Navigating the internet can be hard. Bad actors intent on exploiting uninformed users are constantly lurking behind emails, websites, and social media invites. Even your Wi-Fi router and those now-ubiquitous QR codes can be danger points. Add to that, the never-ending virus and malware threats.
Most internet users are often unaware of danger zones. However, staying protected online means knowing what to avoid and how to protect yourself.
Here are five things within your control to help keep you digitally safe
1. QR Codes, Handy but Potentially Harmful
These postage-size image links to websites can be convenient. Just point your smartphone camera at it and instantly go to a website, tech support location, discount offer on a purchase, or restaurant menu.
However, QR codes can also take you to a nefarious place where malware or worse is waiting. QR codes can be programmed to link to anything, putting your privacy and security at big risk.
Think before you scan a QR code. If the code is displayed on a website or printed document you trust, it is probably a safe. If not, or you are unsure, check it out.
You can download reputable QR reader apps that will perform a security check on the endpoint of the QR code’s destination. One such safety tool I use is the Trend Micro QR Scanner app, available for Android and iOS.
2. Avoid ‘Unsubscribe’ Email Scams
This is a popular ongoing scam that has a high success rate for hackers. Potential victims get an email for a product offer or other business invitation. The opt-out action step is enticing, looks familiar, and sounds reasonable. “Don’t want to receive our emails? Click here to unsubscribe,” it beckons.
Sometimes the annoying repeat emails ask if you want to unsubscribe from future emails. Some even offer you a link to cancel a subscription.
Do not select any options. Clicking on the links or replying confirms your active address.
Never input your email address in the “unsubscribe me” field, either. More senders will follow.
A better solution to deleting the unwanted email, especially from an unknown sender, is to mark it as spam. That moves it to the spam folder. You also can add that sender to your email program’s block list, or set up a filter to automatically delete it before it reaches your inbox.
3. Lockout Facebook Hackers
Other villains try to usurp Facebook accounts. Hackers can change your password, email address, phone number, and even add a security code to lock you out of the pirated account. Before trouble happens, be proactive to prevent these situations. Facebook provides the following security settings you need to enable.
- Enable two-factor authentication (2FA) to require your login approval on a separate device.
- To do this, log into your Facebook on a computer and navigate to Settings & Privacy. Select Security and login and scroll down to edit the Two-factor authentication option. You will be asked to enter your password again to complete this setup.
- Turn on the Code Generator feature on the Facebook App
- On the mobile app, tap the magnifying glass, enter “code generator”, and tap the search icon. Select Code Generator and tap “Turn on Code Generator” to get a 6-digit code that changes every 30 seconds. You will be asked for this rotating code each time you try to log onto Facebook on another device.
- Set up login alerts to your email
- You can do this from either a computer or mobile device.
- Computer: go to Settings & Privacy > Settings > Security & Login > Get alerts about unrecognized logins
- Mobile: Tap menu > Settings and Privacy (gear icon) > Settings > Password & Security > Setting up Extra Security > Get alerts about unrecognized logins. Tap on your preferred notification method.
- You can do this from either a computer or mobile device.
4. Secure Your Wi-Fi Router
With remote work on the rise since Covid, home Wi-Fi routers are becoming targets. Malware attacks on home Wi-Fi networks are on the rise because residential setups usually do not have the advanced level of security and protection found on enterprise networks.
You can apply these steps to help secure your home/office Wi-Fi network:
- Be sure to enable WPA2 or WPA3 encryption on your routers. The default factory setting is often the outdated WEP (Wired Equivalent Privacy) security protocol, or none is set at all. Check the user manual or the router manufacturer’s website for directions.
- Change your router’s SSID (Service Set Identifier) and password. This is critical. Typically, the factory setting shows the router’s make or model and has a universal password such as 0000 or 1234. Rename the SSID to not easily identify you. Avoid names that include, for example, all or parts of your name or address. Make sure the password is very strong.
- For added protection, change the router’s password regularly. Yes, this is a big inconvenience because you also must update the password on all your devices that use that Wi-Fi network. But considering it will keep out hackers, it is well worth the hassle.
- Keep the router’s firmware updated. Check the user manual and/or the manufacturer’s website for steps to download the latest updates.
5. Beware of Phony Tech Support Schemes
Some fraudulent tech support operators will contact you by phone, email or even text message claiming to work for a well-known computer or software company. They claim to be responding to an alert from your computer of a virus or malware. They will usually offer to fix this for you if you provide your credit card information.
Another common form of phony tech support is a pop-up message on your screen while browsing the web. This message will almost always come with loud alerts and multiple flashing warning signs. It will often list a phone number or email and urge you to contact them immediately and not to turn off your computer until you’ve done so.
The scammers are using scare tactics to get you to comply with their instructions. They want access to either your bank account or your device.
These are some best practices to protect yourself from tech support fraud:
- Never let a scammer con you into going to a website or clicking on a link.
- Never agree to a remote connection by the so-called tech support agent that initiated contact to you.
- Never give payment information in exchange for technical support you did not initiate. Legitimate tech companies will not call you and ask for payment to fix a problem they claim to have discovered on your device.
If you suspect your computer has a virus or malware problem, initiate contact with a repair center yourself. You probably already have a support plan or active warranty from where you purchased the computer. If you have not contacted a tech support company, the call or message you received is illegitimate.