Archives - Security Best Practice

Only visit HTTPS websites if possible

HTTPS encrypts the data you exchange for websites that use it. On the other hand, HTTP sends that same information in plain text. Look out for a padlock in the URL bar of your browser to verify HTTPS. It’s best not to perform financial transactions such as e-commerce purchases over HTTP. You can use the […]

Be sure to install and update antivirus software

All of your computers and mobile devices should be equipped with antivirus software, firewalls, web filters, and antispyware. Your software should be updated regularly; out-of-date security software offers no defense against the latest threats. Set up automatic updates or at minimum manually apply each upgrade. Be sure this security software is operational when you download […]

Don’t trust an account that claims it can recover your password

An account should not be able to recover your password for you. Your password is encrypted and known only to you. If you lose the password, the service associated with the account should reset it and send you a new password that you can then change. If the service says it can recover your password […]

Only use well-known password managers

Scammers may invent fake password managers to trick people into giving them their passwords to sensitive accounts. To avoid this, only use password managers that have an established reputation and have numerous customer reviews, like Dashlane, Keeper or LastPass.

Be wary if a vendor pressures you to act quickly

Hackers don’t want to give you time to think about an offer, because you may figure out their scheme. They might tell you that the offer is only valid for one day, or even just the next few minutes. Always be wary of such an offer and research the vendor in question before moving forward.

Don’t pay the ransom if you get attacked

Paying the ransom does not guarantee you will get your files back, so it could be a waste of money. That money could then go towards illegal activities and encourage cybercriminals to continue targeting people. Instead of paying the ransom, report the incident to the FBI’s Internet Crime Complaint Center (IC3), who will investigate the […]