Cybersecurity: 6 simple rules to protect yourself

Estimated read time 6 min read

Cybersecurity: 6 simple rules to protect yourself

Picture: SEAN GLADWELL/Getty Images.

If you are an IT professional or a PC enthusiast, you know how to protect your computer, more or less. But if you don’t have any technical training, a simple error message on Windows can make you feel like you’re written in Klingon. In this case, cybersecurity may seem like magic to you. And yet, most of the prevention measures ultimately fall under simple rules of human psychology.

When a corporate network is compromised by ransomware, the culprit is rarely a small computer genius adept at hacking. The source of the problem is usually much more mundane: someone has been fooled by a clever social engineering technique.

To avoid being the victim of hacking or online scams, there is no need to train to understand buffer overflows and code injection. Instead, approach things with a good dose of skepticism and be content with a basic knowledge of the situation.

To guide you in your learning, follow this lesson plan in six simple lessons.

1. Don’t panic

Faced with a potential threat, it is quite human to panic and immediately look for a solution to solve the problem. For example, if you receive an e-mail informing you that your credit card is about to be charged 500 euros for a non-existent subscription, or that your computer has just been infected with ransomware, you may be tempted to call the toll-free number mentioned. Of course, you will then be put in touch with a call center set up by hackers who will be happy to write down all your information, especially banking information, to make real direct debits.

Scam professionals have built their business by making their targets panic. Whatever happens to you, take the necessary step back to analyze the threat and determine what the real situation is before doing anything.

2. Do not open attachments sent by an unknown sender

Many cyber threats are hidden in attachments sent by e-mail. Traditionally, these were executable files. But today, it is just as likely that a Word, PDF or HTML file is infected. These attachments may contain malicious code that will run on your device, or simply a message designed to get you to enter your banking or identification information on an account, email for example.

If an unknown sender sends you an email with an attachment, do not open it. And even if you know the sender, always exercise caution, especially if the message is unexpected: an attacker may have usurped his identity or compromised his email account.

If you are in doubt about an attachment, or if the message you received contains a suspicious link, you can have your email analyzed on Virus Total. This free and reliable site owned by a Google subsidiary analyzes your message using 70 antivirus engines and various other cybersecurity services, and tells you if the message seems to be malicious or if it is a false alert.

3. Do not click on unsolicited links

Social engineering exploits the trust of its targets. With a minimum of effort, a malicious actor can manage to imitate a legitimate email and get close enough to reality to deceive the recipient of his message.

So, if when you receive an e-mail your instinct tells you “this is weird”, trust yourself. In this kind of business, the sense of observation is paramount.

And even if the message does not contain an obvious red flag, it is normal to be wary – especially if you are asked to click on a link to do something you did not ask for. If in doubt, avoid clicking on the link and go directly to the site in question, either by going through your favorites if you have already saved it, or by typing the URL directly in the address bar of your browser.

4. Don’t pay to protect your computer

Antivirus manufacturers want to scare you into buying their products. To do this, they argue that the basic protections built into PCs, Macs and mobile devices are not sufficient.

It may have been true 20 years ago, but the world has changed. Most security software intended for the general public offers at best marginal additional protection. This is especially true for software that promises to “monitor the dark web”.

If you manage a company’s network, these software and services can be useful for you to better visualize and monitor what your users are doing and what is happening at the edge of your network. But for your personal computer, save your money.

5. Do not hack your PC (or your Mac) if it is in perfect condition

Here is a basic and essential tip when it comes to computer security: “If it’s not broken, don’t break it. »

If some spectacular hacks make headlines, we must realize the obvious: most malware ends up on devices because they were installed by their users of their own free will – sometimes even with enthusiasm. Maybe it is a pirated software downloaded from a dubious site? Or a program downloaded via a sponsored link that contained adware or malware as a bonus? In any case, the solution is simple: do not install just any application.

If you are using Windows 11 Professional or Enterprise and want to check the integrity of a piece of software, you can run it in the Windows Sandbox (Windows Sandbox). If you don’t know this feature, I’m giving you back the presentation I made of it when Windows 11 was released :

It allows you to instantly launch a secure virtual machine (VM) without any complex configuration. The VM is completely isolated from your main system, which allows you to visit a suspicious website or test an unknown application without risk. When you’re done, close the sandbox and it disappears completely, erasing all traces of your experience.

If you didn’t know it, this handy feature may be useful to you.

6. Use a password manager

We can’t say it enough: use a password manager! The facts are indisputable: as a human being, we are unable to generate a random password or remember the strong and unique credentials that would be necessary to ensure our security.

The use of a password manager will facilitate your browsing while strengthening your security on the internet. If you are always postponing this task due to lack of time, know that you can set everything up in less than 30 minutes.

Oh, and while you’re at it, enable two-factor authentication as well.

Source: ZDNet.com

You May Also Like

More From Author