1. Install a VPN on your device
Installing a VPN on your device is by far one of the best actions you can take to make sure you’re browsing the internet safely. By installing a vpn you are able to encrypt all your network traffic from your phone or laptop, regardless or what wifi network you’re on. Assuming you choose a reliable VPN, this means it will be very difficult for someone to track what your browsing or even steal your passwords. You will also be able to avoid government tracking by allowing all your internet traffic to be routed through your VPN providers server location.
So even if someone did however happen to obtain access to your network traffic, it would not be possible to determine where you were located.
2. Only visit sites with a valid SSL certificate
Make sure to make it a rule to only visit sites whose urls begin with “https” as opposed to “http”. This means the website has an SSL certificate which encrypts traffic between you and the server so it’s more difficult for hackers to steal passwords or other identifiable information. You can try downloading a privacy focused browser like Brave which automatically upgrades all websites to https, so you don’t have to worry about this one. There are other great browser extensions that can do this to if you don’t want to switch from your favorite browser.
To be extra cautious you can also double check to make sure the certificate is from a trusted source. Usually your browser will notify you by striking-through the https portion of the url in many cases when it suspects something is wrong with the sites certificate and may even prevent you from loading the site. So if your browser displays a screen letting you know there is a certificate error, it’s most likely in your best interest to avoid proceeding the site.
This one is very important, whenever you browser a website without an SSL certificate, anyone can intercept your browsing history. This means a novice hacker could steal your passwords to your accounts and even obtain access to your device in some instances.
Read more about SSL Certificates here: https://csrc.nist.gov/glossary/term/secure_sockets_layer
3. Turn on popup/ad blocker
Popups and Ads are another means attackers use to obtain personally identifiable information and in some cases even access to your device by downloading some sort of malicious software. In many modern browsers this is a default setting, but there are still vulnerabilities in even the best of browsers. So make sure not click any ad or popup that is not related to site your visiting or feels out of place. This one is a little hard to explain, but over time you should be able to discern when something just isn’t right. Whether is be font size, design, or wording of the ads or popup. I would go so far as to suggest an ad blockers too. Popups and ads are more risky than they are beneficial in my opinion.
If you are more tech inclined, you can even install an ad blocker on your entire network. More on that in future articles.
Still not convinced, NIST comments, “a security flaw in the PayPal web site was exploited to steal credit card numbers and other personal information belonging to its users”. This security flaw allowed an attacker to display a popup to Paypal users directing them to a fake login page. Interestingly enough, the site still displayed a valid SSL certificate (https), but the attackers were able to inject code into the site. So, while SSL certificates are a great part of staying safe online, it is still able to be bypassed in some instances. While a popup blocker probably wouldn’t have caught this one. Checking the URL would have showed that you were no longer on the actual Paypal website, which is a good sign not to proceed.
4. Only download apps from trusted sites
One of the greatest threats to your safety online, is downloading dangerous programs to your computer. A few tips to help reduce the likely hood of this happening are first to stick to the official app stores of your device wherever possible. Microsoft, Apple, and Google have spent a ton of time making sure developers can’t infect their customers devices through the greatest entry point, the app store. Whenever you download a program or file directly from a website you run the risk of someone swapping it out for their own virus or spyware. Good news, is if you follow the previous tips such as sticking only with sites with SSL then the likelihood of this happening is less likely. But if you own a Mac you may have noticed by default they will not allow you to open programs downloaded by unverified companies. This is a great feature, so don’t disregard it but actually really think about the company who owns the site where your downloaded this file.