Cyber Security Center

How to improve your online privacy


Maintaining your Internet privacy is becoming more difficult. Data collectors are becoming more aggressive and are tracking you every chance they get. To help you, we have prepared some tips to improve your internet privacy.

 

Screenshot (40)

With so many data collectors and malicious actors just waiting for you to make a mistake, it’s never been more important that you do everything you can to protect your online privacy.

Threats:

  • Privacy violations;
  • Identity theft;
  • Loss of confidential data.

 

Tips for protecting your privacy

  • Don’t disclose personal information if it’s not necessary. Many websites require user registration, but before you put in your information, assess whether you need to use your real name, date of birth, etc. If that information is not necessary, do not provide it.
  • Use a separate email account for irrelevant accounts. It’s a good idea to create a separate email account to use when registering to non-important websites. This will allow you to avoid spam in your main inbox and prevent your main account from being associated with various non-important services.
  • Don’t disclose information about yourself to strangers. Be very careful about what kind of information you are disclosing and to whom. People with malicious intentions may act friendly with you in order to get your personal information, which they could later sell or use for their malicious purposes.
  • Do not disclose personal data for money or prizes. The internet is full of scams trying to get people to disclose their personal information. For example, you may encounter a “lottery” that claims you have won something, and to receive your prize you simply need to provide information about yourself. Every single on of these “lotteries” is a scam.
  • Don’t reply to unsolicited emails. If you received an email from an unknown person with any type of obscure request, ignore it and don’t respond. Such emails often try to convince people to invest in something, transfer or lend money, reveal their bank account information so that a prince from Nigeria could transfer them a 100 million dollars, etc.
  • Use unique passwords for each service online. Many users make the mistake of using the same password everywhere, their email, social media, bank accounts, etc. If you use the same password for a shady forum and your bank, hackers could easily get into your online bank account if they simply hack the forum with bad security. Credential stuffing is also a risk. If user data is stolen from one service, it gets added to a database using which credential stuffing attacks are performed. Essentially, stolen login credentials are used to try and log in to other services. If you use the same password on multiple services, your accounts could be illegally accessed.

 

When using a computer that’s not your own

When using someone else’s computer or a public one (school, library, internet cafe), your information and privacy are put at risk. You do not know whether the computer is malware-free, if surveillance programs are installed, etc. Thus, avoid logging into any of your accounts, particularly something sensitive like a bank. Public computers are safe to use, as long as you do not reveal anything about yourself. If you absolutely have to log in to something on a publicly accessible computer, you should do the following:

  • If you logged into something, change your password for the service as soon as you can access your computer. Even if the public computer did record your password, as long as you change it, you’ll be fine.
  • Use on-screen keyboard to enter your passwords. Instead of typing your login credentials with the physical keyboard, use an on-screen one. If the computer has a keylogger, it might not record the clicks on the on-screen keyboard.
  • Sign out of your accounts when you’re done. Once you’re done using your account on a public computer, don’t just close the window. You have to log out of all accounts manually and only then close the window. This will prevent the next person that uses the computer from accessing your accounts.
  • Don’t save your login information. Many web browsers and web services allow you to save your login information so that the you can log in automatically next time without having to entering a password. When logging in, make sure not to check the box that says “Save password”.
  • Delete the history once you’re done. To make sure no one can see what websites you visited and what you searched for, delete all browser data after you are done. That includes history, cookies, cache. Alternatively, use private mode when browsing, also known as incognito. You should also delete everything you downloaded and saved on the public computer.

 

Passwords

Tips for choosing a password

A strong and complicated password is highly important and very necessary. Below are a few tips to make sure you have a good password.

What should be avoided:

  • Easy-to-guess passwords like “password” or “123456”;
  • Passwords you have been using for a long time;
  • Passwords that are known to third-parties;
  • Passwords containing personal information, like date of birth or name;
  • Passwords with predictable letter combinations such as qwerty, wasd, zxcvb or sequential numbers like 12345, 09876.

 

General tips:

  • Use different unique passwords for different services. Using an identical password on multiple Internet services means that if hackers hack one of your accounts, they could hack others with the same password;
  • Store your passwords securely. If you write them down, don’t write what account they’re for next to them.

 

Password Requirements:

When it comes to password security, the length is very important. The shortest password should start at 10 characters. It should not only be quite long but also complex. Ideally, it should consist of lowercase, uppercase letters, numbers, and special characters. Example: h1o0Rt%5SuV@. The less sense a password makes and the more random it is, the better, even if it’s hard to remember. You should also avoid actual words.

Private and anonymous browsing

The terms anonymous and private when surfing Internet are often confused, although they mean different things. These two concepts include a wide range of precautionary measures that internet users can take to prevent their activities from being seen or tracked.

Private browsing

When you’re browsing, your browser keeps a record of what you did. It collects history of visited websites, temporary files of visited websites, cookies, etc. If you want to prevent your browser from doing so, browse in private mode. All popular browsers have this feature, and they delete all browsing data as soon as the window is closed.

Mozilla Firefox

  • If you are using Mozilla Firefox, click on the three horizontal bars in the top right corner of the browser and select New Private Window, or press Ctrl + Shift + P.

 

Google Chrome

  • If you are using Google Chrome, click on the three dots in the upper right corner of your browser and select New incognito window, or press Ctrl + Shift + N.

 

Internet Explorer

  • If you are using Internet Explorer, click on the gear symbol in the upper right corner of the browser and select Safety and InPrivate Browsing, or press Ctrl + Shift + P.

 

These settings will help protect your Internet browsing history from prying eyes, but will not protect you if someone (such as an Internet service provider, or employer) wants to see what you were doing. Each computer has a unique IP (Internet Protocol) address assigned to it, which allows one to track its exact location. If you want more anonymity and don’t want your IP address to be known, additional ways to hide web browsing are needed.

Anonymous browsing with proxy servers

One of the most popular and easiest ways to hide your IP address is proxy servers. Anonymous proxy servers act as intermediaries between you and the websites you visit. So your IP address remains hidden from the websites you visit, because instead of linking directly to websites, you interconnect with a proxy server through which all your requests are redirected.

However, it should be kept in mind that all servers, as well as intermediary ones, usually store data on all visits. Proxy servers can track the traffic you send. Therefore, use a https protocol, if available, when using such a server and connecting to personal accounts. The proxy server also slows down Internet browsing speed. In addition, finding a reliable and stable proxy is often difficult.

Anonymous browsing with TOR

TOR (The Onion Router) is an open source software designed as an anonymous web browsing tool. TOR runs on a Firefox browser basis and allows the user to turn it on or off, depending on when anonymity is required. This program does not need to be installed. It can be run from a computer hard drive or from a portable device, such as a USB key.

However, TOR has some drawbacks. First, your data travels through several TOR network nodes, so the connection may be slow until you reach the final node. Although the data sent between nodes is encrypted, they are not encrypted in the first and last node, and there is a possibility of flow monitoring.

VPN

VPN is a virtual private network. The entire data stream is transmitted through the VPN server and is encrypted. This prevents the IP address from being known by the sites you visit. VPN also hides data when you use public WiFi. Unlike free services, such as the TOR network, reliable VPN is usually a paid service.

A VPN provides a reliable way to not only hide the IP address, but also to protect your data and identity online. VPN is a more reliable service than proxy servers and in most cases is faster than TOR.