The internet, in case you hadn't noticed, is rife with viruses, malware, hackers and other scams. And while it can be hard enough to secure a single PC, maintaining security online is complicated by the fact that more than 70% of internet users are now ‘multi-device users,’ meaning they may use several devices over the course of a day; the percentage is even higher in the age 25-to-49 age group, according to Go-Gulf.
Given the plethora of threats across these multiple devices, users need to be especially vigilant. We’ve got you covered, so check out these recommendations.
1. Install antivirus software
Routinely, new viruses and other types of malware, including Trojans, ransomware, worms, adware and spyware are identified. While some widespread malware, such as the Bad Rabbit ransomware that appeared in 2017, can become so prevalent that they capture the news cycle, it's no wonder that, with some one million new pieces of malware identified every day.
Given the situation, we should all install an effective antivirus solution. Be sure to check out our best antivirus software, and some free antivirus software alternatives, to protect your PC.
Also, don’t forget your smartphone and tablet, and protect your Android and iOS devices.
Although we encourage you to install antivirus programs on each of your devices, make sure only to use one per device. You might think you’re getting better protection by having two antivirus programs on the same machine: in reality they might interfere with each other’s operation and consume your system resources.
In the case of viruses, remember that prevention is always better than cure too. Install the best ad-blocker to shield yourself from most harmful links before you can accidentally click on them.
Even in 2023, almost all devices are designed to run on Windows. As such, another great tech security hack is to switch to an alternative operating system like macOS or Linux.
Whichever operating system or antivirus software you use, make sure to check for updates daily. This means you’ll benefit from the latest protection and be safer from “zero day” exploits which target older versions of programs.
2. Avoid phishing emails
Phishing emails are nothing new, but gone are the days of obviously fake requests, with misspellings and pasted logos requesting you to wire funds to Nigeria. These days, phishing scams, from fraudulent individuals or organizations that want to trick the user into thinking the email is from a legitimate group, are much more sophisticated and believable.
If a recipient believes that an email is genuine they're likely to willingly provide identity and financial information. A related practice to phishing, known as pharming, directs users to a fake website that's designed to look like a legitimate one, again with the goal of obtaining personal info.
Clearly users need to be on the lookout for phishing and pharming scams. Good security practices include running a firewall and anti-malware software, and being wary of clicking on links.
The old advice was to look out for emails that had an amateur appearance, but the scammers have become more sophisticated, and the emails can look convincingly genuine. For instance, the scammer may steal an image from a legitimate site such as eBay and insert this into an email as a hyperlink to their phishing website. You would have no way of telling the difference, as the image itself is genuine - it’s only the site it points to that isn’t.
The best advice is not to click on the links in an email, and instead go directly to the bank or other organization’s website if you need to input account details.
Also, look at the full address an email originates from, which often gets shortened on a mobile device, particularly the suffix. For example, an email from Apple informing you that you need to upgrade your credit card would originate from something@apple.com, and not something@apple43465443.ru, which would indicate that it came from Russia.
Some popular email clients like Mozilla Thunderbird do some of this legwork for you by using ‘scam detection’ techniques. These include checking the address in an email for common scam indicators such as links to IP addresses instead of actual website names. (This is common as it’s harder for you to spot that links like this point to an unofficial website.)
E-mail clients with reliable scam detection will also check if the text in links matches the address. For instance, if the text says http://www.apple.com, the hyperlink should point to that address and nowhere else.
Naturally these features aren’t perfect, so make sure to keep your software up to date and remain vigilant.
If you're not sure, most companies have an email address to forward a suspect email to (for Apple it's reportphishing@apple.com); they can then verify the validity of the source, and if necessary endeavor to get the scammers shut down.
Another great way to prevent fallout from phishing is to enable 2FA on all your accounts that support it. That way, even if someone gets hold of your password through a rogue phishing link, they still won’t have the login code that’s been sent to your device. This keeps your data safe.
Be sure to check out our complete guide to how to avoid online phishing.
3. Beware of public Wi-Fi
Public Wi-Fi is great for folks who need to stay connected on the move, and a mainstay of coffee shops, hotels and airports. However, while your home wireless network keeps the traffic private with a password (routers even have a default password these days to make sure the default is to not run the traffic in the open), the inherent problem with public Wi-Fi is that it's unsecure.
The price that's paid for making it easy for users to join without a password is that all the traffic can literally be intercepted and tabulated, including usernames and passwords for email and financial accounts. There have even been reports of laptops being hijacked to mine Bitcoin at a Starbuck’s, via the CoffeeMiner hack.
The simple answer is to stop using Wi-Fi when you're out and about, especially with more and better cellular wireless connections increasingly available. That said, while a 4G connection is preferable, and not as simple to intercept, just like public Wi-Fi it's not considered truly secure. While 5G is more secure, serious vulnerabilities have also been discovered in its security.
The latest wireless encryption protocol, WPA3, which is due to roll out over the next few years, addresses the security issue and encrypts individual public W-Fi connections. However it’s a given that this will take time. A secure Wi-Fi connection also won’t necessarily protect you from other users on the network who try to access your device too.
If you have to use a Public Wi-Fi network, make sure to check with the network owner that you’ve found the right one before trying to connect. Most modern operating systems such as Windows 11 also support different network ‘profiles’, whereby you can tell your device not to automatically trust other devices on the same network and block connections. Check the support pages of your OS provider for more help with this.
Above all, the lack of any security on these public Wi-Fi connections is an excellent argument for using a VPN, which have plenty of other uses besides keeping your data secure.
Read more in our guide on why you should use a VPN when accessing Public WiFi.
Even if a public WiFi hotspot connection seems secure, remember that bad actors will sometimes deliberately set up fake Public WiFi “honeypots” so they can harvest your data as you connect. Using the best VPNs hugely reduces the chance they’ll get hold of any useful information about you, as all your traffic is encrypted.
4. Secure passwords
Your username and password are the essential elements used to secure an online account, whether for an email account, a bank account, or any other online access. With plenty of users having dozens of online accounts, it can become a full-time job to secure them all. There are even apps available to help you track and manage all of your accounts. Online data breaches have seen passwords hacked, exposed and even published.
Frustrated users too often use passwords that are dictionary words, and then reuse them across multiple sites; after all, how many passwords can someone remember? Some of the worst passwords people are still using include names of celebrities, swear words and even the good old ‘123456’.
The reality is that in order to stay secure, users need to create strong passwords that have a high degree of entropy. This reflects the number of bits contained in the password.
Conventional wisdom says you should do this with a mix of upper and lower case letters, numbers and symbols all in the same password but these can be tough to remember. It’s also hard for humans to imagine a truly random assortment of numbers and letters. You can use an online password generator to create that strong password. Some password managers (see below) also have them built-in,
Another great way to generate a random but easy to remember password is through using Diceware. This involves using real dice to select words randomly from a pre-prepared list. Provided you choose enough of them, the level of entropy is much greater than a random assortment of letters and symbols, plus they’re easier to remember.
Which ever method you go for, make sure to choose the best password manager, such as LastPass or Dashlane, that can keep track of these stronger passwords across multiple devices. This makes it more likely you’ll use a different password for each service, so if one website is compromised your other data is safe. A good password manager will also check the ‘hashes’ of your passwords against known data breaches, so you’ll know if your password’s leaked onto the internet.
Finally, don’t rely only on passwords for protecting these accounts, and be sure to enable two-factor authentication to keep them even more secure.
5. Use an up-to-date router
While security often focuses on the client devices, attention should also be paid to the entire network. As the router controls the entire home network, the problem is that if it gets compromised every device on the network in turn should be considered breached. There is software available, F-Secure Router Checker that enables you to check if a router has been compromised.
Users should take measures to reduce the risk, starting with making sure that the router is fully up to date, with all the latest security patches, via a firmware upgrade. Be sure to only install firmware directly from the manufacturer (unless it’s a FOSS alternative like dd-wrt - see below), and to check periodically for the latest version.
If you're running an older router, and there are no forthcoming firmware upgrades, your options are to upgrade the router to a more recent and supported model, or to install open-source firmware that's kept up to date by a community, such as OpenWRT or DD-WRT.
When shopping for a router, be sure to look for a model that integrates network-level antivirus support, such as an Asus model that has AiProtection from Trend Micro, and be sure to enable it in the settings.
If you’re running a wireless network, don’t forget that bad actors may try to access it in order to steal your bandwidth or hack your devices.
One great way to stay safe is to use a hidden SSID (service set identifier). This means your network name won’t be broadcast when other devices sears for Wi-Fi access points nearby. If they have both the network name and password though, people can still connect to your network. (If you think this would be too much trouble for visitors, you could also set up a separate wireless network for guests).
Whatever you choose, make sure that your WiFi network uses at least WPA2-AES encryption. Admittedly not all devices support this but you should only be using ones that do.
Even powerful AES encryption can be broken if your password isn’t strong enough. The same rules apply here to using a website password, in that the greater the level of entropy the better.
Still, as it’s a nuisance to type in a meaningless string of letters and numbers each time, consider using Diceware to generate an easy to remember passphrase. Six random words in lower case separated by spaces e.g. “ablaze yield perry cherub fermi shawl” has around 178 bits of entropy and would take a computer 500 tredecillion years to crack.
Many routers support WPS (Wi-Fi protected setup). This is supposed to be an easy way to connect devices to your wireless network through using a 4 digit pin but these can be cracked in seconds by bad actors. Make sure to disable WPS completely in your router settings and give visitors the WiFi password instead.
Read more about ways in which you can secure your Wi-Fi in our online guide.
