In order to attack your computer, hackers often rely on your carelessness. While antivirus software protection is a must, it should be considered only as a complement to smart online behavior. Here are the top 10 things you can do that makes antivirus software merely a nice-to-have safety net rather than a necessary suit of armor, and all of them are free.
1. Create multiple email addresses.
Separate email addresses from different email providers, such as your employer, Outlook, Gmail, Yahoo, or even your own domain, which is cheaper – and more secure – than you think. (Check out our guide to switching email accounts without losing emails). This spreads out potential phishing attempts and enables you to spot email scams more easily. Also, consider creating different email addresses that you use just for work, just for family and friends, just for your financial or shopping transactions, and just other online activities. That way, if one email account gets hacked, you won't lose everything, and if you get what looks to be a legit email, but it comes to the wrong email address, you'll know it's likely a scam.
2. Do not open email attachments or click on embedded links in emails from unknown recipients.
You don't have millions of dollars in a hitherto unknown bank account, that overseas purchase order isn't real, and there are no Nigerian princes who want to make you rich. Even if the email looks legit, such as those that look as if they're from your bank, click on the "from" name in the email to check the actual source email address – you'll immediately know if the email is a counterfeit or not. (Check out our step-by-step guide to tell if an email has been spoofed.) And empty your email junk or spam mail folder at least once a week, then empty your system's trash to purge your computer permanently if you save email to your computer.
3. Do not supply account or social security numbers unless you initiate contact.
No legitimate organization or company will send you an email or call you asking you for your account or social security number to "verify" your account or for any other reason. You should also never input your account or social security number into an online form that you receive as a link in an unsolicited email. Provide this personal data ONLY if YOU initiate the contact, and even then you’ll usually be asked only for the last few digits of your account or social security number.
4. Never grant remote access to your computer unless you initiate the contact.
A popular phone scam is someone calling and telling you it's time for your PC's "annual checkup" or that they've detected some problem with your PC. No one calling you out of the blue can possibly know anything about your PC's condition. Allow remote access to your PC only to reputable companies that you have contacted for a specific problem you're experiencing.
5. Always use strong passwords and don't reuse the same password over and over.
If hackers manage to steal one password to one site, they'll try it for every account of yours they can find. A strong password is at least 12 characters and should include a combination of capital and lowercase letters, numbers, and symbols. If you're going to keep a list of your account user name and passwords, make sure the list itself is a password-protected and encrypted file. We recommend using a password manager, which is an effective way of generating random passwords and keeping track of them.
6. Install all operating system updates as soon as possible.
Updates for your Windows PC, Mac, iPhone, or Android phone are almost always issued to protect you and your devices from newly-discovered security threats. Make sure you update when you receive the notification on your device.
7. Turn on your computer's firewall.
A computer firewall is designed to block unauthorized access to your computer. While all antivirus software includes a firewall as part of its protections, both Windows and MacOS include their own firewall. Just go into your system preferences and toggle the firewall on to keep hackers out.
8. Backup your system.
All four major operating systems – Windows 10, Apple iOS, Android, and MacOS – include tools to create regular backups of your device that can be stored on either an external hard drive or in the cloud. Backup as frequently or regularly as possible in case your system gets hacked or held for ransom so you can restore your system to its pre-hacked condition. Better yet, keep all of your important files automatically synced and stored on cloud storage service.
9. Don't fall for clickbait.
Many web sites are loaded with fascinating stories from external sources. These tempting tidbits are often traps that hide malware. Resist the temptation. Don't click on that cute puppy and kitty photo, or that secret celebrity exposé. And avoid any web site that doesn't start with "https" rather than just "http" – that extra "s" indicates the web site is certified to be safe and secure and not housing disguised threats. We like the free HTTPS Everywhere extension for Firefox, Chrome, and Edge (Edge now runs Chrome extensions), which automatically encrypts your browser's communications with major websites if it finds faulty HTTPS links.
10. Get a cover for your PC's webcam.
Hackers may try to access your device's camera to spy on your surroundings or catch you doing something potentially embarrassing. To prevent webcam hacking, a simple Post-it Note will suffice, or you can buy a sliding webcam cover. Just remember to take the paper or cover off before closing your laptop to avoid screen damage.
[Image credit: Online security concept via BigStockPhoto]