With the sophistication of attacks by hackers, you have the minimum security today is a luxury. But, everyone can afford to adopt common sense and good practices.
Many reports of threats to users show that they are often called upon by hackers in one way or another to carry out their attacks. It means that the behavior of the user himself can help or block cybercriminals in the implementation of their attacks. So, what are the little habits to be banished to avoid being exposed to enormous security risks?
The list is certainly not exhaustive, but they include the following:
1. Enable Adobe Flash by default.
Flash security issues can no longer be recalled. Browser editors invite users to flee Flash like the plague. It is therefore recommended not to activate it unless it is really necessary.
2. Use easy-to-remember passwords or re-use the same password.
Historically, the selection of a password results from arbitration between an acceptable level of complexity and an easy to remember a password. Very often, users prefer an easy password to remember, which can also be easy to become by someone else.
Failing to use passwords that are easy to remember, others preferred a complex password but used for all their accounts, to remember them more easily. The risk is that hackers are aware of this behavior in users. When they succeed in finding a password for a given account, they test it on the different accounts of the user.
3. Store your passwords or credit card information into their web browser to avoid typing them each time.
Browsers offer the ability to save your information in forms on websites. But for your sensitive information or passwords, it is better not to save them in the browser. Moreover, it allows you to retain them so that if you use another browser or machine, you have no trouble logging into your accounts.
4. Ignore or block the updates, because they always happen when you have urgent work to finish.
By doing so, you leave your devices vulnerable. Updates do not always come to add new features you do not necessarily need. Most of the time, they begin to offer more protection to your device.
5. Open attachments from people you do not know.
No one knows what is behind an attachment. It can be a carefully designed threat to infect your machine. You should, therefore, avoid opening them when you do not know the shippers. Moreover, even attachments that come from your friends do not offer you a 100% security guarantee.
6. Click on the links to people you do not know.
Links are also one of the frequent ways to disguise a threat. They can redirect you to compromised sites where a malware will be downloaded silently on your machine.
7. To transmit sensitive information such as credit card information by email.
No messaging service is secure, although some are more secure than others. It must, therefore, be borne in mind that minimizing the amount of sensitive information and data in e-mails is necessary to prevent this data from being in the hands of the wrong person.
8. Enable the contents of a macro in an MS Word or Excel document that you do not know the author.
Macros have been and continue to be important vectors of attacks. This is why a warning is given to the user when opening a document containing them. If you do not know the author of the document, you should avoid as much as you can to activate the content.
9. Connect to public WiFi networks.
One cannot know who can be on a public network, perhaps a malefactor waiting to find prey. Therefore, you should avoid connecting to public WiFi networks as much as possible.
10. Accept all USB drives on the machine.
The USB key is a traditional way to transfer files from one machine to another. But it is not only the files that can be transferred, there are also threats.
11. Leave Bluetooth enabled and protected it with a default password.
Bluetooth can be very easily hacked. The very nature of the media (radio waves) implies a number of generic threats such as passive eavesdropping and analysis, as well as Man-in-the-middle attacks, which include intercepting communications to capture data between two people.
There are also several flaws on the Bluetooth that allow in addition to carry out certain specific attacks. It is therefore necessary to use the Bluetooth protocol only if necessary; Do not leave it activated for no reason; Not to leave its equipment in visible mode; Reject any unexpected solicitation, but also change the default login password.
12. Leave WiFi always on, even when you are not using it.
The risks here are practically the same as those faced by a user who lets his Bluetooth activated while he is not using. If Sniffing makes it possible to search for available networks, today, for many hackers, it mainly allows to find WiFi networks that they can penetrate by force to implement their attack. To avoid being trapped by a WiFi sniffer, the simplest solution is to disable WiFi, so do not leave it on when you do not use it.
13. Connect to your accounts from other machines.
Your machine is certainly the one you can trust most, since you have more or less control over what you install. On another machine, not knowing for example if a spyware is installed, you should avoid connecting to sites where you provide personal information or sensitive data.
14. Download mobile apps without reading comments and requests for permissions.
Reading comments, but also authorization requests can in some cases prevent you from installing malicious software or spy on your mobile device. For example, a torch application that requests access to your contacts. You do not have to be smart enough to know there’s something wrong.
15. Provide personal data (email, contact, etc.) to an unknown site in order to download a super file.
Some sites require users to provide personal information to download files. The user may be tempted to do so if the file is interesting. In most cases, sites request this information for marketing purposes, but hackers may also use this technique to gather information for future attacks.