Total Defense

Security & Safety Resource Center

Learn about today's current internet threats and how to stay safe and secure.

Security Tip of the Day

Daily tips to create awareness of cyber threats and empower Total Defense users to be safer and more secure online.

August 2019

How can you protect yourself against malicious code?

Always use antivirus software and keep it up-to-date. Antivirus software recognizes malware and protects your computer against it. Installing antivirus software from a reputable vendor, like Total Defense, is an important step in preventing and detecting infections. Always visit vendor sites directly rather than clicking on advertisements or email links. Because attackers are continually creating new viruses and other forms of malicious code, it is important to keep your antivirus software up-to-date.


Be careful posting personal information on social sites

Using information that you provide about your location, hobbies, interests, and friends, a malicious person could impersonate a trusted friend or convince you that they have the authority to access other personal or financial data.


Find out where a link redirects to

Not every link leads to where it says it does. Redirects can send you to a site you wouldn’t have visited voluntarily and potentially cause your device to be infected. Services like Redirect Detective and Where Goes can help you see where a link goes to before you click it, sparing you the risk of blindly clicking it.


Customize default security configurations on social media

Facebook and Twitter have an ever-changing collection of settings you can fine-tune for better security and privacy. Don’t just use the defaults – instead look through the selections to find the ones that limit who can see your data and reduce your overall exposure. A good example is Twitter’s ability to mute specific accounts and keywords.


Use trusted internet connections when banking or shopping online

When examining your online bank balance or making a purchase, try to avoid networks you don’t typically use, particularly public Wi-Fi hotspots they are not very secure, which makes it easy for others to intercept your data.  When you’re doing important transactions use your password-protected home network or employ a virtual private network (VPN) service.


Manage the Voice and Audio Activity of your Google Account

Smart speakers like Google Home have become very popular for their abilities to play music and answer voice queries. They can create some privacy issues, though. You might want to delete some or all of the recordings these devices store of your voice. For Google’s speakers, you can do this from the Voice and Audio Activity page on your Google Account.


Maintain a good backup to guard against ransomware

If you are the victim of a ransomware attack, you might feel like you have no recourse other than to pay the ransom. Don’t pay, since there’s no guarantee you’ll get your files back. Instead, plan ahead by maintaining a good backup that you can restore from in a pinch. A built-in utility like System Restore in Microsoft Windows or a third-party service can work.


Perform a Google Account security checkup periodically

If you rely on a Google Account, you should pay close attention to any security events affecting it. That means regularly performing a security check, which you can do from your main Google Account page. The interface allows you to revoke the access of third-party applications, sign out from specific devices and enable two-factor authentication, among other actions.


Find out if you have been breached

Data breaches are common occurrences these days. It’s possible and perhaps likely that one of your accounts has been compromised. But how would you know if that’s the case? Often, the service in question will send you an official notice disclosing the breach. You can also use sites like BreachAlarm, LifeLock or Have I Been Pwned to see if you need to change your password due to a breach affecting your account(s).


Consider making your Instagram account private

Instagram is a popular social network. As such, it is home to a lot of spam and scams, in the form of messages and comments meant to lure you into a phishing scheme. You can minimize your exposure to harm by making your account private. That makes it so that people (or bots) can only follow you with your explicit approval.


Watch out for macros in Microsoft Office

A Microsoft Office macro is a shortcut. It contains code that allows a certain sequence of steps to be automatically performed within documents. Unfortunately, macros have long been favorite tools among cyberattackers, who use them to run malicious code. Unless you absolutely need them, consider disabling macros in the Trust Center of Microsoft Office to stay safe.


Recognize at-risk email addresses in Gmail

Gmail supports standard TLS encryption for email, which protects messages in transit. This is not the same level of protection you get from a service like ProtonMail, but it’s still essential to have. Not all email services support even basic encryption, though. Gmail will alert to you ones that don’t – just look for a broken lock icon next to the name of the recipient or sender.


Why you need strong passwords

You probably use a number of personal identification numbers (PINs), passwords every day: from getting money from the ATM or using your debit card in a store, to logging in to your email or into an online retailer. Keeping track of all of the number, letter, and word combinations may be frustrating at times, but you’ve seen enough news coverage to know that hackers represent a real threat to your information. Passwords are the most common means of authentication, but only work if they are complex and confidential. Many times an attack is not specifically about your account, but about using the access to your information to launch a larger attack.


Take advantage of muting on Twitter

If you use Twitter, it’s a good idea to block any accounts that harass you or urge you to take action by visiting a risky site via link. Another layer of protection is available through muting, which lets you prevent certain accounts or even specific words and phrases from ever appearing in your timeline. You can mute any account from its profile page and configure muted words/phrases (e.g., “click here”).


Use email filters and spam tagging

Many email programs offer filtering capabilities that allow you to block certain addresses or to allow only email from addresses on your contact list. Many ISPs also offer spam tagging services that allow the user the option to review suspected spam messages before they are deleted. Spam tagging can be useful in conjunction with filtering capabilities provided by many email programs to reduce the level of spam email in your inbox.


Use your browser’s built-in password manager

Major web browsers including Apple Safari, Google Chrome and Mozilla Firefox all include password management features designed to make your life easier. When you enter a password on a site, they will usually ask you if you want to save it and your username for later. Doing so is a good way to avoid the hassle of trying to remember and maybe needing to reset your password each time.


Consider the tradeoffs of ad blockers

Ad-blocking extensions in web browsers can keep intrusive ads off pages and potentially speed up your browsing. However, they can also break functionality on some sites, hog RAM and even collect data without your knowledge as part of their business models. Think carefully and consider that many of the most annoying ads are already blocked automatically by some browsers.


Find AV software that balances performance and security

If you have held off on installing antivirus software in the past, you might have done so because of concerns about how it impacted system performance due to frequent scans. In truth, there are AV solutions out there, like Total Defense Essential Anti-Virus, that don’t take such a heavy-handed approach and instead provides advanced protection, automatic updates and free upgrades.


Encrypt your main hard drive

PCs and Macs support full-disk encryption, which is a useful way to protect your data if your device is ever lost or stolen. On a Mac, enabling it is as simple as activating FileVault. On Windows, use Device Encryption or the more advanced BitLocker (which can also encrypt devices like removable USB drives). Phones and tablets generally have such encryption on by default so you don’t have to worry about it.


Try using emoticons in your passwords

How do you create a password that’s both strong and memorable? A password generator helps, but you can also use tricks to make the process easier, such as using emoticons. Inserting a “:)” or “:P” is a clever way to add character variety and strength to a password while keeping it memorable.


Send a password via AirDrop

Apple iOS and macOS each contain a built-in password manager, complete with a password generator. The passwords it creates are complicated, which is good for your account security. If you ever need to share one of them, you can do so via the Settings app, which provides an AirDrop option for securely sending a login to another device via Wi-Fi and Bluetooth.


Share Wi-Fi passwords with Apple devices

When you have guests over, they might ask you for your Wi-Fi password. If you use Apple devices, you can share it easily without having to tell them what it actually is. Make sure Bluetooth and Wi-Fi are enabled on both devices, Personal Hotspot is turned off and your guest has your Apple ID in their Contacts. When they try to join the network, you can then click a prompt on your device to seamlessly grant them access.


Keep WhatsApp and similar messaging apps up-to-date

Internet-based chat apps are generally safer than plain SMS (text) messages, but they’re not necessarily bulletproof. An exploit in WhatsApp, allowing malware injection, showed that even apps touting “end-to-end encryption” sometimes have vulnerabilities. To stay safe, apply any updates as soon as possible or – for particularly sensitive conversations – take them offline or use a channel such as encrypted email.