The Internet is not secure. Daily news stories about security breaches committed by individuals or businesses are a clear example of this. We, the Internet citizens, must be vigilant as not all online services will.
Many user actions can expose us to malware infection, system compromise, and social engineering attacks. These behaviors should be recognized and addressed.
Opening Email AttachmentsAttachments can make the exchange of documents and other files convenient. Internet-based email poses security risks. It is impossible to guarantee that the message you received was sent from your source email address or that the attachments were not altered during transit. You can also use a third-party file transfer platform such as Dropbox, OneDrive or Google Drive, ShareFile and Box. You can also use email encryption or digital signatures like S/MIME and PGP.
Clicking on Hyperlinks via Social NetworksSocial media is full fake accounts and compromised accounts. Do not click on any link that is offered to you by a message or posted. Clicking on hyperlinks can lead to malicious sites, expose to phishing scams, or cause a drive by download infection. It is impossible to determine if a URL is safe to click on. If you feel that the item is important enough to be seen, then you can search for the title or name using a search engine.
Your computer could be at risk if you download files from third-party sources. Third-party file-hosting sites or transfer services/protocols could lead to infected or compromised files being downloaded. Always confirm that the source is authentic, valid, authorized, and original. This will reduce the likelihood of malware being delivered via a Trojan Horse file, image, document, audio or video file or file, or driver, plug-in, or software update.
Portable/Removable MediaPortable media like flashcards or USB drives are convenient. If the portable drive is stolen or lost, your data could be at risk. If another person uses the portable storage device, malware could spread to your computer. Use an encrypted portable media encryption or secure Internet-based file exchanging.
Open Wireless Networks: A Wi Fi hotspot or open wireless network is the most vulnerable to being compromised. You can be tricked into connecting to a hacker-controlled wireless device using many fake or rogue wireless connection points attack methods. You might also be tricked into connecting to a DNS spoofing attack or on-path attack. These attacks can often be difficult to spot and users are often only able find out when they are over. Wireless attacks can place malicious code on your device, steal private information, and compromise your online credentials. To avoid problems with wireless networks that are open to hackers, you can use a VPN.
Many mobile phone companies offer either portable access points (i.e. mobile hotspots), or a tethering plan that allows you to connect to your smartphone. This would allow you take a private Internet connection and share it with your devices.
Another option is to connect via VPN to any wireless network. Advanced users can set up their own VPN on their network. The average user will need to connect with a paid or free VPN provider. An Always-On VPN can be used to connect to many VPN solutions. This will make the VPN more flexible.