept on us through convenience and application, we don’t always understand how much of ourselves and our personal details we are sharing online, putting our online privacy and security at risk. We might not even understand how seemingly harmless information could come back to haunt us, both financially and reputationally.

You may have heard or read about cyber-security threats like malware or botnets but decided that it was too technical to understand and therefore ignored it. Unfortunately, with the integration of technology into our lives, we can no longer be ignorant to the dangers at hand.

This comprehensive guide will help you understand the online privacy issues you could come into contact with each time you open a new tab, or with each new app you grant permissions to. This guide will show you how to protect your privacy online, with useful and relevant online safety tips. As a reference point, this guide will help you to maintain and protect your personal privacy online.

General safety tips

With every click you make and page you open, you leave a trail of information. Your browser’s history page is an example of this. You might think that the only information you give a website is through filling in a form. That’s not the full picture, unfortunately. Your movements, clicks and searches are stored. You can imagine, that with the millions of people using the internet every day, there is an overwhelming amount of data being generated.

It’s no surprise that analyzing and interpreting data has become so sought-after in the corporate world. We know a lot about humans through their choices and the paths they create online. This helps us to market more effectively, and target advertising more specifically to increasingly defined markets.

There are a handful of general safety tips that will help you understand the landscape in more detail. These include understanding cookies, SSL, and healthy browsing. This guide will go into greater detail later on. For now, let’s orientate ourselves to browse mindfully by being aware of how our information is accessed.

Cookies

How many times have you read the cookie terms and agreements when browsing a website? Most of us just accept whatever the terms contain so that we can access the article or page we’re looking for more quickly. But what are cookies?

Cookies are small files that are stored on your computer through the web browser. They store your activity and visits to a particular website.

Some cookies are necessary – for example, keeping track of items in your shopping basket – while others are used to create user profiles for marketing. If you have no nefarious motives, and if the website is a well-known company with a global reach, what could be the harm in giving them access to our cookies?

Unfortunately, it’s not just the website you’re visiting that is storing your information. Your data is sold to various other platforms who use it to market products to you. Is that so bad? In an ideal world, perhaps not, but the internet is far from an ideal world. The fact that companies can store and distribute your online interactions means that it is possible for others to do the same. In this way you can be targeted for spam advertising and essentially enter an echo chamber of the same products being marketed to you, even once you buy them.

We also don’t necessarily know who they are selling your information to.There could very well be foreign groups with ulterior motives, trying to understand how to appeal to you and your community. The news headlines have been awash with election tampering claims, and often these include paid-for advertising on social media platforms. In other words, some groups will use your information to target specific political adverts or articles to your social media feed.

All things considered, you can generally trust the more established websites like Borgata and accept their cookies. When browsing more obscure sites, rather spend a minute or two browsing the ‘read more’ option and see what information is being used and who it is being shared with. You can always err on the side of caution and refuse to accept cookies. That’s your choice, and every site should give you the option. If not, perhaps that’s not the type of website you’d like to give your browsing information to.

Cookies can make browsing more seamless. It’s a way you can store login details, create wishlists, and shop online. There is nothing wrong with accepting cookies. The choice is yours. However, it is important that you know what cookies are, especially if you are browsing obscure websites that are asking you a blanket ‘accept all’ option without you understanding what that entails.

SSL certificates

There are a lot of businesses who offer an online storefront, or services that you can pay for online. Even banks have fully embraced online transactions, and we all know the convenience of internet banking versus spending a couple hours in the bank.

But how do we know that our transactions are secure, and that nobody else is seeing our details? A simple way to know if your transaction is secure is by looking at the URL of the website you’re on. If it begins with ‘https’ then it’s secure, if it is just ‘http’, then the risk significantly increases.

‘Https’ signifies that the website has an SSL or TLS certificate. These certificates ensure that your data is encrypted and that the transaction is secure. SSL stands for Secure Locket Layer and TLS stands for Transport Layer Security, but in essence they are the same thing. They both allow your transactions to be encrypted so that nobody besides the sender and receiver can access it, and provide keys to unlock the transaction.

This means that when it comes to sensitive transactions, for example those involving money, you can feel secure that your bank details and information are not accessible to others. It also indicates that the company behind the website are serious about secure transactions.

For an added level of surety, you can view the website’s certificate. If you click on the lock icon in the URL address bar, it will give more details and links to view the certificate. There are three types of SSL certificates:

1. Extended Validation: This ensures that the company owns the domain, that the company is who they say they are, and that the company has the full Extended Validation SSL certificate.
2. Organization Validation: This is similar to the Extended Validation SSL certificate but doesn’t verify the business as thoroughly.
3. Domain Validation: This confirms that the company has the right for the domain and that transactions are encrypted.

 

Most banks and websites that host financial transactions have Extended Validation SSL certificates. You can tell this by looking at the URL address bar, it should display the company name and country code to the left of the URL.

Financial transactions aside, there are dangers for any website that you have a login for. Your login details often use the same email address, so it is essential to only login to websites that have an up-to-date SSL/TLS certificate.

Password safety and best practices

Login details are the front door for many websites. Whether you’re logging into your social media, email, online learning platform or streaming site, password safety is of utmost importance.

With the dawning of the Internet of Things, we can see that our appliances and platforms are becoming increasingly integrated. While this brings exciting levels of convenience and integration of technology in our lives, it also means that our passwords are the gateway to accessing all our sensitive information.

It can be challenging to create complex passwords with capitals, numbers, special characters and a combination involving your first pet’s name. It’s also tricky to create a unique password for each platform you use. As a result we often use the same password across our various accounts. The risk here is obvious, if someone finds out one of your passwords, chances are they could figure out your Facebook, Gmail or banking passwords. The damage to be done, personally, socially and economically is not to be underestimated.

So what is the solution? Should we store our passwords on our web browser when prompted? It does make it easier to login the next time you access the site, but sadly this is not advised. While this may appear safe, it is not hacker-proof. Should someone gain access to your computer, for example through an unprotected port, they could extract all of your usernames and passwords. Even if you haven’t saved your banking passwords, if your passwords are similar, it wouldn’t be too difficult for someone else to guess them. So rather avoid allowing Chrome or other web browsers to remember your password if possible.

As with anything in life, there is no way to perfectly protect your information. It is rather a question of what poses the minimum risk. In terms of passwords, the best current solution is to use a combination of a password generator and a password manager.

A password generator can be found online or you could play scrabble on a notepad with an alphanumeric combination involving full stops and special characters. While you might not remember this password off by heart, that ironically enough is better. Passwords are often about our favorite teams or people, so having a password that is removed from sentimentality will make it even more difficult for someone else to guess what it is.

A password generator will ensure that your passwords are as complex as possible. But what next? Do you need to carry a notebook with you wherever you go so that you can remember your passwords? This is where a password manager comes in.

Password managers are applications and platforms that store all your passwords in one secure location. You can use an offline or online password manager. Both online and offline password managers cannot offer complete safety from hackers. But it is the safest possible option, short of keeping your passwords in your head.

Password managers will add additional encryption to ensure that your passwords have optimal protection from the peering eyes of others. You will likely have to remember at least one password though: to unlock your password manager. With time and technological advances such as facial recognition, this too could change.

If you don’t feel comfortable using a password manager, you could also make a habit of changing your passwords regularly. This can be as simple as finding different combinations of the same word, swapping out letters for numbers, or just creating a new word altogether. Thankfully, when we forget our new password, most sites send you an email to change password. This gives you another opportunity to think of a new and unique password.

Antivirus software for different systems/platforms

The internet has brought many resources and applications to our home computers, but with it, it also brought viruses. While viruses may not be as attention-seeking and computer-destroying as they were initially, they still exist. In fact, they have become more nuanced and difficult to detect.

Antivirus software has had to adapt and develop alongside an agile and shifting online landscape. While there is a lot of free antivirus software available, it is better to use a paid-for solution.

Antivirus for desktop computers

It is highly recommended to get an antivirus for Windows if you have a Microsoft computer. Windows was targeted by hackers in the late 1990’s and 2000’s. Whether it came via email, or downloading a patch for a game, you were sure to meet a virus somewhere along the line. Many antivirus providers offer free trials. This can be a great way to understand the platform and what it can pick up.

Apple’s operating system, by design, is relatively protected from viruses. That being said, it is still possible for a Mac to get a trojan horse virus. Installing an antivirus for Mac is recommended. Mac does allow you to set very stringent checks in place to safeguard against opening programs from unknown development teams. This relies on your better judgement to resist overriding your safety checks. When you’re downloading an exotic application, your intrigue could override your safety concerns. In this case an antivirus is the safer solution.

Antivirus for mobile phones

Of course, we should not ignore our mobile phones. As with internet banking, mobile banking is offered by almost all banks. We can access our emails, social media and work documents through our phone. This has made our mobile phones increasingly important, and increasingly in need of protection against viruses.

Many mobile phones come with a virus scanner already installed, however they may not be as thorough as specialised antivirus software. We download many applications from the Android and Apple stores, and we don’t always know whether the developers can be trusted. An up-to-date antivirus for Android and Apple phones is wise way to protect yourself and your data.

It’s not just downloading applications that should be done with caution. Browsing obscure or illicit websites, and accepting cookies could lead to your mobile becoming infected with a virus. This is prevalent with younger mobile users, who are looking for free games or don’t understand what they are clicking on.

It is important to educate younger users of the dangers of viruses in terms of performance and access to sensitive data. Of course, you won’t be able to constantly look over someone’s shoulder, so installing a strong antivirus is advised, particularly for parents with teenage children.

Selecting an antivirus

Finding the best antivirus for your needs can be a daunting task. Your choice would depend on whether you’re looking to install it on one device or all of your devices. It also depends on what you are using your devices for. For example, if you are only using your computer for its word processor and sending emails, you could go for an antivirus that provides email scam safeguarding as a core offering. If you are a writer and need to browse all the corners of the internet, then you could go for an antivirus that provides strong URL filtering and internet security.

There are a host of antivirus providers who offer free trials. These include the established antivirus providers such as Norton and McAfee. This is perhaps the easiest way to find your ideal antivirus provider without the risk of paying upfront.

Understanding malware

Malware is the biggest cybersecurity issue in the current technical climate. What is malware? Malware, a contraction of malicious software, is a type of software designed to take your data, damage your device and frustrate you. Viruses are an example of malware. Unfortunately there is more to malware than just viruses.

Some antivirus companies use the term antivirus to provide a product that is essentially anti-malware. By definition, a virus is a type of malware, however there are additional challenges that malware poses outside of viruses. For a full malware definition, let’s look at some of the main types of malware.

Virus

For the lamen, anything that causes your device an issue is a virus. Technically, a virus is a specific type of malware. Viruses usually appear as an .exe file because they require a host program to use as a base. It can either make existing software unusable or damage other files on your computer.

Worms

If your parents continually complain about how slow their computer is and how long it takes to do menial tasks, then chances are that they might have a worm. Worms use network interfaces, like emails and USB flash drives. They will spread across your computer and hamper its performance and frustrate simple performances. A worm is different from a virus in that it doesn’t require a host software to house itself.

Trojan

Like its namesake, a trojan is a type of malware that allows other malware to enter your computer. It usually comes in the guise of a program that you think will help your cause. Instead, it will allow another user the opportunity to install or delete at their discretion. They can also use it to access your passwords stored on your browser (see Password safety and Best Practices as to why you should not store your passwords in your web browser).

Spyware

Spyware is a malware that accesses your user data and interactions without you knowing. In this way, spyware can be used to see your passwords, banking details and social media logins. Spyware can gain access to your computer through pop-ups and software installation. If you’re thinking of streaming your favorite show, and constantly click-away pop-ups, chances are you’ve shared a space with some spyware.

Ransomware

Ransomware has gained itself a reputation as the most debilitating malware on the internet. What is ransomware? Ransomware is malware that restricts you from accessing personal files and/or operating the device until a ransom is paid. It does this by encrypting your personal data and locking you out of your device. In order to gain access once again, you need to pay a ransom.

As with all of these types of malware, prevention is better than the cure. Many antivirus providers offer malware scanner functionality so that you can find and remove any malware nestled in your computer or mobile phone. Make sure that this includes ransomware protection and the ability to remove unwanted malware.

Removing malware

So you clicked on an ad you shouldn’t have. To make things worse you searched Google looking for a way to run Windows on your Mac and you downloaded what seemed to be the perfect application. The developers are unknown, but aren’t we all when we start out? You download it and the next thing you know, things are not running as smoothly as they once were. You run a virus scan and find a host of malware on your device. Now what?

Malware removal is not a one-size-fits-all solution. As you’ve read, there are many different types of malware. Each has their own crux of power, and specific way to remove them. If you have an antivirus program, they will generally be able to pick up and remove the malware. However, some malware will require you to take your device to a computer specialist, who will need to enter Safe Mode to remove the unwanted malware.

The risk will remain ongoing. Therefore, ensure that you have effective malware protection. Make sure your firewall has been setup, and that your antivirus remains up to date.

Malware can be found on any type of device. While Mac has a reputation of being virus-proof, it isn’t. Mobile phones are also increasingly being targeted. If you have a Windows computer, chances are you already have an antivirus program, or a very slow computer. Either way, malware doesn’t show any signs of disappearing in the foreseeable future, so ensure that you stay informed of the risks it poses to your personal information and device security.

Hackers and cyber criminals are also finding new ways to use malware with existing technology to create larger issues. An example of this is the creation of malicious botnets. Cyber criminals use the botnet functionality to conduct malicious activities.

Privacy settings on your web browser

Some say their greatest fear is someone publishing their Google search history. We ask the internet questions everyday. Some questions are about our job, some are about our relationships, and some are recipes or how to kick-start a car. Regardless, your web browser is a vivid reflection of your mindset and interests. If you backup your mobile phone data on Google Drive, chances are your browser has a few awkward photos on them as well, not to mention some of your messages. Why is this a concern?

While you might enjoy your own room, and how you live in it, you might become self conscious if someone else had to see it. In the same way, there is a likelihood that others will see some of your web browsing history, and you might not feel too comfortable about it.

Other people accessing your desktop can come from them typing in a URL and seeing the predictive text pull up an article you read, to spyware and related malware that use your web browser data to access your passwords and finances.

Thankfully, most browsers understand their responsibility when it comes to storing your data. There are multiple ways that you can adjust your privacy settings on your web browser. These privacy settings cover everything from browsing history and stored cookies to saved passwords and bookmarks. Each browser has their own ways of setting your privacy.

Google Chrome

Chrome offers users the ability to use an Incognito Browser window. Browsing the web with an Incognito Browser won’t save your browsing history, cookies and site data, or information entered in forms. Your browsing will however still be visible to websites that you visit, the internet service provider and, in some cases, your employer or school (don’t think that Incognito gives you anonymity to hurl abuse at your boss or teacher).

Additionally you can enable ‘Do Not Track’ in the settings of the web browser. This sends a request to websites to ask that they don’t target their ads to you based on your data. Unfortunately, this hasn’t been seen to be effective as of yet. Nonetheless, it’s worth enabling if you’re inclined.

You are also able to control and remove the cookies stored on the browser. In terms of control, you can decide whether you give access to third-party cookies or allow websites to save and read your cookie data. As mentioned in the Cookies section above, some cookies are necessary for a smooth browsing experience, while others are used to target ads based on your data.

Mozilla Firefox

Firefox is a web browser that is often on the forefront of privacy settings. Many of its developments have to do with improving privacy settings. While this is fantastic for privacy concerns, it also helps to speed up your web browsing experience as it is less cluttered with trackers operating in the background.

It also offers the ability to use a Private window. Using the Private window erases your passwords, cookies and browsing history. The Private window also blocks hidden trackers that would be able to access your data after you close the window.

As with Chrome, you can enable ‘Do Not Track’ in the settings of the browser. Alternatively, you can select that you wish to allow sites to track you.

In terms of browsing history, you can set your browser to ‘Never Remember History’. Alternatively, you can delete specific pages from your history. You also have the ability to customise your cookie engagements, trackers, cryptominers and fingerprinters. Firefox’s Content Blocking functionality is a great way to navigate your online privacy.

Safari

Safari is the native web browser for Apple products. It also has the ability to open a Private window. The Safari Private window doesn’t keep a history of the pages you visit, what you searched for, or any information that you entered into forms.

Safari has removed the ‘Do Not Track’ toggle. It has done so because Apple has found the feature to be outdated. There is no legal requirement for websites to respect your wish to not be tracked, and as a result, the request is largely ignored.

Apple have added cross-site tracking prevention. This allows you to prevent companies from tracking your browsing across multiple websites. Safari also has the functionality to delete browsing history and manage existing cookies.

While there are many other web browsers, it is important to configure the one you use. Understanding what is tracked and what is not will help you to feel more secure about your privacy concerns. Equally, it will put your mind at ease knowing that your private search history is not being passed around between marketing departments of a company you have no desire to share it with at all.

Privacy settings on social media

Personal privacy on social media sites has become increasingly covered in major news stations. Why is this? It became apparent through whistleblowers that profile information on Facebook was being used by a third-party to construct targeted political campaigns to users; the catch being that none of the users signed up for this or agreed to have their information shared for this purpose. Or did they?

If nothing else, what the Facebook and Cambridge Analytica case highlighted was the need for social media users to understand their privacy settings in greater detail. Facebook, like most social media sites, is free. You can create a profile for free, and upload photos and communicate without paying a cent. But what happens with all of your personal data?

Social media sites are of course businesses themselves, and make money through advertising. For example, if you have a business page, you can pay to promote your ad. To this end, companies are able to build apps for social media platforms. They can also collect user data. If you’re not sure what your privacy settings are, then chances are you could be handing over your data to a host of companies you might prefer not to.

As with your web browser, make sure that you are familiar with the privacy settings for your favorite social media platforms. As with all websites, social media platforms are always updating and improving their service. To this end, the following privacy overview will deal in broad strokes, covering what elements of your privacy you should be aware of for each popular social media site.

Facebook

Facebook has been taken to task over privacy concerns after the Cambridge Analytica revelations. The company has continuously sought to address users’ privacy concerns. As a result, a lot of new focus has been given to their privacy settings.

In terms of your photos, messages and interactions, you can set whether these are visible to the greater public, your friends, or a select group of friends. You can also set what personal information is visible on your profile if at all.

Another section to be aware of is your Apps and Websites section. This is where you can set whether you have the ability to interact with apps, websites and games both on and off Facebook. You may discover some apps or games that you can’t remember playing. It might be safer to remove those apps and turn off the Apps, Websites and Games function.

Facebook has also tried to offer more transparency about how your information is used for ads. Here you can select whether or not to allow ads based on data from partners. This includes using data from advertisers and other partners from your interactions on Instagram, WhatsApp and Oculus.

You can also select whether or not to allow ads based on your activity on Facebook Company Products that you see elsewhere. This includes platforms and websites that use Facebook’s advertising services.

The final ad setting is to allow ads that include your social actions. For example, if you like a page, and they post a new story, it will display that you like it as part of the advertisement.

Facebook also allows you to hide ad topics relating to alcohol, parenting and pets. You can also give consent for Facebook to show you ads based on your relationship status, employer, job title and education.

Twitter

Twitter allows for a host of personalization as it pertains to your tweets and your data. In the Privacy and Safety section you can set your privacy restrictions for tweets, direct messages, discoverability and contacts, Safety, Personalization and Data, and Twitter for Teams.

In the Privacy and Safety section, you can use these settings to protect your tweets from being displayed to users who don’t follow you, whether you can receive unsolicited direct messages, and whether you can see sensitive media by default.

In the Personalization and Data section, you can control how Twitter personalizes content and collects and shares certain data. This involves whether you’d like to receive personalized ads based on your Twitter activity.

You can also set whether you want Twitter to personalize your experience based on your inferred identity. The way this works is that Twitter will look at your browsing on devices that you haven’t used to login to Twitter with, and inferring information about your identity. For example, if you only use Twitter on your phone, Twitter can see pages you browsed on your desktop computer that contained embedded Tweets, and infer that it is you browsing that page.

In terms of Data, you can select whether you want to track where you see Twitter content across the web, and share your data with Twitter’s business partners.

Instagram

Instagram was acquired by Facebook in 2012, and has increasingly integrated with its parent platform in terms of advertising. That being said, there isn’t too much you can control in the settings relating to how your data is used for ads. You are able to see your account data, which will give you an indication of what your ad interests are.

In terms of profile privacy, you have the ability to make your account a Private Account. What this means is that only people you approve can see your photos and videos. If someone wants to follow you, they will send a request, and you will have the choice to approve it or deny it.

You can also set your activity status. This will indicate when you were last active on Instagram. If you turn it off, you won’t be able to see the activity status of other accounts either.

You can also decide whether you want others to be able to share your stories, and tag you in photos that they post.

Snapchat

Snapchat is perhaps the biggest competitor to Instagram. It has settings to control your privacy as well as advertising and interest preferences.

In terms of privacy settings, you can set your preference for who can contact you directly, whether you want to receive notifications from everyone or just from your friends, who can view your Story, who can see your location, and who can see you in Quick Add.

In terms of advertising and interest preferences, you can set your preference for receiving audience-based ads and activity-based ads.

Audience-based ads are for advertisers who want to show their desired audience relevant ads. They do so by using information received from Snapchat’s partners.

Activity-based ads show ads based on your activity outside of the service in which you see an ad. For example, if you search for a movie on a website that shares data with Snapchat, you’ll likely see ads for similar films.

Additionally, you can limit ad tracking and opt-out of interest-based ads. You can also manage your lifestyle categories, which are content categories that Snapchat has identified based on your watching history.

LinkedIn

LinkedIn is a social media platform that focuses on businesses and careers. It boasts an enormous network of users, and working professionals are adding new contacts week by week.

The main privacy settings can be found under the Privacy, Ads, and Communications tabs in your profile settings page.

On the Privacy tab, there is an extensive list of settings that you can adjust. These fall mainly under how others see your profile and network information, how others see your LinkedIn activity, how LinkedIn uses your data, your job seeking preferences, and the ability to block and hide users. Each of these sections have detailed settings options, and it could be worth browsing through your default settings.

On the Ads tab, you can adjust the settings to do with general advertising principles, data collection on LinkedIn, and third-party data. Ads on LinkedIn might differ from the conventional ads, as they are generally related to a job vacancy rather than selling a product. It is still wise to understand how your data is being used by third-parties.

On the Communications tab, you can set your preferences for notifications and how they are received, who can reach you on LinkedIn, and adjust your messaging experience.

LinkedIn provides a comprehensive list of privacy customizations, and it may be a little bit daunting to go through all of the settings. However, because it has to do with potential career networking and job opportunities, it is worth your while.

On the whole, while social media platforms are free, we should be aware of how we can adjust our privacy settings in terms of visibility, but also understand how our data is used to target advertising. Targeted advertising reveals a lot about your identity and interests, which you may or may not feel comfortable sharing with third-party companies.

Webcam safety

Many advances in technology have sought to facilitate communication between people that are not in the same room. Whether it be through a forum, a live chat room, a voice call, or a video call.

To this end, almost every smart device you own will have a camera application. We use it to take photos and videos, but also to conduct webinars and video calls. While we think we are always in control of when the camera is on or not, this is simply not the case.

As our computers and phones are connected to the internet, there is always the possibility that our applications can be targeted by malware, such as spyware. There have been cases of CCTV cameras being hacked because their videos are being stored on a server that is linked to the internet.

What’s more frightening is that it is possible for hackers to gain access to your personal webcam and watch you without you knowing it. How is this possible? A hacker could find a vulnerable web application, and add malware to the site. You could then download this malware when you open their addition to the site. Similarly, if you download an android app with unknown developers, you could be welcoming a trojan into your device.

Once in, the trojan can allow another user to access all of the files and applications in your computer, including your webcam. They can run any application on your computer – once again, including your webcam. Before you know it, someone is watching you through your webcam.

While this sounds horrifically invasive, there are a number of steps and precautions that you can take to ensure that this does not happen.

Firstly, you should ensure that all of your software is up to date. Dated versions of Java and Flash could offer easy entry points for malware. Run regular updates on your software, not just to share a new feature or functionality with the end user, but also to deploy added protection to the code base to safeguard against found weaknesses.

Secondly, you should have an antivirus program installed and up to date. Your antivirus program should have an anti-malware scan functionality. Run the scan regularly to find any lurking malware on your device. Once discovered, remove it immediately.

Finally, you should consider sticking a plaster or electrical tape over your camera lens. There are ways to do this that don’t add any residue to the camera, but at the very least you can feel secure knowing that nobody will be able to watch you, even if you have added their malware unknowingly.

The reason to have strong webcam precautions is because hackers can use your video footage as blackmail to illicit funds or favors. They can also just be a peeping tom, and watch and record footage of you for their viewing pleasure. Either way, it is better to err on the side of caution.

If the idea of having a camera bothers you too much, you can also uninstall the driver and delete the webcam functionality. This wouldn’t be advised if you intend on using the webcam for video calls or vlogs.

While webcam hacking is perhaps one of the creepiest forms of online privacy invasion, it should be a stark reminder to the power that malware has when added to your device. For example, your device’s microphone can also be hacked and someone else could be listening in. Maintaining up to date antivirus and software releases will be the best way to protect your device from malware.

VPNs

These days, more often than not, our work laptop is our personal laptop. We often have our personal details stored on our computers that we take into the work office, co-working space or coffee shop. In these shared spaces we often all be using the same WiFi connection.

While you could be forgiven for trusting your fellow employees in the work office, if you are using a co-working space or coffee shop, you need to be aware of the risks of a shared WiFi connection. You don’t know who else is using it, and they could be a hacker, and they could intercept your information.

While we advise you to never do online banking on a shared WiFi connection, for example at a coffee shop, we do know that some payments are time sensitive. You might not have the flexibility to go home, connect to your own secure WiFi, complete a transaction, and then head back to the co-working space and resume your work day.

To allow for more flexibility and security, it is best to invest in a VPN. A VPN is a Virtual Private Network. It is software that creates a secure connection to the internet. What is a VPN going to do about coffee shop hackers? It will create a secure connection through a VPN, ensuring that your information is encrypted. This makes it extremely difficult for hackers to intercept.

Some businesses set up their office with its own VPN. This allows remote-working and travelling staff to still access their business’ network from different locations. With VPN private internet access, staff members can have added flexibility while still maintaining the company’s network security. While VPNs offer secure browsing and transactions for freelancers and remote workers, it can also offer personal value.

Some platforms and content is only available in certain areas of the world. This is commonly known as geo-blocked content. This can be frustrating if there is no practical reason why you shouldn’t have access to the site or content. A benefit of a VPN in this instance is that the server can be located anywhere in the world. If you live in Australia, you could setup a Canadian VPN meaning you would essentially have a computer in Canada. This would then give you access to geo-blocked content, because the VPN will place your computer in the selected region.

In countries where certain platforms and software have been banned, a VPN will help you bypass the censorship regulations. If you would like to censor your own browsing activity, a VPN will hide your browsing activity from your local network and internet service provider.

The VPN might still log your browsing history, so make sure you don’t use it for illegal reasons.

There are many ways to get a VPN, both personally or as a business. You could set it up yourself, or a provider could set up VPN servers on your behalf. There are many free VPN providers available, however most of the best VPN providers offer a free trial, so it may be worth paying for it after a trial.

Either way, as the work environment becomes increasingly flexible, and with co-working spaces and coffee shops being used more widely as work spaces, a VPN is the safest way to complete transactions wherever you find yourself connected.

Online scams

Online scams have been a persistent threat since the formation of the internet. They tend to have a humanistic element to them, appealing to people’s sympathies and fears. Some of the most famous online scams include the Nigerian Prince’s captive finances, the winning Lotto receipt in your spam folder, and the fake antivirus warning popups.

What these online scams all have in common is that they want your identity to access your money. It is as simple as that. It isn’t always obvious at first though – it might seem that someone genuinely wants to help you, or for you to help them out of a tragic situation. This is the danger! Once you start engaging over email, you drastically increase the risk of being infected with malware through downloading attachments or clicking on the links.

While some online scams come in the form of popups and SMSes, the bulk of them will arrive through your email inbox. The most common type of online scam is called phishing.

Phishing

One of the most enduring forms of cyberattacks is phishing. What is phishing? Originating in the 1990s, phishing is a technique that cybercriminals use to access your login details, banking details and other sensitive personal data. The technique involves creating deceptive emails and fake websites to trick you into entering your login or banking details.

The name phishing, pronounced fishing, was coined to describe this process of luring a victim, trying to make them take the bait. The bait would usually come in the form of an email. The email would be addressed seemingly from a colleague, a well-intentioned stranger, or a concerned technical support member of a platform you use. In the email they would urge you to access the platform, via the link they have conveniently provided, and sign in to complete or view their need.

If you click on the link, you will be taken to what looks like the legitimate website of the platform in question. You would login as you normally would. Then there would be an error or absence of what was mentioned in the email. Suddenly, you can’t log in any more. The next thing people are contacting you, letting you know that what your account has been sharing or doing seems out of character and inappropriate. You desperately try login but can only report it to the platform support and hope it is resolved as soon as possible.

This scenario describes a successful phishing attempt by the cybercriminal. It is very serious and can cause career and financial disaster for victims of phishing attacks.

Phishing combines a setup process where the cybercriminal will clone a legitimate website and then point the login page to a credential-stealing script. A phishing kit is then added to the illegitimate website. Emails are then sent with a link to the illegitimate website. When users login on the illegitimate website, their login credentials are stolen.

How do you know if an email you received is a phishing attempt? There are often tell-tale signs when you encounter a phishing email. It may be that the request seems bizarre or that you don’t recognise the sender of the email. The most important thing is to read the spelling of the link in the email. This can be tricky, for example a capital ‘i’ looks the same as a lowercase ‘l’. In a long URL, you might not notice the difference.

Even if you click the link, check the SSL certificate of the website. To be sure, type the URL  of the website in a new tab and compare the SSL certificates. In this way you’ll spot the fake.

While phishing has been around for over 20 years, it still claims many victims yearly. There are different types of phishing that describe the different victims a cybercriminal is approaching:

• Spear phishing: This is when a specific individual is targeted. It could be a team member or vengeful friend.
• Whaling: This is when a CEO or high-ranking politician is targeted. They would be considered a big fish, i.e. a whale.
• Pharming: This is when malware has been added to a server to redirect users to fraudulent websites without their knowledge.

 

The best possible precaution is to be highly skeptical of the emails you receive outside of your trusted contacts. If you don’t know the sender, and the link is to a platform that requires your login details, do not engage with the email. Having an up-to-date antivirus will also help to catch harmful links and attachments.

Botnets

As with most technology, what is designed for good can also be manipulated for bad. Botnets are a great example of this. Botnets on their own are not malicious or illegal. In fact, they can improve our user experience online significantly.

What are botnets? Botnets are a series of connected computers that perform repetitive tasks. A common example is Internet Relay Chat. Internet Relay Chat provides synchronous and convenient communication for group communication in discussion forums.

While botnets don’t seem too harmful, they are. Botnets are one of the biggest threats to security systems today. If you’re discussing real world cybersecurity issues, botnets should be at the top of the list.

If you haven’t heard of botnets before, you may be more familiar with the havoc they’ve introduced – most notably fake news. Although we might think of fake news as a way for politicians to avoid addressing contradictions in their statements, it does in fact have more of a grounding in technology and social media.

The use of fake news in advertising on social media has already had measurable impacts. The 2016 United States of America Presidential Election was marred by claims of voter base manipulation. This happened on both Facebook and Twitter, and was the results of botnets. A 2017 MIT study on fake news found that automated accounts and social media botnets play a major role in the online spreading of fake news.

Fake news aside, botnets have also raised concern for how it can be used to force a network of computers to mine cryptocurrency, deploy malware and access personal information. To address these issues, we need to understand the technology behind them, and to safeguard against it. To understand botnets further we need to understand how they are constructed.

Building botnets

In a simple sense, botnets are a network of robots that perform tasks. To create a botnet, you need to connect multiple online devices that are infected with the botnet code. Botnets gain access to a device either through hacking or through a spider. A spider finds security holes online and begins an automated hack to gain entry to the device.

Once your device is accessed, botnets will try to add your device to their network. To do so they will use malware – either a trojan or a drive-by download (like a fake pop-up message). Once you click on it, your device will be added to the network.

The person who sets up and controls the botnet will now have access to your device. This person is also referred to as a ‘botmaster’. The more devices in their network, the stronger the botnet becomes.

A large botnet is powerful because it can execute a task in unison. A common malicious use of botnets is for Distributed Denial of Service (DDoS) attacks. This is where a website or platform gets thousands of simultaneous site hits and it crashes the website or platform. Botnets are also used for ad fraud. This where the botmaster sends the botnet to click on ads that the botmaster owns, thereby making earning advertising fees.

Social media marketing and viral content shows the value of mass movement online. This is where botnets are malicious: they can create fake online movement, which impacts our engagements and advertising online.

Protection from botnets

While botnets can cause a great deal of harm, they can be difficult to detect. To do so requires vigilance and awareness of online safety best practices. As a starting point, you should be wary of any potential malware. Your computer is most often added to a botnet by your own actions, by either clicking on a trojan horse or downloading illegal and unverified files:

• Don’t click on unknown attachments in emails if you are unsure of the sender.
• Make sure your firewall is set up.
• Download the latest updates for your software when they are available.
• Configure your browser to detect suspicious files and websites.

 

Most importantly, you should make sure that your antivirus is up to date. In this way you can detect any malware on your computer and delete it. As long as the malware remains on your device, you could still be part of the botnet.

The technology behind botnets is not illegal or malicious, but in application along with malware, it certainly is. Don’t be surprised to see increased botnet regulation added to online privacy laws.

Banking safety

Banking safety has been of concern since before the dawn of the internet. While in some cases it is safer online than at an ATM, there are still a host of dangers involved in online banking.

If you have malware on your device, it can be used to hand over banking details and passwords to hackers. Once they have access to your banking, you might find it hard to cancel the transactions in time.

To ensure that your online banking is as safe as possible, ensure that you use a secure password and never do your banking from a public space, like a coffee shop or work office. Public spaces often have a far less secure network than the one you have at home. Hackers may be connected to the same WiFi and intercept your information while you’re completing the transaction. Wait till you get home, rather than completing your online order at a coffee shop.

You should also never, under any circumstances, use a public computer to do your online banking or make purchases with your banking details. There is the possibility that someone has installed a key-logger malware to the computer. This means that they would be able to see everything that you typed, including your usernames and passwords.

Even if you are completing your online banking or purchase from the comfort and security of your own home with its password-locked WiFi, there are still precautions to take to ensure that your finances are protected.

Credit card safety

It is strongly advised to use a credit card rather than a debit card for online purchases. The main reason is that with a debit card, it can be more challenging to reverse an unauthorized transaction. Your debit card is often used for debit orders, so it might cause significant stress if your debit account is cleared out, and your debit orders bounce.

Credit cards have embraced the online space, and accepted the responsibility we have bestowed upon them to complete our purchases and transactions. That being said, there are a number of precautions you can take when using your credit card for an online transaction.

Even with access to thousands of online storefronts across the world, it can be challenging to find specific items. Sometimes that nostalgic pair of sneakers will only be available through some obscure shoe company that you haven’t heard of before. Oh, and they provide free worldwide shipping? It seems too good to be true – and it is. You can search online to see if anyone else has had experiences buying from that website, and chances are you might find some less than favorable reviews. The danger is that you could have entered your credit card details into a website whose sole purpose is gaining your details to empty your bank account.

Always check that the website that you are on is secure. As mentioned in the SSL certificate section, you can check that the website you are on is who they say they are by viewing their SSL/TLS certificate. If you don’t see a SSL/TLS certificate, then perhaps find out more about the website.

You should always make sure that the page where you enter your credit card details is secure as well. Even if the website has an SSL certificate, double check that the page is secure when required to enter your card details.

As an extra precaution, be mindful of how you navigated to the online storefront. Do not access the website through an SMS link, or email link. Rather type navigate to the URL from within your web browser.

Most banks offer a One Time Pin (OTP) to complete online transactions. This is an excellent security feature that will add an extra buffer should someone attempt an online transaction with your credit card details. The OTP can be sent via SMS or email.

Finally, it is advisable to keep receipts of all your online transactions. This could be an SMS notification of the funds being transferred, or it could be a printable page that you can save as a PDF. This will help you keep track of when and where you completed the online transaction.

In terms of online games and apps, especially when it comes to mobile, your credit card is often called upon to unlock features or make in-app purchases. In-app purchases apply to whoever is using the device and playing the game. If your settings are not in order, you might be asked to foot the bill for the person playing the game on your device.

Safety precautions for in-app purchases can be better understood by looking at the difference between their risks for younger users and older users.

In-app purchases for younger users

We can all understand the excitement of a child when they’re playing a game – especially when the game contains a favorite character or superhero. Children are often given access to their parents’ or older siblings phones or desktops. It can keep them enthralled for hours.

There are many free online games and apps available. While these are a means to keep younger device users entertained, they often have in-app purchases to make the game developers money. The younger users might not understand the cost of these in-app purchases, in part because they weren’t the ones who earned the money that would be spent.

Unless you want to be unpleasantly surprised by a massive credit card bill, it is important to set your device up for how you’d like it to handle in-app purchase requests. Remember, just because some of these games are targeted at a younger audience, doesn’t mean that the price involved won’t make your eyes water.

For Apple users, you can disable in-app purchases on your iPad, iPhone or Mac. To do so on your mobile device, you will need to go through the general settings, set up password restrictions and then turn in-app purchases off. For your desktop, you can configure the App Store application’s preferences to always require your password before completing in-app purchases.

For android users, you can set up a restriction on in-app purchases through the Google Play Store. If you go into your settings you can require authentication before any in-app purchases can be completed. You can also set this requirement up to need your biometric authentication.

Whether you are using an Apple or Android phone, these restrictions will ensure that you are present when a younger user wants to make an in-app purchase. Your better judgement may direct the younger user to try a different game.

In-app purchases for older users

It is not just younger users who are tempted by in-app purchases. Older users should understand how to safely use in-app purchases as well.

In-app purchases are fairly secure. Even though the developer of the app may seem untrustworthy, Apple and Google have gone to great lengths to keep in-app purchases secure. They do this by ensuring that the purchases go through Apple and Google respectively. Thankfully, the app developers will not have access to your credit card details.

If you have downloaded an app from outside of the Apple Store or Google Play Store, then you have much more to be concerned about. In that case, the purchases might be facilitated through the app, and your credit card details may well have been copied. There is of course also the risk that the rogue app contained malware. It is therefore strongly advised that you only download apps from the Apple Store and Google Play Store, and preferably from well-reviewed developers.

For the adult market, most in-app purchases tend to take place in online casinos. While casinos may have a reputation of smokey hallways and stale carpets, online casinos cut straight to the game at hand, and the chance to win.

To keep playing you will need to buy tokens, as you would in a normal casino. These in-app purchases can add up and, if you’re not careful, you could logoff having lost a substantial amount of money.

There are a few guidelines on how to gamble safely. For a start, you should only play on a safe online casino. Do your homework and find casinos that have a great reputation and credibility. Browse their list of games and make sure that they offer what you’re looking for.

To help you decide on what games to play, you should understand which games have a good house edge. A house edge is a measure of how much a casino will pay relative to what the true odds would pay. In other words, the chance that you have to win mathematically is usually higher than the payout the casino is offering. This is the way casinos make their money as a business.

The house edge will give you an indication of your chance of winning. Games with a low house edge include Blackjack and Craps, medium house edge games include Roulette and Three Card Poker, and high house edge games include Keno and simple Slots. When you’re playing against other players, and not the house, the game will have no house edge. Examples of no house edges are Poker and Sports Betting. Learning how to gamble safely takes more than knowing your odds.

You should not play any casino games if you’re tired or have been drinking. Being drowsy could lead to careless mistakes, and ultimately hurt your bankroll. Casinos can be a lot of fun, but drinking can lead to silly mistakes while playing. Heavy losses with drinking excessively is a recipe for personal life disaster and should be avoided.

Be careful not to chase losses. You might have had a bad time of it, but that’s no reason to think your luck will change. Some people can lose their head and make bigger wagers, hoping for bigger wins to off-set their losses. Rather set out a session bankroll, and stop if you’ve exhausted it.

Setting a session bankroll will help you to play within your limits. You should set winning and losing limits before beginning your session. This will help you keep a balance with your winnings and also to know when to quit. Knowing when to stop is essential to help keep gambling a healthy and rewarding activity in your life.

There are many online casinos that offer SSL secured casino experiences. With a predetermined session bankroll, online casinos can bring hours of enjoyment as well as winnings.

It is worth exploring a secure, registered and trusted online casino with a brick-and-mortar counterpart if you are interested in online gambling.