QTIP: The #1 Online Risk Factor
Posted on May 17th, 2018
It’s no surprise that risks abound online. However, you may be surprised that security researchers point to computer user behavior as the #1 risk factor. It’s true, cyber attacks occur mostly as a result of users’ innocent (or careless) mistakes and/or users' deliberately risky online behavior.
What can you do? One or more of these tips may help you protect your data and your identity from theft and avoid costly data recovery and computer restoration.
If you haven’t done so already, migrate your email away from Yahoo and AOL to a reliable email provider. Gmail and Microsoft offer excellent free email options. Why?
- 90% of worldwide email is spam.
- Former internet darlings Yahoo and AOL stayed too long at the party.
- Founders cashed out and moved on.
- Succession of new owners rolled up other failed internet properties (Earthlink, Lycos, etc.) then mismanaged them, neglected security upgrades.
- Hundreds of millions of AOL and Yahoo user accounts have been stolen, hacked, and sold on the dark web.
Avoid sketchy online neighborhoods. What’s a sketchy internet neighborhood?
- By now you’re savvy about places in town to avoid after dark.
- The internet has unsafe places too. Social media, gossipy click bait, free coupons, pornography. The list goes on.
- Irresistible online attractions and distractions are called "click bait" for just that reason. The headline may tease, but don’t take the bait.
Allow genuine Windows Updates or macOS Software Updates to install regularly.
- Anti-malware updates are included in genuine OS updates.
- Avoid installing third-party anti-malware utilities. They can defeat Windows 10 and macOS built-in anti-malware technologies.
Download only apps that you know are genuine and malware-free. How?
- Download apps only from the genuine application developer’s site or from the Windows or Mac app stores.
- Never download drivers, applications or updates from sites like e.softonic.com, downloads.cnet.com, and others that infect the unwary.
- Skip all offers for third party anti-malware utilities. Current versions of both Windows 10 and macOS have very good malware defenses that work well unless they are defeated by conflicting utilities or by user error.
- When you’re not sure if an app is genuine and malware-free, don’t install it. Get the real thing.
Don’t allow the default Downloads folder to become a dump for download detritus.
- Your Downloads folder is a favorite hiding place for malware. Sometimes long after removing a suspicious application, a leftover installer or infected file in the Downloads folder can lead to reinfestation.
- Change the destination for email and web attachments from the default Downloads folder to your Desktop.
- When attachments or files download to your computer:
- Ask yourself, "What is it? Do I want it?"
- then, file it or trash it.
Check your Contacts for interlopers. Online attackers evade spam filters by sneaking their email addresses into your Contacts and Previous Recipients list.
- Beware of look-alike contacts in your address book that are actually spoofs intended to defeat your spam filters.
Don’t be bullied. If your computer locks behind a warning claiming to be from Apple, Microsoft, the IRS, the FBI, (or other institution) demanding that you immediately call them to resolve a problem, the threat is not from any of those entities. It’s a scam.
- NEVER CALL the toll free number nor engage with the potential attacker in any way. (If anyone calls you with similar threats do not engage in any way with the scammer.)
- The onscreen threat can usually be safely disabled by a trusted local computer technician.
- Calmly disconnect from the network and shut down the computer. Pull the power cord out of the wall or eject the battery, if you have to. Then call your trusted local computer technician.
- NEVER give anyone that you do not personally trust access to or remote control of your computer.
- Carefully choose your trusted local computer technician.
It may be nice to share things personal items with friends, children, and other loved ones. But it is unwise to share personal techno-gadgets with your sensitive data and logins on them. Topping my short list of personal single-user items are:
- Mobile phone, tablet and computer
- ATM PIN
For more tips — even tech humor — visit QTIPS for Your Digital Life http://quentinleo-qtips.postach.io/