Top 15 internet safety rules and what not to do online

So much of our daily life revolves around the internet, from work to education and even talking with friends. A 2021 survey found that the average US household had around 25 internet-connected devices, up from 11 in 2019. The more online accounts and devices you have, the greater the scope for cybercriminals to cause you harm. That’s why it's now ever more essential to understand internet safety rules which protect you and your family from threats that may harm your data and devices. Read on to find out about key internet dangers and the ways to stay safe online.

The Key Dangers of the Internet

When you and your family use the internet, you are (often unknowingly) exposing yourself to a wide range of potential online threats. Digital landscapes as we know them are constantly evolving as cybercriminals devise new ways to target internet users. Here is a list of just some of the biggest internet dangers you and your family need to watch out for:

• Identity theft.
• Data breaches.
• Malware and viruses.
• Phishing and scam emails.
• Fake websites.
• Online scams.
• Romance scams.
• Inappropriate content.
• Cyberbullying.
• Faulty privacy settings.
  

Essential Internet Safety Tips

To avoid all of these dangers, we recommend following our essential internet safety tips when you or your family are online:

1. Make sure you’re using a secure internet connection

Although using public Wi-Fi is not recommended, it’s sometimes unavoidable when you are out and about. However, when you go online in a public place and use a public Wi-Fi connection, you have no direct control over its security, which could leave you vulnerable to cyberattacks. So, if you are using public Wi-Fi, avoid carrying out personal transactions that use sensitive data, such as online banking or online shopping.

If you need to do any one of these, use a Virtual Private Network or VPN. A VPN will protect any of the data you send over an unsecured network via real-time encryption. If you don't use a VPN, we recommend saving any personal transactions until you can use a trusted internet connection. You can find out more about what a VPN is here.

2. Choose strong passwords

Passwords are one of the biggest weak spots when it comes to cybersecurity. People often choose passwords that are easy to remember and, therefore, easy for hackers to crack with hacking software. In addition to this, using the same password for multiple sites puts your data at further risk. If hackers obtain your credentials from one site, they can potentially access other websites which use the same login details.

Select strong passwords that are harder for cybercriminals to crack. A strong password is:

• Long – made up of at least 12 characters (ideally more).
• A mix of characters – upper-case and lower-case letters plus symbols and numbers.
• Avoids the obvious – such as using sequential numbers (“1234”) or personal information that someone who knows you might guess (or that might already be online), such as your date of birth or a pet’s name.
• Avoids memorable keyboard paths.

Using a password manager can help. Password managers help users create strong passwords, store them in a digital vault (which is protected by a single master password) and retrieve them when logging into accounts online.

3. Enable multi-factor authentication where you can

Multifactor authentication (MFA) is an authentication method that asks users to provide two or more verification methods to access an online account. For example, instead of simply asking for a username or password, multifactor authentication goes further by requesting additional information, such as:

• An extra one-time password that the website's authentication servers send to the user's phone or email address.
• Answers to personal security questions.
• A fingerprint or other biometric information, such as voice or face recognition.

Multifactor authentication decreases the likelihood of a successful cyberattack. To make your online accounts more secure, it’s a good idea to implement multifactor authentication where possible. You can also consider using a third-party authenticator app, such as Google Authenticator or Authy, to help with your internet security.

4. Keep software and operating systems updated

Developers are constantly working to make products safe, monitoring the latest threats and rolling out security patches in case of vulnerabilities in their software. By using the latest versions of your operating systems and apps, you will benefit from the latest security patches. This is especially important for apps that contain payment, health or other sensitive information about a user.

5. Check that websites look and feel reliable

For any website you visit, especially ones you transact with (such as e-commerce sites), it's crucial that they are reliable. A key element to look out for is an SSL/security certificate. This means, lookout for URLs that start with “HTTPS” rather than “HTTP” (the “S” stands for “secure”) and have a padlock icon in the address bar. Other trust signals include:

• Text which is free from spelling and grammar mistakes – reputable brands will make an effort to ensure their websites are well-written and proofread.
• Images that are not pixelated and fit the screen's width correctly.
• Ads that feel organic and are not too overpowering.
• No sudden changes in color or theme. In some cases, where users have interacted with a particular website and returned to a familiar page from a link, subtle color or design changes might indicate forgery.
• The accepted standards of online payments – legitimate ecommerce websites use credit or debit card portals or PayPal, only. If a website is using another form of digital money transfer to accept payments, it is probably fraudulent.

6. Review your privacy settings and understand privacy policies

Marketers love to know all about you, and so do hackers. Both can learn a lot from your browsing and social media usage. But you can take charge of how much information third-parties can access. Both web browsers and mobile operating systems have settings to protect your privacy online. Social media sites, such as Facebook, Twitter, Instagram, LinkedIn, amongst others, have privacy-enhancing settings that you can activate. It’s worth taking a while to review your privacy settings across the board and make sure they are set to a level you are comfortable with.

Many of us accept privacy policies without reading them, but with so much data used for marketing and advertising (and hacking) purposes, it's a good idea to review the privacy policies of websites and apps you use, in order to understand how your data is collected and analyzed. However, bear in mind that even if your settings are set to private, very little data online is totally private. Hackers, website administrators and law enforcement could still have access to the information you regard as private.

7. Be careful of suspicious links and where you click

A careless click can expose your personal data online or infect your device with malware. That’s why it's essential to browse consciously and avoid certain types of online content – such as links from untrusted sources and spam emails, online quizzes, clickbait, ‘free’ offers or unsolicited ads.

If you receive an email that you're not sure about, avoid clicking on any links in it or opening any attachments.

In fact, it's best to avoid opening untrusted emails at all. If you’re not sure whether an email is legitimate or not, go directly to the source. For example, if you receive a suspicious email from your “bank”, call your bank and ask them if the email is genuine.

When you’re on a website, make sure links click through to relevant or expected topics. For example, if you click on a link that you think is about safaris in Africa, but instead you're taken to a clickbait-style page about celebrity weight loss or a “where are they now?” style piece, then quickly close the page.

8. Make sure your devices are secure

With up to 60% of people using mobile devices for shopping and finding information online, instead of a desktop, it’s important that they are secured correctly. With all your devices – phones, computers, tablets, smartwatches, smart TVs, etc. – it's good practice to use passwords or passcodes and other security options like fingerprint readers or face-scanning technology. These measures will reduce the likelihood of a cyberattack or your personal data being stolen by hackers.

9. Backup data regularly

It's important to backup important personal information on external hard drives and regularly create new backups. Ransomware – a type of malware – involves cybercriminals locking your computer so you can’t access valuable files. Backing up your data – and your family’s data – helps mitigate the impact of a ransomware attack. You can protect yourself further with appropriate security software. Other forms of malware deny you access to your personal data by overwhelming your system or simply deleting files, so be careful.

10. Close unused accounts

Over the years, many of us accumulate old accounts that we no longer use. These can be a weak link in terms of safety when using the internet – not only are old accounts more likely to have weaker passwords, but some of those sites may have poor data protection policies. In addition, cybercriminals could piece together the information you have left in them, for example, old social media profiles – such as your date of birth or location, etc. – to build up a picture of your identity in an attempt to hack you later. As a result, we recommend closing your old online accounts and requesting that your data be deleted from the relevant third-party servers.

11. Be careful what you download

A top goal of cybercriminals is to trick you into downloading malware, which can be used to open a “backdoor” to your machine. Malware might be disguised as an app – anything from a popular game to something that checks traffic or the weather. Or, it could be hidden on a malicious website that attempts to install malware on your device.

Malware causes damage – such as disrupting how your device operates, stealing your personal data or allowing unauthorized access to your machine. This usually requires some action on your part, but there are also drive-by downloads, where a website attempts to install software on your computer without asking for permission first. Think carefully before visiting a new website or downloading anything onto your device, and only download content from trusted or official sources. Regularly check your download folders and if unknown files appear on your system (potentially, from a drive-by), delete them immediately.

12. Be careful what you post and where

The internet does not have a delete key. Any comment or image you post online may stay online forever because removing the original won’t remove any copies that other people may have made. There is no way for you to ‘take back’ a comment you wish you hadn't made or remove an embarrassing image you posted. So, don't put anything online that you would not want a parent or prospective employer to see.

Similarly, be careful about disclosing personal information about yourself online. For example, avoid disclosing your social security number, address or date of birth in social media bios. You wouldn't hand personal information out to strangers individually, so don't hand it out to millions of people online.

Be careful about where you display or submit your email address. It's good to have a secondary, throwaway email account that you use solely for email sign-ups and subscriptions, separate from the one you use for friends and family, and separate from the one you use for work.

13. Be careful who you meet online

People you meet online are not always who they claim to be. Indeed, they may not even be real. Fake social media profiles are a popular way for hackers to groom unwary internet users and pick their cyber pockets. Apply the same caution in your online social life as you would for your in-person social life. This is particularly true with the rise of online dating scams in recent years.

14. Double check online information

Sadly, fake news, misinformation and disinformation are all present on the internet. It's easy to feel lost with the flood of information we're exposed to every day. If you read something you are unsure of, do your own research to establish the facts. Reliable websites will have references to the original information and source materials. Suspicious pages won’t offer any references at all. Read our guide to spotting fake news here.

15. Use a good antivirus and keep it updated

As well as following safety tips for online behavior, it's essential to use a good quality antivirus provider. Internet security software guards your devices and data and blocks common threats like viruses and malware (plus complex ones like spy apps, “cryptolockers” and XSS attacks). As with all operating systems and apps, it's essential to keep your antivirus updated to stay ahead of the latest cyberthreats.

3 Online safety rules for the kids

Although many of the tips to stay safe online are the same for adults and children, they are not easy or straightforward to explain. Often, children can accidentally be a gateway for malicious actors to gain access to your digital systems. It is therefore important to teach your kids the essentials of staying safe online in order to protect your home network from any unwanted accidents. Here are 3 areas that you should cover:

Digital Footprint

Your digital footprint, what exists of you online after usage, is an important concept that children need to know about. When teaching children about this, it’s important to focus on how information is readily available and how others could interact with this data (for example, email addresses and usernames that contain identifying information, which could be used for criminal activity). Wider discussions can also come from this, such as sharing content online (through social media, gaming accounts and emails). Make sure to clearly state what content is not allowed on the internet (photos, address, phone numbers and middle names).

Passwords

Strong passwords are integral to modern cybersecurity measures today. Instructing children from a young age about the importance of strong passwords (ones that consists of at least 12 characters and are a mixture of letters, numbers and symbols) and their appropriate storage is one of the simplest ways to make the internet safer for your family. This is also why it can be very useful to have a password management system that can automatically fill in password credentials for different websites.

Communication

One of the most accessed routes for all manner of cybercriminal, online messaging and communication is a “must-have” conversation for your children’s safety. Primarily, it is important to explain how to identify and avoid messages, suspicious links, downloads or emails from strangers asking for identifying information online. This can also lead to a wider discussion about how to detect phishing scams and fake websites. The second most important part of safe online communication is correct engagement with others. Much like the real world, staying safe can sometimes depend on staying vigilant, engaging in polite communication and learning how to identify and not engage with bullying. Educate your child on what cyberbullying looks like and how to act kindly to others online.

Recommended products:

• Kaspersky Safe Kids
• Kaspersky Home Security
• Kaspersky Password Manager

Further reading:

• Do’s and don’ts for teaching internet safety to kids
• What is a security breach and how to avoid one?
• What is a Digital Footprint?
• Spam & Phishing | Phishing Scam Threats