Category: Web Security

How To Keep Your Web Browsing Safe From Public Wi-Fi Networks?

How To Keep Your Web Browsing Safe From Public Wi-Fi Networks? by Navdeep Yadav.  Available from <http://www.mobipicker.com/keep-web-browsing-safe-public-wi-fi-networks/> [January 03, 2017]

A lot of people, including you, love shopping, posting photos and updates, and even conduct banking tasks on the internet. It is quite convenient to perform all of these tasks remotely. Isn’t it?

But, while doing so, you may forget that your information is floating around the internet. Whatever data you share on the internet bounces through different servers across the country or even across the world. That makes a good prospect for the hackers to steal your data, especially when you’re using public Wi-Fi networks. And, when you’re not using any VPN proxy to keep your web browsing safe, the prospect becomes much higher. Hackers may exploit public Wi-Fi in a number of ways

So, how would you ensure the privacy of your data that is being shared online and how would you keep your web browsing safe while using public Wi-Fi networks?

For your ease, we have listed down a few safe web browsing tips which you can adopt to keep your data secure and web browsing safe. Let’s discuss them one by one.

Using a VPN

Not all of you would be aware of this measure but it is regarded as one of the best ways to keep your web browsing safe from the risks associated with using public wi-fi networks. A VPN (virtual private network) connection cloaks the connection between your computer/electronic device and the internet, thus making your web browsing safe from the online hackers. Though hackers can still intercept the secure data, they cannot do anything harmful with it. There are a lot of VPNs available in the market such as FalcoVPN, ExpressVPN, NordVPN, etc.

Turn Off Wi-Fi AutoConnect

It is always safe to turn off the Wi-Fi auto-connect feature on your device, especially when you’re not using it. Doing this will prevent your device from getting connected to any public Wi-Fi network automatically. All you need to do is open your device’s network settings and disable the auto-connect button.

Turn Off File Sharing

When you’re using a public Wi-Fi network, make sure you have turned off file sharing. Windows 10 users can turn off file sharing simply by heading over to the Control Panel and then opening View network status and tasks. Once you’re there, click on Change advanced sharing settings and then turn off file and printer sharing. Click Save Changes at the end. If you’re using MacOS, then go to Settings, click on Sharing, and turn it off.

Enable Firewall on Your System

Having a firewall installed on your computer is necessary as it protects your system against unwanted network connections. Therefore, you need to make sure it is installed and is enabled. Windows users can use Windows Firewall. However, if you’re a Mac user, you can get help from the built-in firewall. You need to turn on Stealth Mode in advanced options to prevent hackers from accessing your network connection. To do this, just go to Settings, open Security & Privacy, and click on Firewall. It will turn on and get ready.

Install an Anti-Virus Software

An anti-virus software can help you know if any malware is residing in your device or computer system. Getting your computer or device scanned with an anti-virus software is a good practice because the software will send you an alert if there is any virus in them. This software will not only alert you but also help in quickly removing the offending bugs.

TURN OFF Wi-Fi When Not Using

To keep your mobile web browsing safe, it is better to turn off Wi-Fi on your mobile device when you’re not using it. It is the best guarantee to stay safe on the public Wi-Fi. However, during emergency situations, we suggest you to sparingly use the public Wi-Fi.

It is quite possible that you might know a couple of other measures to keep your web browsing safe but the ones we have listed will surely benefit you some way or the other. Ensuring data security should be on your to-do list, especially when you’re handling sensitive and confidential information on the public networks.

How To Keep Your Web Browsing Safe From Public Wi-Fi Networks? by Navdeep Yadav.  Available from <http://www.mobipicker.com/keep-web-browsing-safe-public-wi-fi-networks/> [January 03, 2017]

Expert Tips and Tools You Can Use to Safeguard Your Privacy Online

Expert Tips and Tools You Can Use to Safeguard Your Privacy Online  by Mike Peterson.  Available from <https://www.idropnews.com/how-to/how-to-remain-private-or-anonymous-online/28441/> [December 23, 2016]

As we’ve become more and more reliant on devices and the internet in our day-to-day lives, the more of our data and information has been uploaded to the web. Not only that, but many of us rely on the internet for work or play — and internet security is essential to that. Whether you’re worried about nefarious hackers, government spying, or nosy advertisers, you can help protect your data by following a few easy steps and using a few different (and free) tools.

Here are the cybersecurity essentials — used by everyone from security experts to journalists — to get you started.

Ground Rules

If you’re worried about privacy and protecting your information, you can follow some simple rules to make sure you have a head start against any would-be spies.

First, use a strong password. The best kind of password doesn’t contain words or fragments, but rather a random assortment of letters, numbers and special characters. You can also use a password manager like LastPass, Password Safe, or KeePass. 1Password is a popular option for iOS. Additionally, don’t use the same password across all of your accounts.

Next, make sure not to over-share information on social media. You really don’t need your phone number, email address or birth dates readily accessible to the public, do you?

Set up a Google alert for your name, so you can keep tabs on how your identity is being perceived or used without your consent. Don’t like advertisers gathering information about you? Use a non-tracking search engine like DuckDuckGo.

Lastly, try to enable two-factor authentication whenever you can. In that case, your accounts will have an extra layer of security even if your passwords become compromised.

Message Safer

There are many options when it comes to encrypted messaging services, but two of the best are WhatsApp and Signal.

WhatsApp is a popular messaging app, and it might be one that you already use. But what you might not know is that WhatsApp actually features end-to-end encryption: the messages you send are scrambled, ensuring that only you and the recipient have the key needed to read them.

Signal is another excellent choice, and is popular among journalist and security experts. Along with end-to-end encryption, it also features disappearing messages — meaning that there will be no record of the conversation after the messages expire.

Signal is arguably better encrypted, but a messaging app is only useful if you use it — and you probably have more friends on WhatsApp.

Get a Secure Email Client

If you’re worried about various entities reading your email, you should look into Proton. It’s a free, secure email client based in Switzerland — meaning that it falls under Swiss, rather than American, privacy laws. That means the U.S. government can’t force Proton to give up your data. Forbes famously called it “the only email system NSA can’t access.

All emails sent through the service are end-to-end encrypted, and the client never logs your IP address. Besides a browser-based version, the service also has an Android and iOS app so you can take your secure emails on-the-go.

Some other options are Tutanota and KolabNow. Both are open-source and free-to-use. For something a bit more feature-packed, Berlin-based Posteo.de is held in very high regard among security experts. It doesn’t ask for any information when you sign up, it features two-factor authentication, and it allows you to pay others anonymously. Unfortunately, it’s not free.

Download TOR

If you’re serious about encrypting your online activities on your computer, there’s The Onion Router, also known as the TOR project.

TOR Browser is a lightweight program, available to download for both PC and Mac, that obscures your online browsing via a proxy network. When you use TOR, your computer doesn’t directly access a site — the program sends your request through various servers spread across the world. That way, the site you’re accessing never actually sees your IP address.

Of course, this security doesn’t work if you’re accessing a site that asks for login or other personal information — like Facebook or other account-based services. While your computer and IP address might be anonymous, TOR doesn’t hide the specific, possibly compromising activities that could give your identity away.

Use a VPN

A VPN works by extending a private network over the public connections we use daily. VPNs use a series of discrete networks or computers to secure and encrypt communication when using the internet. A user logging into a VPN would typically access it via a client/browser window, log-in with special credentials (really similar to how you’d log into your email) and voila — once inside the VPN, the user is secure from any eavesdropping or spying.

Any time you’re doing something on the internet, you’re exchanging and sending data to another source. A VPN ensures that each time you do so, all the data that’s being sent from your end is encrypted, and safe from people seeking to steal it. Learn more about VPNs and some of the best VPN services available, here.

Additional Considerations

Even with using privacy services like TOR, some of your DNS traffic might still leak through, potentially compromising your anonymity. To find and plug those leaks, you can use DNSLeakTest.com.

Similarly, you can see just how much information your computer web browser is giving away by going to BrowserLeaks.com or Panopticlick. You can take notes and additional steps to plug those leaks, too — like turning off cookies and disabling site tracking.

Many apps on the iPhone use location services — while this can be great for remembering exactly where you took that iPhone picture, it also means that your data might have scarily specific locations attached to them. For example, the Exif data embedded into your bathroom selfie can potentially let attackers know exactly where you live. Paranoid? Just turn off location services for any or all apps via Settings > Privacy > Location Services.

Expert Tips and Tools You Can Use to Safeguard Your Privacy Online  by Mike Peterson.  Available from <https://www.idropnews.com/how-to/how-to-remain-private-or-anonymous-online/28441/> [December 23, 2016]

Protecting Your Online Presence with 3 Simple Tips

Protecting Your Online Presence with 3 Simple Tips by Carolina.  Available from <https://www.hackread.com/protecting-your-online-presence-with-3-simple-tips/> [Dec 19, 2016]

It is safe to say that over 80% of our lives are now stored in the cloud. Work and study are now conducted online. Universities such as Bradley University are making it possible to pursue an FNP degree of your choice without leaving the comfort of your home. Unfortunately, there has been a lot of cases of identity and information theft over the past few months. As we get closer to the end of 2016, information security becomes more important than ever.

Go through our How-To section here at HackRead and you will find a lot of tips and tricks on how to protect your online presence. In this article, we’re going to review some more tips that will help you work and study online without having to worry about your information getting stolen.

Have a Trusted Computer

One of the easiest ways to minimize the risks of information theft is by accessing your office network or the online learning program’s platform using a computer you can trust. This can be your own laptop or desktop computer that only you can use.

Take proper steps to add security measures to the laptop. An up-to-date antivirus, firewall software and good user management are all that you need to get started. When you access the family nurse practitioner course you’re taking online, for instance, you don’t have to worry about other users stealing your login info.

Write It Down

Do you know that you’re more likely to have your password stolen online than when it is written down in a notebook and stored at home? Writing down passwords actually enables you to have different passwords for different accounts, which means you can secure your online presence further without a problem.

Work out a way to write down passwords without actually mentioning the account they are for. For example, you can use initials to mark which passwords are for which accounts. Keep the note safe by storing it in a locked drawer or another safe place around the house.

You should also consider using a tested-and-tried password management software. 1-Password and similar software can help you store passwords for multiple accounts safely. Even better, these apps can also suggest a strong password for your accounts by generating random strings you can use in one click.

Test Your Security Questions

One last weak link to fix is the password recovery option you use on different accounts. We often choose security questions that are easy to remember. Unfortunately, most of the security questions – and their answers – are about things that information thieves can also find online.

The name of your first dog may be posted on your Instagram or Twitter account. Your story about that visit to your aunt’s house may reveal her name and the answer to another security question. Your favorite teacher at high school and other common security questions are just as easy to guess or figure out.

Switch to a security question only you can answer, apply the previous tips we’ve covered in this article, and be sure to stay up to date with the latest security tips here on HackRead.

Protecting Your Online Presence with 3 Simple Tips by Carolina.  Available from <https://www.hackread.com/protecting-your-online-presence-with-3-simple-tips/> [Dec 19, 2016]

How to secure your digital transactions

How to secure your digital transactions by Abhijit Ahaskar.  Available from <http://www.livemint.com/Leisure/eAqnDAFMqB4Vfxe7yyOfgO/How-to-secure-your-digital-transactions.html> [Last Modified: Mon, Dec 19 2016. 06 16 PM IST]

Demonetisation and the subsequent cash crunch has compelled people to use their debit or credit cards. Many are using payment wallets such as FreeCharge and Paytm to avoid using their cards all the time. Many of these first-time users are not fully aware of what is secure and what is not. This makes them an easy prey for hackers and people with malicious intent. According to Norton’s Cyber Security Insights Report (published in November 2016), 55% of users born between 1980 and 2000 have been victims of cyber crime.

Here are some tips that you can keep in mind if you are using one of the digital platforms for making your next cash transaction.

Be more cautious with public WiFi networks

Easy and fast access to internet through public WiFi networks such as at railway stations, airports and coffee shops attracts many users. Users need to keep a few things in mind before connecting to any public WiFi network. One of them is to make sure you know the right SSID (service set identifier) name of the WiFi network you are connecting to. Hackers often set up WiFi network with almost similar SSID names making users believe that there are two such networks and they can connect to any of them. Any communication made using such dubious networks will be at risk of malicious activity. It is safer to avoid WiFi networks that are not protected by a password.

Use VPN

Using a Virtual Private Network (VPN) not just sidesteps geographical restrictions on online content but can also add a layer of security to your online communications. It is widely used as a tool to secure web browsing sessions by enterprise as well as individual users. You can add a VPN on your smartphone or your WiFi network at home. For a smartphone, you will have to downloaded and install a VPN app. Most VPN apps charge a monthly subscription, while some like Opera VPN are completely free to use. Deploying a VPN in wireless router will transmit all online communication through an encrypted tunnel created by the VPN.

Use OTP during transactions

During online transactions made using a credit or debit card, banks ask users to enter their 3D secure PIN (personal identification number) or request for an OTP (one-time password). Using the latter will prompt the bank to send a six-digit number through a text message on the user’s registered mobile number. This is a unique number and is generated only for one transaction. Using a 3D secure PIN on a public WiFi can be risky. Paying through an OTP is still a safer option.

Identify secure webpages

Most websites rely on certain security protocols such as HTTPS (Hyper Text Transfer Protocol Secure) to protect users and keep their transactions secure. These websites can be identified with a green sticker and through the browser url, where the link address will start with https instead of http or www.

Alternative to online transactions—Use NUPP for transaction

Another way of bypassing the risk of online fraud during transactions is using National Unified USSD Platform (NUPP) for sending money directly to the other person’s bank account. NUPP is based on USSD (Unstructured Supplementary Service Data) technology which uses GSM networks for communication with the user and the bank and this makes it free from the risk of online hacking. To use it, dial *99# in your phone and enter and type the three letters used to identify your bank or the IFSC (Indian Financial System Code) of your bank in the next pop-up page. This will open another page with options to pay using MMID (Mobile Money Identification Number) or IFSC.

If you are paying through MMID, enter the seven-digit MMID code and the beneficiary’s mobile number. In case you are using the IFSC, enter the IFSC code and the bank account number of the beneficiary and the amount that you are paying. To complete the transaction, you will be asked to enter your four-digit mobile banking PIN number issued by your bank. For every transaction, users will be charged a nominal fee of 50 paise.

How to secure your digital transactions by Abhijit Ahaskar.  Available from <http://www.livemint.com/Leisure/eAqnDAFMqB4Vfxe7yyOfgO/How-to-secure-your-digital-transactions.html> [Last Modified: Mon, Dec 19 2016. 06 16 PM IST]

Top 12 Tips for staying safe online

Top 12 Tips for staying safe online by Kuwait Times.  Available from <https://www.zawya.com/mena/en/story/Top_twelve_tips_for_staying_safe_online-ZAWYA20161215052009/> [14 December 2016]

As the popularity of online shopping increases in Kuwait, so does the likelihood of falling foul of cyber crooks, not necessarily because they are putting in extra effort during the festive season, but simply because more of us are doing more online shopping at this time of the year, and we’re on the lookout for the hottest deals.

Sophos has put together the following cyber security tips to help you focus on family, food and fun over during this season, rather than dealing with the headache of stolen credit card details or important documents lost to ransom ware.

1) Clean up your passwords before you start shopping
Don’t use the same password on more than one website. If the crooks get one password, they’ll immediately try it on all your other accounts. Make your passwords as long and complex as you can; in fact, consider using a password manager, which will come up with a unique password for each website automatically.

2) Update your devices
When patches come out, most of them fix security holes that the crooks either already know about or will find out about soon. Don’t put off security updates because “later will be fine”. Follow our advice: patch early, patch often.

3) Back up your files
Whether you’re taking your laptop on holiday, or staying at home with your faithful desktop this festive season, don’t forget to back up your precious documents on all of your devices. That way if your files are lost, stolen, “reconfigured” by a teenaged “expert”, or, worst of all, held for extortion by ransom ware, you can still get your data back.

4) Watch out for booby-trapped ATMs when shopping on the High Street
Watch out for modified ATMs when you withdraw money. Crooks often glue fake parts onto or around ATMs in the hope of covertly reading both your card data and your PIN. If you see an ATM with any components that look as though they don’t belong, report it to the bank and the police. That way you protect yourself and everyone else too.

5) Beware of login links in emails
With so many emails flying around over the festive shopping period, it’s a popular time for cyber crooks to use fake ‘phishing’ emails to trick you into handing over personal data. When an email urges you to click on a link to login to your account and change your password, or some similar sort of subterfuge, it’s probably crooks trying to trick you onto a fake site that will look exactly like the real thing, except that the crooks get your password, not the real website. If you want to check a transaction on one of your accounts, open your browser and browse to the website yourself.

6) Look for the padlock in the URL bar when shopping online
A padlock in the address bar and a URL that starts with “HTTPS” means the website uses an encrypted or secure connection. All major websites, not just financial institutions, use HTTPS these days, so if you see a site that’s asking for personal information but doesn’t have the padlock, you can be sure it’s a fake.

7) Watch out for bogus courier emails
During this time, you may very well get products delivered to your home, so you’ll be expecting a visit from a courier company. Crooks know this and send fake emails about bogus delivery problems, hoping to draw you into their web. If you want to contact a courier company to check on a delivery, look up their phone number or email address yourself – don’t use any links or information from an email.

8) Don’t email your credit card details
Sometimes you’ll try to buy that special gift , but your credit card won’t go through. In perfectly good faith, the seller may ask you to email through your card details to try again later. But that email could end up in the hands of cyber crooks, even if the seller handles it with care once they’ve received it. Remember: if in doubt, don’t give it out!

9) Turn off Flash on your devices
Want to do one single, simple thing to improve your security, now and forever? Turn off Flash, or uninstall it altogether if you can. Booby-trapped Flash files are still a popular way of spreading malware, and with fewer and fewer sites actually requiring Flash, it’s safer to do without it altogether.

10) Change default passwords before using any new home video devices
Whether it’s a new baby monitor, home surveillance system, or any other internet-enabled camera, it probably has a default password. If you don’t change the password then you are making it easy for a cybercriminal to hack in and watch whatever you’re filming. That could be you, your house, your baby, or something else that you’d prefer to keep away from prying eyes.

11) Think before you share on social media
Maybe it sounds obvious, but over sharing on social media is a bad idea, and there is no better time to remind you of this than the party season. Whether it’s photos of other people, your credit card details, the fact that you’re holding a really amazing party on Friday night or anything else, stop and think before you share. Once you post it, you’ll never be able to take it back.

12) Upgrade the software on any new devices before using them
Even “new” computers and hardware devices usually need updates right away. After all, between when they were made and when you first use them, the crooks have had time to find new security holes to attack. If you want to protect your new devices, always patch before using them, even if it’s Christmas Day and you’re dying to try out your brand new present.

Finally, make sure your computers at home are secure. Sophos Home is free and allows you to protect up to 10 Windows and Mac computers from malware, ransom ware, phishing and more. You can have different settings for adults and kids, and the web filter lets you block ads. It’s an easy-to-use solution that takes minutes to download and get started. And remember, when 2017 comes around, all of these tips will still be valid. In other words, as much as we’re urging you not to let your computer security guard down over the festive season, we’re also encouraging you to keep your security guard up every day. Cyber security is for life, not just for this season.

Top 12 Tips for staying safe online by Kuwait Times.  Available from <https://www.zawya.com/mena/en/story/Top_twelve_tips_for_staying_safe_online-ZAWYA20161215052009/> [14 December 2016]