Are you safe on the web?
The Internet may not be the Wild West ecosystem it once was, but that doesn’t mean it’s become much safer. In fact, a ton of other online threats have sprung up – which you can fortunately defend yourself against with these useful tips.
The Case for HTTPS
Depending on the browser you’re using, you should get a warning about your connection not being secure if you happen upon a website that still uses HTTP (Hypertext Transfer Protocol). There’s a good reason for that, as anybody with a few minutes on their hands could see everything you do on that page. Yes, that includes any passwords or personal details you input.
Google are going as far as punishing websites that do not switch to the encryption-protected HTTPS protocol. Encrypting the data you send and receive from an HTTPS website means hackers can’t get a hold of your data as easily – all they’d be seeing is indecipherable gibberish. By 2017, half of the Internet was encrypted (the visible parts at least), but there’s still a long way to go.
Use Secure Browser Add-ons
While the general consensus is that you should avoid HTTP websites for your security, you can still visit them if you use a browser extension like HTTPS Everywhere. It will attempt to force an HTTPS connection wherever possible, giving you a modicum of control over your data.
Another privacy-invasive issue today is the sheer amount of ad trackers present on the Internet. It’s estimated that 90% of web pages use ad tracking technology, which not only increases page load times but can also create an accurate profile of your interests and browsing habits to serve you personalized ads.
Creepy? Yes. Preventable? Also yes – with an all-purpose blocker like uBlock Origin. It uses a handful of resources to rid you of ads, ad-tracking, as well as allowing cosmetic filtering if there are any distracting parts to the pages you visit. uMatrix allows for more fine-grained control over what gets loaded on a page, although it has a slight learning curve. Use both of them for an impenetrable, privacy-focused combo.
Alternatively, you could just switch browsers to something that has these functionalities included by default – like Brave, or one of these other options. You can still use those extensions in most of these browsers, too, covering a range of filter lists.
Switch to a Secure Email Provider
Look, we get it. Nobody wants to sit around and switch email addresses on the tens or hundreds of accounts they have. You could be trapped at your desk all day. But think of this way, if your email provider gets breached (like 3 billion Yahoo! users found out), you’ll still need to do it if you don’t want your accounts stolen.
Only this time you’ll be in panic mode, rushing to see it done – if the hackers didn’t get to them already. You can find out if your email account has been compromised by using this useful website.
If it did happen, but you haven’t seen any suspicious activity on your accounts, then there’s still a chance to recover. Switch to a secure email provider like ProtonMail or other options which encrypt your emails. As mentioned before, hackers or other third parties trying to read their contents will find it virtually impossible to do.
Set aside 10 minutes a day to switch the email associated with your accounts. Start with crucial services like PayPal and the sort – then go from there. If your email wasn’t compromised, you’re in luck – just don’t wait till it happens before you make the switch.
Better Password Management
While you’re at it, consider looking into some password managers to create and store strong, randomized passwords. You won’t have to keep a notebook handy just to log in because you forgot that one jumbled 30-character password.
They also have the side benefit of not allowing you to fall for phishing scams. Hackers sometimes try to impersonate legitimate services (like bank websites or PayPal) to get you to input your login details and steal them. A good password manager will recognize that you are not on the correct website and refuse to enter your credentials.
Since we’re on the topic of fakes…
Watch Out for Public Wi-Fi
Cyber criminals can also create fake hotspots that look almost exactly like a real network used by cafés, airports, and so on. These are called “Evil Twin” hotspots and are quite difficult to avoid, as hackers go to extreme lengths to make their networks look believable.
You’re also better off avoiding that free Wi-Fi if it’s not password-protected. It’s quite easy for the person sitting in front of you at the coffee shop to download some hacking tools, watch a short tutorial, and start harvesting your data over the unsecured network.
The worst part is that some security exploits found in WPA2 and WPA3 (the current Wi-Fi encryption protocols) make it so even password-encrypted Wi-Fi is not 100% safe. The best way to protect your data in all of these situations is to use a Virtual Private Network (VPN) – a method recommended by the Wi-Fi Alliance, among others.
Get a Decent VPN
While HTTPS connections only encrypt your traffic on particular websites, VPNs do that for your entire network traffic before any data leaves your device. This means your browsing habits are even protected from your ISP and government agencies like the NSA.
When you use a provider’s software to connect to a VPN server (that’s usually located in another country), your IP address is replaced with that of the server. This means your real location – which can easily be identified through your IP – is hidden from online strangers, as well as online services. It’s actually a neat perk that allows you to unblock a bunch of unavailable content in your region – from copyrighted YouTube videos to your favorite TV shows on major streaming platforms.
Unsure where to look for a no-nonsense, no-logs provider? ProPrivacy's NordVPN review is a great place to start.