August 4, 2017

Stay Safe When Surfing the Web

Using the internet is a part of daily life for many people, but it does pose dangers that include having your device infected by a virus, having your device hacked by a cybercriminal, and even falling prey to a scam.

Older Americans make attractive targets for scammers because they often have money in the bank, plus multiple lines of credit, according to identity theft expert Robert Siciliano. And while many older adults are embracing technology, some are less tech savvy than younger adults, which can increase online risks, Siciliano asserts.

Becky Blanton, a 61-year-old former police officer from Charlottesville, Virginia, had a run-in with these risks when she responded to a Craigslist ad for a job writing reviews at $15 a pop. When she was asked to review services she never used, she got suspicious, contacted PayPal and found out the online job was a scam. “Fortunately, I listened to my intuition and got out,” she says.

While listening to your gut can be a valuable tool in the fight against internet scammers, you can also take proactive steps to protect yourself. Here are nine steps to stay safe online:

1. Safeguard your computer.The first step toward staying safe online is protecting your computer from viruses and malware, which can cause frustration and cost you time and money. For example, one computer virus causes an alert to pop up claiming law enforcement has found illegal material on your computer and that you owe a “fine.” Other malware can hide in your machine quietly collecting your bank passwords and other sensitive information as you type. To avoid infection, get security software that includes a firewall, virus and malware protection. If you store sensitive documents on your computer, consider purchasing file encryption as well. And consider security protection for your smartphone too. “Do not buy security software offered as an unexpected pop-up ad on your computer or by email,” the Internal Revenue Service warns. “It’s likely from a scammer.”

2. Keep software up to date.Keep all software current on your computer, tablet and smartphone, advises Michael Kaiser, executive director of the National Cyber Security Alliance. Set your security software to update automatically to keep up with evolving threats. And for your apps, operating system and other software, perform updates as soon as they’re available, both on your computer and your smartphone. “Updating software is really critical,” Kaiser states. “Many updates contain security fixes.” Just look at the ongoing “WannaCry” attack, in which hackers have exploited a vulnerability in Windows to hold tens of thousands of computers hostage with a demand for ransom. That attack offers a perfect example of why it’s so important to keep software updated, according to Joseph Thomas, owner of A Bit Above, a Florida computer repair company.

3. Go straight to the source.It’s easy to get tricked by phishing scams, in which criminals send an email that appears to come from a legitimate business, like a bank. The message may claim there’s a problem with your account and ask you to click on a link and enter your password. If you, you’ve handed over the key to your account. Sophisticated scammers can make these emails look very legitimate. For example, years ago one scammer snagged the domain PayPai.com and created a site that looked almost identical to PayPal.com, recalls Doug Fodeman, who gives workshops on online safety and runs the scam education site TheDailyScam.com. An incorrect spelling that’s one letter off can be tough to spot, especially for aging eyes. That’s why Fodeman recommends adding bookmarks to your internet browser for all the sites with which you regularly do business, such as Amazon.com, your bank, PayPal and Netflix. If you get an email claiming to be from one of those businesses, don’t click on the link in the email. Instead, use your bookmark to log in and see whether there really is an issue with your account. “Always use your own trusted link to access these services,” Fodeman warns.

4. Stay out of suspect territory.Just as you might steer clear of high-crime areas while driving around town, avoid “internet bad neighborhoods.” Surfing shady websites, such as those that offer free downloads of pirated movies or music, can be dangerous. “Steer clear of these sites altogether and you’ll greatly reduce your chances of getting a virus,” PCWorld.com advises. Be especially careful with downloads, and get apps or software only from trusted sites. Keep in mind, though, that “drive-by” viruses can infect your computer even if you don’t download anything, which is why it’s best to stay away from sketchy sites.

5. Use free Wi-Fi with caution.Many coffee shops, hotels and restaurants offer Wi-Fi so you can surf the web on your laptop or smartphone while you sip a cup of joe. If you take advantage of the free connection, use it only for casual internet browsing like getting directions or restaurant reviews — not for any surfing you want to keep private. And never log onto a banking site or any other site that requires a password. If you want better security, avoid the Wi-Fi and use the data on your phone, Kaiser recommends. Also, make sure you’re connecting to the Wi-Fi owned by the business and not a similar-looking “evil twin,” a network scammers set up to trick users and steal their information. “Even with the best security possible on your device, your data is only as safe as the internet connection it’s transferred over,” Thomas points out.

6. Pick strong passwords.Online safety expert Fodeman marvels at how many people use easy-to-crack passwords like their grandkids’ names and birthdates. Some people “make very poor password choices,” he says. Once a hacker guesses that easy password, they can do a lot of damage — for example, taking over your account and sending scammy messages to your friends and family or even draining your bank account. Reduce their chances by using a different password for each site and creating strong passwords. Make your passwords long and include numbers, characters and capital letters. One trick is to come up with a phrase you can remember and use only the first letter of each word. For example, “I went to Hawaii with Wendy in January 2015 and had a great time” becomes: IwtHwWiJ#2015&hagt. If you have a lot of accounts, consider using a password manager like LastPass to generate and keep track of secure passwords.

7. Don’t overshare online.When it comes to sharing on social media, less is more.”Be very careful when you post on Facebook, Instagram and other sites,” Siciliano advises. Never post personal data, such as your full date of birth, address, phone number, pictures of your grandkids tagged with their names, or relationship status. To avoid making yourself a target for theft, don’t reveal your current location, use photos with geotags or spill the news about your upcoming vacation plans. “Burglars pick houses by looking on social media to see when people are on vacation,” Fodeman points out. Also be aware that social media is prime territory for scams, including phishing scams. So, avoid clicking on strange links or logging into your accounts through links provided via social media. For example, if you post a complaint about your bank and a “customer service representative” responds and asks you to click a link to log in and get help, it’s a scam.

8. Save shopping forsecure sites.Shopping online can save you time and money, but it pays to be cautious. To shop safely on the internet, do your research and check reviews before buying from a retailer you haven’t used before. Use a credit card rather than a debit card, and only shop on sites with https prefixes that indicate encryption. And when the site asks if you want to store your credit card information for future purchases, just say no. Even if the retailer is trustworthy, data breaches are so common that it’s worth the inconvenience of entering the number each time.

9. Use strong authentification.Use two-factor authentification, also known as strong authentification, which is offered by most major email providers, social media networks, banks and other businesses. This security measure requires you to enter two pieces of information to log into an online account, making it more difficult for a hacker to gain access. For example, you might have to enter your password plus a one-time-use code sent to your phone. It’s especially important to use strong authentification on your email, according to Kaiser. With access to your email, a criminal can hack into any of your other accounts, including bank, shopping and social media, using the password reset function to gain access. The new password gets sent to your email, and the hacker can log in and take control. “If a cybercriminal gets into your email, they kind of own you,” Kaiser says, adding that it’s worth taking an extra step to keep that from happening. His advice: “Strong authentification is one of most important cybersecurity practices people should employ.”

While there are many measures you can take to protect yourself online, these basics are key, Kaiser asserts: “Doing the basics is going to provide you with a strong defense against cybercriminals.”

READ MORE: What You Need to Know About Identity Theft and Fraud

© Copyright 2017 The Hartford. All Rights Reserved. Brought to you by The Hartford. The content displayed is for information only and does not constitute an endorsement by, or represent the view of, The Hartford.

Information and links from this article are provided for your convenience only. Neither references to third parties nor the provision of any link imply an endorsement or association between The Hartford and the third party or non-Hartford site, respectively. The Hartford is not responsible for and makes no representation or warranty regarding the contents, completeness or accuracy or security of any material within this article or on such sites. Your use of information and access to such non-Hartford sites is at your own risk. You should always consult a professional.