The Internet can be a wonderful place to socialise, learn, and have fun. It can also be a dangerous place where cybercriminals pursue their victims.
Use long, unique passwords
Use a different password for each service. This prevents a breach at one website from compromising all of your accounts everywhere.
Longer passwords are always better because they're harder to crack. Use a password manager like the free and open-source KeePass to generate strong passwords for you and safely track them.
Use multi-factor authentication (MFA)
Also called two-factor authentication (2FA), turning on MFA is one of the best steps you can take to keep your accounts secure.
This means that anyone who wants to login to your accounts has to both know your password and provide a one-time code. You can manage your codes using an app like Authy or Google Authenticator.
Keep your software updated
Outdated software often contains security flaws fixed by updates also known as patches. Turn-on automatic updates for your operating systems, like Windows and Android OS, and reboot when prompted.
Remember to update your apps too like your web browser. Ninite is a free tool for Windows that can help you easily install popular free software, like the office suite, LibreOffice. Run the Ninite installer again later to automatically update.
Mind your location sharing
Apps like Snapchat allow you to share your location with friends. Consider disabling that option or limiting the app's permissions. Check your Settings app for all the location-related privacy options.
Keep in mind that useful location sharing, like the Apple Find My app which allows you to find a lost phone, could pose a risk in certain situations. In a domestic abuse scenario, the abuser could use this capability to stalk their victim.
Don't click that link
Phishing is a form of social engineering attack that attempts to trick you into giving-up your passwords or personal information. Don't trust links you receive by email, social media, or text.
If you're unsure manually type-in the address of a website or call the sender to verify. Be wary of "urgent" requests, and remember phishing websites made to steal your password can look just like the real thing.
Lock-down your social media
All major social media platforms offer privacy and security features you can customise. Use security check-ups offered by Facebook and Google. Read Twitter's safety and security help page.
Practise reducing your attack surface by closing accounts you don't use and being careful of what you post. Remember that criminals and future employers alike will see it someday.
Backup your important files
Backups can save you from a ransomware infection as well as computer failure. Free backup software is included with Ubuntu Linux, macOS, and Windows.
Remember that backups connected to your computer may also be lost if you're infected with malware so consider using cloud backups or disconnecting your backup drive when not in use.
Use your chip card and choose credit
When paying in person with your debit or credit card, pick Credit instead of Debit at the checkout. Consumers are better protected against credit card fraud, and it prevents a skimmer from stealing your ATM PIN code.
Always use the chip or tap options, rather than swiping, when possible. Swiped cards are easily cloned, but chip or contactless transactions are protected by better technology and harder to skim.
What to do if your account is compromised
If someone gains unauthorised access to your account you should immediately change your password and enable multi-factor authentication (MFA / 2FA).
If the service allows it also remember to log-out all existing sessions so an attacker cannot continue to use your account after you've reset the password.
How to report cybercrime (USA)
If you or someone else is in immediate danger always call 9-1-1.
If you've been the victim of a cybercrime you can report it to your local law enforcement agency's non-emergency number. You can also report Internet scams, fake websites, emails, and malware to the FBI's Internet Crime Complaint Center (IC3).
If you know of a child being exploited or encounter explotation material, sometimes called child pornography, report it to the National Center for Missing & Exploited Children (NCMEC) via the CyberTipline website.
Your CyberTip will be quickly routed to law enforcement. You could save a child.