5 Cybersecurity Practices You’ll Pay the Price for Not Using
The majority of people never think of cybersecurity. They don’t have to choose whether they’ll use a strong password or not; the site simply won’t let them proceed past the password creation stage. The same things for blacklisted sites, antivirus scans, etc.
The problem is that there are some instances where you actually need to take agency over your cybersecurity. This is when there’s no excuse, and it’s actually up to you to take a safety precaution. With that in mind, here are the top five cybersecurity practices that you’ll pay the price for not using.
1. Hovering over the link before clicking
This tip only takes a second and can prevent you from making a critical mistake. Namely, by hovering over the link, you can preview the URL. Sure, sometimes the sender uses a URL shortener, which may make things more difficult to figure out, but what if they’re not?
What if they’ve just added a link and sent you an email explaining what the link is, without even thinking that you hovering over it to read the URL is even a possibility? This alone can prevent you from succumbing to a vicious phishing attempt.
Developing a habit of hovering over the link is a cue for another positive trait – not randomly clicking on the links that you’re presented with. By just taking a second to think about the link that you’re about to click, you’re already thinking about the sender and the potential risk. This automatically puts you in the bracket with some of the safest, most cautious internet users.
The best of it all is that it literally takes you a second. You hover over the link and read the URL.
Does this make you 100% safe from all the risks of the online environment? Of course not, but it does put you on a much safer path.
2. Inspecting the address
In the previous section, we’ve talked about hovering over the address in order to inspect it, but what are you actually looking for? Well, first, you want to check if the domain name and the sender actually match.
Second, you want to look for spelling errors. You need to understand that all of these processes are automatic, and spelling errors just don’t happen. This is a deliberate effort by a hacker or a malicious third party to trick you into believing that you’re going to a legitimate site, a site that you’ve already heard of. Sure, when you read letter by letter, it’s easy to see the difference between Instagram and Instagram. The problem is that most of the time, you won’t expect this, and you, most likely, won’t take the time to read.
Next, you need to see if the site is using a secure connection. Make sure to look for “HTTPS:” at the beginning of the URL. This way, you’ll know that data exchanged between you and the site is encrypted. You should also take warnings of invalid SSL/TLS certificates seriously.
Sometimes, your own browser can be enough to protect you, but only if you’re taking it seriously enough.
Make sure to watch out for unusual characters, like lowercase L instead of uppercase i, etc. This is a trick that a lot of people fall into pretty easily. They’re also, sadly, hard to spot.
3. Using a password manager
If you’ve ever read a guide on how to make stronger passwords, you’ve probably thought that something like this is near-impossible to handle. Namely, each password, to be considered strong, needs to contain at least one capital letter, one numeral, and, ideally, even one symbol.
So, does this mean that “P@ssword1” is a good password?
Of course not.
You also need something that’s not too meaningful, something that hackers will never figure out from your social media and publicly available information. If you put your kid’s birthday, childhood nickname, or pet’s name, all of this can be figured out by scrolling through your Facebook profile. Ideally, the password that you use will be completely random so that it’s
near-impossible to guess.
It doesn’t end there. You should also change your password every 60 to 90 days. If you have just four accounts, you need to change at least 12 unique, strong passwords every year. Of course, the real number is not four; it’s likely far higher than that.
How did you develop all these passwords, and even more importantly, how do you remember them all? The answer is simple – you start using a password manager. Just take a look at the managers listed in this guide, do some independent research, and start using one.
4. Check the reputation of a site
It’s important that you check the reputation of the site that you plan to visit or use. This is important if you intend to do some shopping on this site, especially during the holiday season. Giving out your personal information is not always a safe thing to do, which is why you need to take some steps of precaution every now and again.
First of all, instead of just following the link, read the URL and try typing it directly in the search engine. The rank of the site is usually indicative, and a scammer site will seldom get to the top.
There are also so many online services and tools that you could use for a quick checkup. We’re talking about things like Google Safe Browsing, Norton Safe Web, and McAfee SiteAdvisor.
It’s also important to check domain age. The majority of these scammer sites are caught relatively quickly, which is why you’ll seldom find one that’s older than a few days or weeks. Most likely, it was made just a few hours ago, and it aims to trick as many people before Google catches on.
There are so many red flags that you’ll notice if you just start paying attention to what you’re served.
5. Regular software updates
When talking about updates, the majority of people assume that their main objective is to just work better or have extra features. While this is true, it’s only partially true. You see, the majority of updates and patches are oriented toward fixing bugs, which is a major game-changer. Some of these bugs are flaws and exploits that hackers abuse in order to steal your data or infest your network.
Most often, these are either security patches or new security features. The problem is that this often goes unnoticed for a number of reasons. First, cybersecurity is not something that you actively use. Second, the majority of these bugs and exploits are something that you’re unaware of until you become a victim (usually not even then). So, even if you are reading patch notes, when you come to the bug fixes section, you’ll usually skip.
Fortunately, you don’t need to understand how this works in order to benefit from the increase in protection. It’s one of those things that you don’t have to know how to use in order to benefit from it. All you need to do is check if all your plugins are up to date and, if they’re not, start a manual update.
It was about time you took your cybersecurity seriously
As we’ve already mentioned, even if you want the system to keep you safe, you still need to do your part. It’s like hoping to stay safe in the traffic. Not everything is up to you but you have to fasten your seatbelt, and abide by the rules of the road, potentially even adjust your speed to the road conditions.