Top 15 internet safety rules and what not to do online

So much of our daily life revolves around the internet. A 2021 survey found that the average US household had 25 internet-connected devices, up from 11 in 2019. The more online accounts and devices you have, the greater the scope for cybercriminals to cause you harm. That’s why it's essential to understand internet safety rules which protect you and your family from threats that may harm your data and devices. Read on to find out about key internet dangers and how to avoid them.
Key internet dangers
When you and your family use the internet, you expose yourself to a range of potential online threats. The threat landscape constantly evolves as cybercriminals devise new ways to target internet users. Some of the biggest internet dangers include:
- Identity theft
- Data breaches
- Malware and viruses
- Phishing and scam emails
- Fake websites
- Online scams
- Romance scams
- Inappropriate content
- Cyberbullying
- Faulty privacy settings
Essential internet safety tips
To avoid these online dangers, it’s essential to be aware of the main rules about the internet everyone should follow. These include:
#1: Make sure your internet connection is secure
When you go online in a public place, for example, using a public Wi-Fi connection, you have no direct control over its security. Using public Wi-Fi is not always safe but can be unavoidable when you are out and about. If you are using public Wi-Fi, avoid carrying out personal transactions such as online banking or online shopping.
If you need to do this, use a Virtual Private Network or VPN. A VPN will protect any data you send over an unsecured network. If you don't use a VPN, save any personal transactions until you can use a trusted internet connection.
#2: Choose strong passwords
Passwords are one of the biggest weak spots when it comes to cybersecurity. People often choose passwords that are easy to remember – and, therefore, easy for hackers to guess. In addition, using the same password for multiple sites puts users at risk – because if hackers obtain your credentials from one site, they can potentially access other sites which use the same login.
Select strong passwords that are harder for cybercriminals to demystify. A strong password is:
- Long – made up of at least 12 characters and ideally more.
- A mix of characters – upper- and lower-case letters plus symbols and numbers.
- Avoids the obvious – such as using sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or a pet’s name.
- Avoids memorable keyboard paths.
Using a password manager can help. Password managers help users create strong passwords, store them in a digital vault protected by a single master password, and retrieve them when logging into accounts.
#3: Enable multi-factor authentication where you can
Multifactor authentication (MFA) is an authentication method that asks users to provide two or more verification methods to access an online account. For example, instead of simply asking for a username or password, multifactor authentication goes further by requesting additional information, such as:
- An extra one-time password that the website's authentication servers send to the user's phone or email address.
- Answers to personal security questions.
- A fingerprint or other biometric information, such as voice or face recognition.
Multifactor authentication decreases the likelihood of a successful cyber-attack. To make your online accounts more secure, it’s a good idea to implement multifactor authentication where possible. You can also consider using a third-party authenticator app, such as Google Authenticator and Authy, to help with internet security.
#4: Keep software and operating systems up-to-date
Keep up-to-date with your operating systems and any apps you use. Developers are constantly working to make products safe, monitoring the latest threats and rolling out security patches in case of vulnerabilities. By using the latest versions of your operating systems and apps, you benefit from the latest security patches. This is especially important for apps that contain payment, health, or other sensitive information.
#5: Check that websites look and feel reliable
For any website you visit, but especially ones you transact with, such as e-commerce sites, it's crucial they are reliable. A key element to look out for is an up-to-date security certificate – lookout for URLs that start with 'HTTPS' rather than 'HTTP' (the 's' stands for 'secure') and have a padlock icon within the address bar. Other trust signals include:
- Text which is free from spelling and grammar mistakes – reputable brands will make an effort to ensure their websites are well-written and proofread.
- Images that are not pixelated and which fit the screen's width correctly.
- Ads that feel organic and are not too overpowering.
#6: Review your privacy settings and understand privacy policies
Marketers love to know all about you, and so do hackers. Both can learn a lot from your browsing and social media usage. But you can take charge of your information. Both web browsers and mobile operating systems have settings to protect your privacy online. Social media sites such as Facebook, Twitter, Instagram, LinkedIn, and others have privacy-enhancing settings. It’s worth taking a while to review your privacy settings across the board and make sure they are set to a level you are comfortable with.
Many of us accept privacy policies without reading them, but with so much data used for marketing and advertising purposes, it's a good idea to review the privacy policies of websites and apps you use to understand how your data is collected and used. However, bear in mind that even if your settings are set to private, nothing online is totally private. Hackers, website administrators, and law enforcement could still have access to the information you regard as private.
#7: Be careful where you click
A careless click can expose your personal data online or infect your device with malware. That’s why it's essential to browse consciously and avoid certain types of online content – such as links from untrusted sources and spam emails, online quizzes, clickbait, ‘free’ offers, or unsolicited ads.
If you receive an email you're not sure about, avoid clicking on any links within it or opening any attachments.
In fact, it's best to avoid opening untrusted emails at all. If you’re not sure whether an email is legitimate or not, go directly to the source. For example, call your bank and ask if the email is genuine.
When you’re on a website, make sure links click through to relevant or expected topics – for example, if you click on a link that you think is about, say, safaris in Africa, but instead, you're taken to a clickbait-style page about celebrity weight loss or a ‘where are they now?’ style piece, then quickly close the page.

#8: Make sure your devices are secure
One report found that nearly a third of smartphone users didn't use passwords, lock screens, or other security features to lock their phones. With all your devices – phones, computers, tablets, smartwatches, smart TVs, etc. – it's good practice to use passwords or passcodes and other security options like fingerprint readers or face-scanning technology.
#9: Backup data regularly
It's important to backup important personal information on external hard drives and regularly create new backups. Ransomware – a type of malware – involves cybercriminals locking your computer so you can’t access valuable files. Backing up your data – and your family’s data – helps mitigate the impact of a ransomware attack.
#10: Close unused accounts
Many of us accumulate old accounts which we no longer use. These can be a weak link in terms of safe use of the internet – not only are old accounts more likely to have weaker passwords, but some of those sites may have poor data protection policies. In addition, cybercriminals could piece together the information you have left in, for example, old social media profiles – such as your date of birth or location, etc. – to build up a picture of your identity.
#11: Be careful what you download
A top goal of cybercriminals is to trick you into downloading malware. Malware might be disguised as an app: anything from a popular game to something that checks traffic or the weather. Or it could be hidden on a malicious website that attempts to install malware on your device.
Malware causes damage – such as disrupting how your device operates, stealing your personal data, or allowing unauthorized access to your machine. This usually requires some action on your part, but there are also drive-by downloads, where a website attempts to install software on your computer without asking for permission first. Think carefully before downloading anything onto your device, and only download content from trusted or official sources.
#12: Be careful what you post
The internet does not have a delete key. Any comment or image you post online may stay online forever because removing the original does not remove any copies that other people may have made. There is no way for you to ‘take back’ a comment you wish you hadn't made or remove an embarrassing image you posted. Don't put anything online that you would not want a parent or prospective employer to see.
Similarly, be careful about disclosing personal information about yourself online. For example, avoid disclosing your address or date of birth in social media bios. You wouldn't hand personal information out to strangers individually – so don't hand it out to millions of people online.
Be careful about where you display or submit your email address. It's good to have a secondary, throwaway email account that you use solely for email sign-ups and subscriptions, separate from the one you use for friends and family and separate from the one you use for work.
#13: Be careful who you meet online
People you meet online are not always who they claim to be. Indeed, they may not even be real. Fake social media profiles are a popular way for hackers to groom unwary internet users and pick their cyber pockets. Apply the same caution in your online social life as you would for your in-person social life. This is particularly true with the rise of online dating scams in recent years.
#14: Double check online information
Sadly, fake news, misinformation, and disinformation are all present on the internet. It's easy to feel lost with the flood of information we're exposed to every day. If you read something you are unsure of, do your own research to establish the facts. Reliable websites will have references to the original information source. Suspicious pages won’t offer any references at all. Read our guide to spotting fake news here.
#15: Use a good antivirus and keep it up-to-date
As well as following safety tips for online behavior, it's essential to use a good quality antivirus. Internet security software guards your devices and data and blocks common threats like viruses and malware, plus complex ones like spy apps, cryptolockers, and XSS attacks. As with operating systems and apps, it's essential to keep your antivirus up-to-date to stay ahead of the latest cyber threats.
Recommended products:
- Kaspersky Anti-Virus
- Kaspersky Total Security
- Kaspersky Internet Security
- Kaspersky Password Manager
- Kaspersky Secure Connection
Further reading:
Top 15 internet safety rules and what not to do online
Kaspersky