How I Improved my Security on the Internet - Easy Ways to Improve Your Own Security
Security is usually not something people think about, unless it's already too late. We often forgo taking additional steps to protect even our most valuable online assets, due to sheer laziness. Everybody wants to get things done as fast as possible, causing them to act carelessly when it comes to online security.
In the past, I've had one serious security breach of my system. That one event forced me to take security more seriously and led to the formation of my current security practices. I'd like to share some easy steps you can take to protect yourself against the most common attacks.
My Security Fail
Around six or seven years ago, I liked to play some competitive online poker whenever I had some free time on my hands. For this, I often made use of some free tools that I could find on the internet. One time, I had just downloaded a free odds calculator from a pretty sketchy website. At the time, I didn't worry too much about it and just downloaded the app and installed it. Dumb move on my part.
As soon as I had installed the app, I received a NET SEND message telling me to log in to my Pokerstars account and send x amount of credit to another user. If I didn't comply, they threatened to get access to my account.
At that point, I knew that I had installed a trojan, specifically targeting Pokerstars users. I assumed that they there was a keylogger, which is why they were asking me to log in. I knew that if they had to ask, they were probably unable to gain access otherwise.
I solved it with a simple reboot onto an Ubuntu live CD and scanning the NTFS filesystem with a free Linux virus scanner (ClamAV). Luckily this wasn't a particularly sophisticated attack and everything was fixed pretty easily.
From that point in time, I've started to take security a lot more serious by changing quite a few habits.
My Current Security Practices
I don't tend to download that many random apps anymore, everything that's installed on my computer has been downloaded from trusted sources. Most of it is open-source software. If I do have to install some new app, I first run it in a sandbox environment and also scan it beforehand. This might be a bit of overkill for most people, but the point is that you become aware of what you download and install.
For all my online accounts, I use different passwords that are made up of random strings of characters. Using a password manager such as KeePass is generally a good idea. I also check regularly if any of my accounts have been compromised via Have I been Pwned. Regular password changes are advised, as well as using a different password for every different account.
I've always used Firefox as my default browser. There are a couple of plugins that I have installed by default. NoScript and uBlock Origin are great tools to prevent malicious websites from executing exploits. NoScript sadly doesn't exist for Chrome, but I can recommend either ScriptSafe or uMatrix. Make sure you always block Javascript, Java and Flash for any websites that you do not trust. A lot of websites do have critical features that do require Javascript, so you can whitelist websites that you trust.
I'm very wary of using any sort of public WiFi, because there's always a chance that someone performs a Man in the Middle attack. If I do use public WiFi, I'll do so through an encrypted VPN. Hackers can intercept passwords by sniffing packets through a malicious hotspot.
On my desktops (Windows & Linux), I'm running a firewall and lightweight antivirus. There are a lot of decent free options. Do note that antivirus software & firewalls aren't perfect solutions in any way.
Afterthoughts
It's impossible to be 100% secure when you're connected to the internet. All you can really do is, make sure that you protect yourself against attacks that are designed to affect many people. Most malware focuses on user error, meaning that they rely on you making some sort of error. Either by running unsafe software or handing over your login credentials through phishing.
Do share other methods of protecting yourself online. I know that my ways are far from perfect, but they will offer you a good basic protection.
.gif)
Great post! It isn't really personal security, but for personal privacy I would absolutely recommend that you get a personal VPN. I was just telling someone the other day that you don't really see viruses that much anymore. Not like you did back in the day of Nimda and Sircam. Most things now are browser hijacks and malware that you get by clicking on a link. The boom in virtualization and emulation software like Virtualbox have made it very easy to have a test machine setup. Great advice!
Oh yeah I was just talking about how insecure it could be to use a public hotspot. I reckon that you have quite a few people going around taking advantage of insecure hotel networks etc.
For sure. I was able to snag a really good deal on NordVPN a little bit ago. They even have an extension for Chrome so you can use it wherever you are.
I'm quite lax on this kind of thing, I must admit. I just don't visit dodgy web sites. Maybe I have been lucky so far.
I think that phishing is the most common way that people get their accounts compromised. So if you just pay attention, that already helps you 90% of the time :)
I also make sure that any unnecessary radios are always properly off (not sleeping but really off). Bluetooth and NFC, and the usual updating....
I'm often travelling, and I don't trust the hotel wifi. Sometimes I carry a travel router as an extra point behind a vpn, probably unnecessary but it is handy for connecting multiple devices anyway. Otherwise, I prefer to use my own phone hotspot.
Multiple emails, with some disposable and a second SIM for disposable use (I have a dual sim phone). And time based 2 factor for critical accounts.
Despite all of this, probably a determined person could get through, but I guess not being the low hanging target is the best you can do...
Yeah I also tend to go quite far with these things :P If someone actually targets you specifically, they're going to get in no matter what (if they're smart enough).
Yep, probably via my wife or my kids....
May I assume that Brave browser will actually be more secure than Chrome and others? Since it blocks most of the unnecessary code from websites...
Yeah, Brave is actually built on Firefox code, if I remember correctly. Should provide you with adequate security out of the box. Though I'd personally also look into blocking Javascript.
Edit: I was wrong, it's built on Chromium :P
That's right, it's chromium. But the CEO of Brave was the creator of Javascript and co-founder of Firefox. A true master. I'm just waiting for them to release extensions support and I'll migrate to Brave. My main browser on Android is already Brave.
Your personal experiences would be great lessons for me. Thanks for sharing, this is really important :)
Laziness is a bad excuse and I’m guilty of it 😅. Thanks for the gentle nudge to be more careful
Great tips. I try my best but I need to be more careful. I guess we can always improve! Thanks for sharing @daan!
Are life's experiences is indeed our best teacher that teach us lessons we will never forget.
Thanks for sharing this experience and tips.
followed u
Found your post via @thesteemengine Whistle Stops.
Thanks for the good information. I've installed the extensions mentioned. Appreciate the reminder to keep security top of mind.
~T
Hi, thank you for contributing to Steemit! I upvoted and followed you! Follow back and we can help each other succeed :) Check out My Latest Post