There are safe ways to be online, and security experts say a combination of safe behavior and products helps keep users protected.
A good defense is as important as a good offense. Avoid clicking on suspicious links in “phishing” emails — those that look as if they’re from legitimate senders like banks and other institutions — and don’t download files from unknown websites.
“You have more power than you think. You have control over clicking on links in email and what programs you use. The reason why (hacking) works is it’s human nature to be curious,” said Monica Eaton-Cardone, chief information officer of Global Risk Technologies, an international technology firm that provides dynamic risk mitigation.
But don’t get upset if you do fall victim, said Adam Levin, chairman and founder of identity-theft mitigation firm CyberScout and author of “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves.”
“Internet breaches have become the third certainty of life,” he said.
Use your anti-virus and anti-malware software programs. Eaton-Cardone said nontechnical people sometimes get frustrated by default security settings. The settings can be so high that they prevent users from going to otherwise safe websites. That sometimes leads people to disable the software, leaving themselves vulnerable to attacks, she said. A simple fix is to adjust the security settings to be less aggressive but still keep the user safe.
Eaton-Cardone and Jerry Beilinson, electronics editor for Consumer Reports, said free anti-virus software like Avast does the job fine. She also likes Malwarebytes for free malware software. Paid software like BullGuard Internet Security ($59.95) and Kaspersky Internet Security ($79.99) rate higher in Consumer Reports testing because they offer more features and convenience, he said.
Eaton-Cardone said a big difference between free and paid programs is people need to remember to run checks manually with the free programs.
Get a new router if it’s more than a few years old, Beilinson said. Routers offered by internet service providers are fine, but buying even a high-end router is more cost-effective than renting, he said.
Any router that doesn’t have WPA2-AES, the latest encryption standard, should be replaced, Beilinson said. The new-generation routers are more user-friendly. For instance, they send users notices to update firmware, and offer greater coverage in homes. Top models include Linksys AC2600 ($229.99) and eero Home Wifi System (three-pack, $499).
Use a password manager, Levin, Beilinson and Eaton-Cardone said. These systems store users’ passwords securely, either in the cloud or on their computer, so people only need to remember one password when they log into their pages on devices other than their home computers.
Most password managers have both free and paid versions, with Dashlane (Premium, $39.95), LastPass (Premium $1/month) and 1Password (Premium, $2.99/monthly) among popular versions, they said.
Some people remain squeamish about trusting a single system with all their passwords, and the experts said it’s understandable to feel a bit apprehensive. Some password managers have been infiltrated, Levin said.
But that data holding passwords is encrypted. The main issue is if hackers figure out the main password to log into the site.
People who are wary about these systems can create their own passwords and save them on an encrypted flash drive, Levin said.
Eaton-Cardone said she’s not worried about password manager security and recommends people use them.
“At the end of the day, everything gets hacked,” she said. “I look at it this way. A password manager is a great idea for two reasons. One, it’s going to encourage you to use different passwords for every site you go to. If you have to remember all those passwords, you’re never going to put yourself through that kind of hell. You’ll think of something, and it wouldn’t be secure anyway. Second, if I have a third-party vendor, this vendor is taking on such liability they have a lot more to lose if they experience a hack than I do.”