Avoid these common cybersecurity and privacy mistakes
Making cybersecurity or privacy mistakes, big and small, has high stakes. The internet usage covers many activities, from completing online payments to finding what that repetitive headache means. Realistically, users make more than a few errors during all their actions in the digital world. You might reveal too much information to an online service or install apps requiring unnecessary access rights.
This article raises awareness and analyzes the current threat landscape by indicating clear actions that could be harmful.
Learn through common end-user security mistakes
Ever since OpSec, the importance of cybersecurity has increased over the years. Awareness campaigns on privacy and security can mean the world to digital users. They typically include discussions of the best techniques and mistakes directly related to how people act online. In some cases, techniques like jailbreaking could be beneficial but dangerous in the long run. Also, giving away personal information for discounts is also a risky decision.
The following tips can significantly reduce the chances of:
- Having devices infected with malware.
- Revealing too much information online.
- Installing unreliable software.
- Finding out someone has hacked your account.
- Suffering from high-risk privacy intrusions.
- Falling for deceptive email letters from unknown sources.
- Avoiding primary security weaknesses in your home.
- Suppressing physical dangers like stalking or burglary.
Cybersecurity mistakes to never repeat again
The following list contains some of the most common security mistakes that could put users in danger. Instead, follow cyber hygiene tips for the safest experience. Also, our research suggests that Millennials and Gen Z users are the most unlikely to report cybercrime.
Using the same password for everything
Per statistics from 2020, people tend to assign the same passwords on three or even seven accounts. In worse situations, they might set that combination on 10+ profiles.
When you use the same password for multiple accounts, all of these profiles rely on one combination. Hackers can enter each of them if the password leaks in a data breach.
So, a single data breach can compromise all accounts featuring the same combination. The chances of getting hacked increase further if you use the same email address.
Of course, many providers offer passwordless accounts, revolutionizing the usual login process. Therefore, you might never even have to create passwords for individual accounts.
However, it does mean that a strong password needs to safeguard your email account. Here you can find a helpful guide on creating the strongest passwords in no time.
Creating unique but weak passwords
According to TomsGuide, the weakest password trends in 2022 show little change. It means that users still rely on combinations like “123456789” to guard their accounts.
Hackers have extensive knowledge about how users create passwords. In many cases, people prefer memorizing combinations instead of writing them down. As a result, many passwords end up featuring users’ private information, like their birth dates or pet names.
Password managers can transform your password-creating process and free you from having to memorize each combination. Furthermore, make two-factor authentication the obstacle hackers need to overcome to get to your account.
Neglecting email security
Your email can contain confidential information, which is very tempting to hackers. Our research shows that 54% of successful phishing attacks manage to steal users’ data. Data theft might occur in two ways:
- Fraudsters trick you into revealing personal information via email communication.
- Victims click on links leading to fake websites and requiring their data.
- Hackers manage to take over email accounts and steal sensitive data stored there.
Remember that strong passwords and 2FA are must-have security components for your email. Also, you can consider having multiple email addresses for different purposes. While four might be overkill, two or three should be enough for a regular internet user.
Refusing to update operating systems and apps
Operating systems and individual software tools require constant maintenance. Many program providers vigilantly follow this objective, releasing regular updates and fixes. Luckily, software users have one task: installing the latest versions. However, postponing software updates seems to be a trend many cannot let go of.
As countermeasures, software developers might limit access to people using older versions. However, many applications do not implement this. Enabling automatic updates also helps, but users disapprove of them. They claim that updates start at awkward moments, take time, or might add unwanted features.
Software updates are critical if you want to prevent hackers from exploiting unpatched vulnerabilities. The best option would be to enable automatic updates. If that seems unfavorable to your schedule, make it your personal goal to install updates as soon as possible.
Not resolving home security vulnerabilities
Home security includes many things: locked doors, secure networks, and quality smart home devices. Advanced technologies help control lights, thermostats, coffee makers, or security cameras seamlessly.
However, who controls these devices? Hackers have shown that they can compromise smart home devices. If not hackers, smart gadgets can be snoopy themselves. For example, they could collect information about your usage patterns and exploit it to advertise other products.
Creating a safer smart home environment includes a series of recommendations. Keeping such gadgets on a separate network helps. Also, users control many smart home devices via smartphone apps. If possible, use 2FA on these accounts.
Connecting to free public Wi-Fi
Free public Wi-Fi is everywhere, from airports to parks. So, saving some cellular data has never been easier. However, each connection to unknown networks could expose your data and activities to unknown entities.
First of all, you cannot be sure who controls the network. Even if it seems legit, it might be an evil twin impersonating a respectable network.
Ignoring data breach warnings and alerts
Data breaches can be massive, ugly, costly, and incredibly detrimental to users. The initial exposure of data can be a stepping stone for much worse events.
For instance, if a service loses control over its clients’ financial information, the fallout can be disastrous. While the exposure of banking information is likely the worst scenario, medical data is a close second. After a health startup myNurse suffered a data breach, it consequently announced to be closing its doors.
Companies have a responsibility to inform their clients of data breaches. However, users must acknowledge these notifications and react accordingly. For instance, the initial coverage can indicate that a service did not expose passwords. Experts recommend changing the potentially breached password as soon as possible anyway.
Common mistakes when dealing with digital privacy
The following list shows how users might expose their data, identity, and other personal information.
Giving random apps access to the camera, microphone, photos
Apps and programs usually require some permissions. For instance, social media apps likely need access to a camera or gallery for new image uploads. However, the main point here is that such requirements need justification.
Permissions need to be directly associated with the program usage. Additionally, users should be able to set permissions only when they actively use apps.
So, do not grant apps permissions if they do not need them for functionality. You can also control how your trusted apps use the access rights provided. Check the Android and iOS settings to reduce them to a minimum.
Allowing location tracking
Some apps need to track your location for making food deliveries or picking you up for a ride. However, continuous location tracking could be dangerous, exposing your physical movements. Such information can also end up being shared between companies for ad personalization or other reasons.
The best option is to allow the location tracking for reliable apps only when you use them. For instance, when you open a ride-hailing app, it will receive permission to calculate your whereabouts.
Keeping default privacy settings
When you sign up for services or download apps, they will feature default settings. You can always tweak them, but many users skip this step. However, the reality is that default settings usually work in favor of the service provider.
For example, ad personalization is a setting that usually gets enabled automatically. And while you can disable it manually, many do not do this. Third-party cookies in Google Chrome work automatically as well. And while it has more privacy-focused options, other browsers block such cookies by default.
So, if you do not like tweaking the settings manually, choose products that come with better default ones.
Oversharing on social media and geotagging
Social media platforms are one of the biggest data harvesters online. They collect information about users’ activities, interactions with ads, and preferences. However, they also receive the details users deliberately provide via them.
Sharing fewer details on social media is necessary to reduce your digital footprint. But if you like being active on these platforms, remember that certain information should never go public.
For example, avoid posting your location in real-time. Avoid announcing news about traveling times, posting pictures of house keys, or other sensitive information.
Lacking knowledge about privacy regulations
Users have more rights regarding their digital privacy than ever before. They can demand companies to delete their information. Additionally, they can request to see the data accumulated about them.
However, many users do not know about the power and rights GDPR or other privacy legislation supplies. Hence, knowing precisely what you can do to protect your digital identity is crucial. The laws differ country by country, so you should find the guidelines applicable to you.
Trusting strangers when trying online dating
Online dating apps attract millions of love-seekers. However, not every person met via these platforms is worth your trust. Our research suggests that romance scam victims in the US lost nearly $350 million in 2021. Criminals can impersonate others or create fake personas to gain their targets’ affection.
Romance scams can be highly dangerous as they manipulate people’s feelings. Victims get tricked into trusting people and might be swept off their feet by the criminals’ charm.
One of the netiquette rules is not to trust a person you met online too soon. Even if you meet them in person, never agree to wire them money or pay for other expenses. If they try to blackmail you emotionally or use other deceptive tactics, be careful how you proceed.
Not realizing your data is valuable
One of the biggest mistakes users make online is assuming that their data is not relevant or profitable. While high-profile individuals or corporations can be the preferred targets, users’ data has also become valuable.
Hackers can sell it for profit on the dark web or use breached information to take over accounts. Even legitimate companies use extensive strategies to collect users’ data.
Therefore, appropriate security and privacy measures are crucial to stay safe, be it from hackers or legitimate data collectors. A Virtual Private Network is one of the tools that support your privacy, security, and anonymity online. Use it to safeguard your data against hackers, data brokers, advertisers, or other intrusive entities.