How to Stay Safe Online?

In this day and age, security is one of the most talked about and vital things and rightly so, because the average number of threats against the common user is steadily rising.

If one isn’t careful, chances are they’ll end up infecting their computers or fall prey to account or identity theft.

These threats come in various forms, it could be that you are searching for a crack for that latest game or software and the website that hosts the crack or the crack itself is infected.

Maybe they require you to make an account and use those details to send you spam or try to hack your other accounts associated with those details. Or it could be that your Facebook page got hacked even though you take a lot of precaution.

So today, I’ll share with you some tips and tricks as well as websites that I have found useful to keep my identity secure on the internet.

Use strong passwords:

No,”password” and “123456” aren’t secure passwords. In fact they’re the first thing a hacker will try. Try to substitute numbers and special characters in your passwords instead of using a long stream of text, it’s much more effective. Or use online password generators. Two of the best ones are GRC (https://www.grc.com/passwords.htm) and SafePsswd (http://www.safepasswd.com/).

Also check out this great tool which lets you determine how long your current passwords would last in case of different attack scenarios (https://www.grc.com/haystack.htm .

Use HTTPS encryption where possible:

HTTP itself is pretty insecure, especially if you’re using Wi-Fi. Anyone on that Wi-Fi network can easily obtain your private info like login details. And the only thing they would require is an add-on called FireSheep.

To avoid gifting hackers your info, you should use HTTPS.

Most major services like Facebook, Google and Twitter already offer the option to enable it; however it is turned off by default. If you find going into each service’s settings and manually enabling it too cumbersome, just use the “HTTPS Everywhere” add-on for Firefox which automatically enforces it. A similar extension for Chrome is “KB SSL Enforcer”.

Link (CHROME): https://chrome.google.com/webstore/detail/flcpelgcagfhfoegekianiofphddckof

Link (FIREFOX): http://www.eff.org/https-everywhere

Use 2-Step Verification for Google Accounts:

Google offers 2-step verification for its accounts. That means even if your password is compromised, the hacker will have to enter a verification code which you receive on your mobile phone through an SMS or an automated voice message. The moment you receive one, you’ll know your password has been hacked and you can change it without any harm done.

Link: https://www.google.com/accounts/b/0/SmsAuthConfig

Hide your IP address:

You might have noticed that local ads are starting to pop up on nearly all major websites, that’s because your IP address is visible to the website and ads are being served to you on the basis of where you live. If you’re concerned about the potential for hackers to take advantage of a visible IP address then you should use tools like TOR (The Onion Router). It protects your identity online and saves you from network surveillance and traffic analyzers.

Link: https://www.torproject.org/  

Maintain a couple of email addresses:

You should always use multiple email addresses. For example, I maintain separate email accounts for work, private use and general purpose usage. So if I want to access content on a website and that requires registration and I’m unsure of its trustworthiness, I just give it my general purpose email and even if it starts to send me weekly newsletters or spam, my work or private email aren’t flooded with it.

Similarly I also use it for public services like Facebook, Twitter and Skype etc. You can use your private account for services where security is essential (MoneyBookers, AlertPay or any site where you carry out electronic transfer of money) and you won’t be looking to share that particular address with many people.

Use disposable email addresses:

Suppose you want to play a flash game online. Or you just wanted to check a service out but you don’t want to register on it. You can instead use disposable email addresses, which are typically allotted for a specific time slot. You can use them as you wish and then they just expire. A few such services are Guerrilla mail (http://www.guerrillamail.com/) and SpamBox (http://spambox.us/).

A simple Google search will yield tons more.

Keep your software updated:

It’s an important thing yet people forget it quite often. It’s possible that some of your software received updates because of some vulnerability in them, in which case outdated software can be targeted by hackers.

And since new threats are created everyday, it’s vital that you keep your security software, your antivirus and firewall especially up to date to protect against these new threats. You can use tools like Secunia Personal Software Inspector to see which software is outdated and vulnerable.

Link: http://secunia.com/vulnerability_scanning/personal/

I hope that most readers will pick up a few things from this article. Using these tools and tips will secure you from most threats present. Feel free to share tips and tools you use to stay safe!

Talal is the Editor in Chief at ProPakistani.


  • Ali

    nice sharing, thanks.

  • Hanan

    Although i’m already practising some of the tips, but still quite useful article.

    Thanks,
    Hanan

  • Umair

    The 2-Step gmail verification procedure works only for Telenor and Mobilink users. Further these verification sms would cost normal sms charges.

    http://mail.google.com/support/bin/answer.py?answer=114129

    Admin, you may want to insert this information if you like.

    • Irtza Shahan

      Well I’m using Zong and 2 step verification is working fine with me !

  • nice but u should add some more tips , i hv been hacked around 4 times ,from my experience

    *Donot enter ur login details on any 3rd party site expect official one (like facebook,google)

    *Only Open or click Known or secure Links (especially beware of shortened links)

    *Everytime when u r going to enter Login details (email/passwords) ,plz check the Site Domain (url) .u may be phished at this time .

    *Nowadays people are hacked through emails ,never trust unknown emails (use ur common sense att)

    I think admin should add these .

  • SAJID

    Admin , guide us to remain safe from phising coz it also a big problem….and a security hack…:(

  • Admin, Please provide some info about Phising! because its a biggest issue happening on the internet these days. Thanks

  • mamoon rehman

    How to know about the lacation of a Gmail Id in google earth?