Navigating the internet can be a tricky journey. Behind emails, websites, and social media invitations, there are more and more bad guys who want to take advantage of uninformed users. Even your Wi-Fi router and those now ubiquitous QR codes can be dangerous points. Add to that the never-ending virus and malware threats.
Users of computers and mobile devices are often unaware of the danger zones. However, the internet doesn’t have to be a constant journey through the badlands. What it takes to stay protected online is knowing what to avoid and how to protect yourself.
Here are five things you can do yourself to keep your digital activity safe.
1. QR codes, useful but potentially harmful
A secure QR code for TechNews All.com
These prepaid image links to websites can be useful. Point your smartphone’s camera at it and go straight to a website, technical support location, purchase discount offer, or restaurant menu.
However, QR codes can also take you to a nefarious place where malware or worse awaits. QR codes can be programmed to link to anything, putting your privacy and security at great risk.
Think before scanning a QR code. If the code appears on a website or printed document that you trust, it is likely a safe. If not, or if you’re not sure, take a look.
You can download reputable QR reader apps that perform a security check on the QR code destination endpoint. One of those security tools I use is the Trend Micro QR Scanner app, available for Android and iOS.
2. Avoid ‘unsubscribe’ email scams
This is a popular ongoing scam with a high success rate for hackers. Potential victims receive an email for a product offer or other business invitation. The opt-out action step is enticing, looks familiar and sounds reasonable. “Don’t want to receive our emails? Click here to unsubscribe,” it beckons.
Sometimes the annoying repeated emails ask if you want to unsubscribe from future emails. Some even offer you a link to unsubscribe.
Do not select any options. By clicking on the links or replying you confirm your active address.
Also, never enter your email address in the “unsubscribe me” field. More senders will follow.
A better solution to get rid of the junk email, especially from an unknown sender, is to mark it as spam. That moves it to the spam folder. You can also add that sender to your email program’s block list, or set a filter to automatically remove it before it reaches your inbox.
Finally, check out the free service unroll.me. There you can unsubscribe from unwanted emails, keep others or get the rest in a daily digest.
3. Block Facebook Hackers
Other villains try to usurp Facebook accounts. Hackers can change your password, email, and phone number, and even add a security code to lock you out of the illegal account. Before problems arise, you must be proactive to avoid these situations. Facebook provides the following security settings that you should enable.
Enable two-factor authentication (2FA) to require your login approval on a separate device.
To do this, log into your Facebook account on a desktop computer and navigate to Settings & privacy. Then select Security and login. Then scroll down and edit the Two-Factor Authentication option.
To complete this step, you need to enter your Facebook password.
Activate these two additional features to block Facebook hackers:
Enable the Code Generator feature in the Facebook mobile app Set up login notifications for your email
First, open the Facebook mobile app and tap the magnifying glass, enter the term “code generator” and tap the search icon. Tap the Code Generator result to go to the next screen, then tap the “Turn On Code Generator” button to get a 6 digit code that changes every 30 seconds. You need to enter this code within that short span of time to sign in to your account on another device.
Then set up alerts about unrecognized logins. You can do this from a computer or a mobile device.
Computer: Go to Settings & privacy > Settings > Security & login > Receive notifications about unrecognized logins (see screenshot above). Mobile app: Tap Menu > Settings & privacy gear icon > Settings. Then tap Password and security. Then scroll to Set up additional security > Receive notifications about unrecognized logins > tap to select your preferred notification methods.
If you’re having trouble logging in, go to facebook.com/login/identify to solve the problem. If you can’t log in there, go to this Facebook help page instead and fill out the Facebook inquiry form to review your account. You must answer some security questions to prove your identity. This may include providing proof of identity, such as a photo of a driver’s license.
4. Secure Your Wi-Fi Router
The flow of people working remotely since Covid put home Wi-Fi routers in the crosshairs of hackers. As a result, malware attacks on home Wi-Fi networks are on the rise, as residential setups often lack the level of security and protection found on corporate networks.
A nasty attack tool called ZuoRAT is a remote access trojan designed to hack into small office/home office routers. It can affect macOS, Windows and Linux computers.
It allows hackers to collect your data and hijack all the sites you visit while on your network. One of the worst factors about ZuroRAT is that once your router is infected, it can infect other routers to keep spreading hackers’ access.
To better secure your home/office Wi-Fi network, apply these steps:
Make sure to enable WPA2 or WPA3 encryption on your routers. The factory default is often the outdated WEP (Wired Equivalent Privacy) security protocol, or none at all. Refer to the router manufacturer’s user manual or website for directions. Change your router’s SSID (Service Set Identifier) and password. This is critical. Usually the factory setting shows the make or model of the router and has a universal password, such as 0000 or 1234. Change the SSID name so as not to identify yourself easily. Avoid names that contain, for example, all or part of your name or address. Make sure the password is very strong. Change the router’s password regularly for extra protection. Yes, this is a major inconvenience because you also have to update the password on all your devices using that Wi-Fi network. But since it keeps hackers out, it’s well worth it. Keep the router’s firmware up to date. Please refer to the user manual and/or the manufacturer’s website for steps to download the latest updates.
How do I create a password that is difficult to hack?
The strongest passwords have all these characteristics:
Expensive — the more characters the better A mix of upper and lower case letters, numbers and special characters No dictionary words or anything to do with personal information
Pro Tip: When using a password generator, always change at least a few characters of the random result to create your final credentials.
5. Beware of Fake Tech Support Schemes
Some fraudsters call on the phone to tell you that they are a technical support department working for a well-known computer or software company. The caller claims to be calling in response to a warning from your computer about a virus detection or malware on your device. The scammer offers to fix it if you simply provide your credit card number.
Hang up. Your computer is not infected.
A modified version of this tech support scam is a text or email claiming the same details. Do not answer. Delete the message and continue.
You can also browse the web when a pop-up message crashes on your screen. I have received very loud audio warnings warning me that my computer is in danger and not to turn it off without asking for help.
In all these cases, the scammers want to scare you into following their instructions. The action they want you to take to get them to fix the alleged problem will hurt your bank account and potentially make them transmit real infections.
Follow these best practices to protect yourself against technical support fraud:
Never be tricked by a scammer into going to a website or clicking on a link. Never agree to a remote connection by the so-called technical support agent who initiated contact with you. Never give payment information in exchange for technical support that you did not initiate yourself. Legitimate tech companies will not call you and ask for payment to fix a problem they claim to have discovered on your device.
If you suspect that your computer has a virus or malware problem, contact a repair center yourself. You probably already have a support plan or active warranty where you bought the computer. If you have not contacted a technical support company, the call or message you received is illegal.