Last Updated on
Last Updated on
Nothing has changed the world in the last century quite like the Internet, which has revolutionized human communication and connected people from all over the globe since the invention of the World Wide Web in 1989.
In that short time, the Internet has become a staple in everybody’s lives, both young and old. Unfortunately, all that change comes with problems that every responsible Internet user should be aware of.
That’s why we’ve taken the time to make this guide. Over the next few minutes, we’re going to go through all the essential tips and security concerns that you need to keep in mind when on the Internet.
From the dangers that you can find online to the precautions that everybody can take, for completely free, this guide covers everything a casual Internet user should know.
In this guide you’ll find:
Just like with society at large, there are dangers out there that you should be aware of when going through the Internet.
Most people on the Internet choose to be anonymous and, while many of them do so for their own safety and privacy, this anonymity amplifies certain bad behaviors that can make the Internet a dangerous place to be.
Let’s discuss the following dangers of the Internet:
To start with one of the tamest dangers of the Internet, we have cyberbullying.
When bullying can be a problem in real life, where everybody’s identities are known, it only makes sense that those with anonymity feel they can get away with verbally abusive behavior online.
Part of this is also because most of the time, people get away with saying offensive things online. This is just a fact of the Internet that has existed since its conception and continues to exist despite attempts to sanitize it.
The Internet connects most countries of the world, so policing offensive speech can often cross borders, making any legal action untenable or costly.
Even when it’s contained within national borders, if that nation is America then there may be free speech protections on what was said, and there’s a spirited debate over whether those protections help or harm most people’s experiences with the Internet that isn’t going to reach a solution any time soon.
That’s just for material that may seem offensive, however. Cyberbullying can be slightly different and can often be classed as harassment.
So, what can you do if you’re dealing with cyberbullying? Well, we should explain right now that the Internet is very tricky when it comes to the application of the law.
If you’re getting harassed by somebody online, it’s often not worth the time nor money you’d spend pursuing some kind of legal action unless it follows you across the Internet. Instead, you’re better off solving the situation using other ways.
What do we mean by this? If you’re being cyberbullied, it’s highly likely that it’s isolated to a singular platform or social media site.
Social media can be easier to hold people accountable for their actions since companies like Facebook require some form of identification to keep your account open.
To give an example, if a teenager is getting bullied by someone over a social media account, who also goes to the same school, then the school can arrange to talk to the people involved, and their parents, and then pass down disciplinary measures.
Social media sites are hotbeds for cyberbullying and harassment, with consistent study data showing at least 30% of teens have experienced cyberbullying (Cyberbullying Research Center, 2016).
This number has been reported to be higher in other studies and polls, with 59% of U.S teens reporting that they had been harassed online, often by those of the same age (Pew Research Center, Sept. 27, 2018).
You don’t have to be involved in cyberbullying to have come across it online, however.
A similar study conducted by McAfee instead targeted those who had witnessed cyberbullying, often as a passive observer, where it was reported that an overwhelming 87% had seen it occur (McAfee, 2014. ‘Teens and the Screen study: Exploring Online Privacy, Social Networking and Cyberbullying’).
It’s also worth noting that the first Cyberbullying Research Center study also had 11.5% of those between 12 and 17 admit to taking part in cyberbullying online.
As you may suspect, this number could be higher, as is often the case when asking people to self-report on socially taboo behaviors.
So, what can you do to evade cyberbullying and harassing behavior? If cyberbullying is happening on one platform, and you’re unable to hold them accountable in the real world, then you need to check out the privacy options on your account.
To continue with the Facebook example, Facebook has gone very far in fleshing out their account privacy options so that you can choose who sees content on your account.
Set it to only friends and, if the person harassing you is a friend, unfriend them and block them so that they can’t send you messages. Usually, this is the end of the situation.
Things are different if you’re in an anonymous forum that may not have as rigorous account protections that allow you to block people. In those cases, it’s worth noting that the anonymity of these spaces comes with a price, which is often paid in the form of little to no moderation.
In those spaces, it’s often very easy and not much trouble to fire up another account to escape would-be harassers. It becomes much more serious if your reasonable expectation of privacy is breached, which brings us to the next danger…
As we start to ramp up the threats that online exposure can bring, we need to talk about the expectation of privacy online.
As we said, many use the Internet anonymously in some capacity.
If you have ample privacy options on sites that often disclose the personal identity, like Facebook, then you obviously have a right to privacy when you use usernames and pseudonyms on Twitter or Instagram. Whether it’s part of cyberbullying/harassment or completely out of the blue, the foremost invasion of privacy is having your personal information leaked online.
This is such a problem that we have a word for it, doxing (sometimes doxxing), which is where somebody with malicious intent finds the identifying information of an individual and publishes it online.
This is usually an address or a telephone number and this harassment can spread to family members, too. The legislation regarding doxing can be inconsistent.
For example, existing legislation can nail somebody with a federal conspiracy charge if they happen to dox a U.S. government employee.
If it’s the average Joe, however, then there may be little to no protections in place for you. Usually, harassment or stalking charges can be applied to these situations, whether it’s as part of a criminal or civil action.
So, what do you do if you’ve been doxed? Legal action may be a possibility, so that’s something you’ll need to look into. If not, a protection order at the least may be more realistic. These will require you to have the identity of the person who doxed you, ironically.
As a term that emerged from the hacking world, some doxing is done in the name of good. If some post illegal material online then ethical hackers can and have doxed them and handed this information to the relevant authorities.
In the meantime, you should immediately take evidence of the doxing. This means screenshots or images of the publicly available information about the account and proof that they posted your private information.
Potentially illegal material has a way of being deleted after a while, often by the poster to cover their tracks, so get the evidence right away.
If possible, contact the site to see if they can get the material taken down once you have the evidence you need, to take the heat off yourself and your family.
If you hadn’t noticed yet, the dangers we’re presenting can occur in a sequence.
Cyberbullying and harassment can lead to a dox and, once your personal information is out there, you’re now much more susceptible to identity theft.
There are tiers to identity theft. If somebody hacks your Facebook and posts illicit or hacked material under your name, which can also compromise your friends’ data, that is a problem.
However, if your Amazon account or any other e-commerce service that holds your banking information is compromised, then that’s a whole different issue with even worse real-world consequences.
Of course, most people don’t steal your identity for the fun of being you. They often do it with the goal of defrauding you in some way. This is often done for the purpose of financially benefiting the fraudster.
If an identity theft attempt seems to be part of ongoing cyberbullying and doxing you’ve received, it’s probably not the person who cyberbullied and doxed you that’s trying to steal your identity unless you’ve come across a particularly bad egg.
Somebody sending you offensive messages that may or may not be legally actionable is a world apart from a patently, federally illegal act like identity theft.
It’s not uncommon for fraudsters to frequent forums where doxes get posted to make money off of other people’s feuds.
At approximately 13.87% of all consumer complaints in 2017, the Federal Trade Commission has identified identity theft as the most common form of a data breach in 2017 (Federal Trade Commission, 2017. ‘Consumer Sentinel Network Data Book 2017’).
We’ll get into more examples of data breaches below. Thankfully, awareness of this particular danger seems to be pretty high among the American Internet population at 73%, as Experian found (Experian/Edelman Intelligence Survey, August 2017).
Identity theft comes in the following forms, ordered in commonality as reported by that FTC 2017 Consumer Sentinel Network Report:
Continuing with the data breaches that make identity theft possible, breaches of data can pose a risk to you and your wallet without even needing your personal identity.
If we’re following the statistics outlined in a more recent FTC report, imposter scams are the number one fraud occurrence, which doesn’t necessarily use identity theft (Federal Trade Commission, 2020. ‘Consumer Sentinel Network Data Book 2020’).
If you’re short on time, the main findings of this study have been compiled into infographics by this FTC-supported public.tableau site. There was a noticeable increase in fraud during the 2020 lockdowns due to the COVID pandemic.
With everybody stuck inside in most developed nations, there were a lot of instances where data was stolen via telephone, email, and other website services.
These are all geared towards the same nefarious end, to take your hard-earned cash.
Even without the current situation, data breaches have boomed over the last five years as evidenced by Statista research (Statista, August 2020. ‘Cyber crime: number of breaches and records exposed 2005-2020’).
Your telephone is obviously not connected to your online activities, at least not explicitly. It may go without saying for some of you but you should never post your phone number on a publicly available forum.
On sites like Facebook, if your account is connected to your phone number, make that information private. You can make it accessible to friends but then you must be more careful in who you befriend online.
As for email and website data breaches, you need to verify the sites that send you information. See our tips on that below in our How To Stay Safe On The Internet segment.
The above identity theft and data breaches don’t happen by themselves.
There’s always somebody behind these attempts.
The good news is that they’re usually total strangers, so they harbor no personal malice towards you as a person, as is often the case with cyberbullying and harassment.
The bad news is that they want your money and don’t care about the harm their fraudulent actions cause.
As an aside, when talking about doxing we mentioned that ethical hackers exist. This is true, to the point where intelligence agencies over the world recruit from notorious hackers to use their skills for good.
When we mention hackers going forward, we’re talking about unethical criminal hackers who pose a threat to your data and your wallet.
The surest way to keep hackers at bay is to not trust anybody you don’t know online.
Posting in an anonymous chat room or social media site under a pseudonym is one thing but you should never divulge personal information or engage in prolonged conversations with people who aren’t worthy of your trust.
If you have elderly relatives, make sure that somebody doesn’t use their naivety towards the Internet to con them out of their life savings.
Also, the rise of mobile phones being connected to the Internet means that the foremost threat to your security may be in your pocket for most hours of the day. A big threat with smartphones is the apps that are free to download.
The moderation of the Apple and Google Play stores isn’t ironclad and so malware and downright fraudulent content sometimes make their way into the market.
Even seemingly safe apps can be deemed high-risk, as found by Symantec where 1 in 36 smartphones had high-risk apps installed (Symantec, 2019. ‘Internet Security Threat Report Vol. 24 February 2019’).
Hackers aren’t the only people who cause grief online. The gravest threat that the Internet can present comes in the form of online predators.
The Internet is open for everybody to participate and, as a mirror to society, you get the worst people along with the best.
Online predators are usually sexual predators who want to use the unprecedented communications reach of the Internet to find vulnerable people to prey on.
It’s a sad reality that sexual predators lurk wherever children find themselves online, which is why monitoring child Internet activity is paramount to keeping children safe.
Remember that the worst-case scenario, a meeting with a stranger leading to abuse or abduction, is only one kind of tactic a sexual predator will use.
More careful predators will simply try to coerce children into producing Child Sex Abuse Material (CSAM) which is still a crime. Don’t wait until a meeting is attempted to report a predator, just asking for sexual images is still a crime.
If a teenager gives just one image to a predator, that can then be used for sextortion, where the predator will blackmail their victim with the threat of exposure to make sure they keep complying with the predator’s demands.
The most problematic age for encountering sex predators are between the ages of 12 and 13 to 15, according to the Crimes Against Children Research Center citing the Journal of Adolescent Health (Journal of Adolescent Health, 2004. ‘Internet-initiated sex crimes against minors: Implications for prevention based on findings from a national study’).
Since 2004 the digital landscape has changed, but only for the worse in terms of how exposed teenagers of this age can be to the criminal elements of the online world.
To protect a child or teenager from predators when they are using the Internet, consult the following tips:
Now that we’ve discussed the main dangers you’ll find on the Internet, let’s go through some of the verified ways you can keep your online presence safe from fraud and other dangers.
The first and foremost action you can take to keep yourself safe online is to limit the personal data and information you put out there.
Remember that the Internet is forever, so putting information out there is a risk anyway.
Even if you aren’t targeted by anybody, tasteless things you say or post online can come back to spoil opportunities for you in the future as employers often check social media when employing.
So, protecting your data matters.
Even data that isn’t very personally-identifying can pose a security concern. In today’s age, we sign away many data rights whenever we accept the terms and conditions of an online service.
As the saying goes, if a service is free it’s because you’re the product. It’s not uncommon for the massive social media sites to sell user data for a quick buck.
Usually, this is done for advertising, which is relatively unobtrusive compared to what we’ve been talking about so far but selling to the wrong person can result in unwanted emails and cold calls trying to swindle you.
Companies aren’t the only ones who want your data. Whether it’s the USA, UK, Russia, the Middle East regions, and of course China, you name the country, their governments have a hand in some form of data collection on citizens.
While often done in the name of security, whistleblowers have exposed that the American NSA and the British GCHQ were sharing and employing surveillance technology that went far beyond monitoring terroristic threats.
When targeted by a malicious hacker, it’s the puzzle pieces of personal information you leave online that make you vulnerable.
If somebody manages to put certain pieces together, they may be able to get enough information to compromise or impersonate you through social hacking.
That’s where they learn enough about you to the point where they think like you, and accurately predict your password and verification behaviors.
Part of keeping your financial information, along with other info types, will depend on where you choose to put that data.
You should only spend prolonged amounts of time, and enter data into, sites that are secure. Question is, how do you see if a site is secure or not?
This is easier than you may think. Look at the top of your browser page, where the URL of the website is. To its left, there will be a symbol.
With Google, it’s either a closed lock, a lowercase “i” letter within a circle, or a bright red triangle with an exclamation point inside it.
You can probably guess what the padlock means. Your connection to the site is secure, and so it’s improbable that anything obtrusive will be done with your data.
As for the others, they should be treated with some caution. The “i” is quite common too, but it varies in whether it presents security or not. There isn’t a private connection.
Sometimes you can take the http:// at the start of the URL and make it “https” instead, which may take you to a more secure version of the page.
The difference between HTTP and HTTPS lies in their level of security. Without getting too deep into the technical details, HTTP is unsecured while HTTPS is. That means HTTPS is encrypted and benefits from Transport Layer Security protocols while standard HTTP does not.
The red symbol means that you should be careful on-site. Don’t use it if you can’t help it and if you do, only lurk.
Don’t make any accounts and definitely do not enter any personally-identifying or financial information as it can be subject to misuse or can be acquired by bad actors via hacking.
If you use your smartphone or laptop in public spaces a lot to surf the web, you may want to look into getting some extra protection.
Public Wi-Fi isn’t safe in many cases and sometimes the convenience that you get from them isn’t worth the security risk. The security risk is fairly obvious.
If a private Wi-Fi was accessible to anyone without any need for authentication, we’d all consider that Wi-Fi compromised.
For public Wi-Fi, however, that’s how they need to work to allow everybody to access it. Yes, everybody includes cybercriminals too. A common play these criminals make is called a Man-in-the-Middle attack.
This is where they access public Wi-Fi to digitally eavesdrop on your online activities, a position from which they can steal your information.
This is especially the case if you’re sending emails and entering financial credentials through the public Wi-Fi network.
If the criminals are sophisticated enough, they may even set up a honeypot. This is where they’ll put up a public Wi-Fi system and wait for people to join.
They do this in public places where you’d suspect a public Wi-Fi to be but, in reality, the Wi-Fi belongs to fraudsters who get access to your data if you connect.
If you have to use Wi-Fi, verify with business owners that they have Wi-Fi first, and even then, check if you’re connecting to the right one.
4G or 5G are much more secure and a better alternative to Wi-Fi, so if you have access to those services then don’t use public Wi-Fi at all if you can’t help it.
If that isn’t an option, you can get your own Wi-Fi hotspot to use for mobile devices like laptops. Microsoft Windows should ask when you connect to a hotspot whether it’s a public or private connection.
By selecting public, Windows will limit data sharing and enable its firewalls to keep your information even safer.
Another option available to those who want to protect their online movements is a VPN.
As data collection and tracking data only become more common, VPNs have become incredibly popular over the last decade.
According to statistics gathered by Finances Online’s Research Center, 74% of Americans have limited their online activities through the use of a VPN because of privacy concerns, with 50% of those asked showing great concern for that privacy.
No matter your connection type, VPNs are great for keeping your data secure. That doesn’t mean any old VPN will do, however, so let’s take a look at what these software tools are and what they do for you. VPN stands for Virtual Private Network.
This is essentially a tunnel between the web servers that we interface with when online and the browser windows that show up on our screen.
Since data packets are encrypted, there’s virtually no threat of your IP being visible to those attempting to track you. The new IP address that is listed is often not in your same country, so anybody who grabs your IP now thinks you live halfway across the globe.
The popularity of VPNs means they get used for not strictly privacy reasons too. By pretending to be an online user from a different country, you can sometimes access content that was restricted on geographic grounds with a VPN.
This means a lot of people are incentivized to protect their Internet surfing because they can also let you watch the next season of your favorite show if it’s only available on Canadian Netflix.
Remember what we said, if it’s free, you’re the product. If you hate the idea of any data being collected about you, go for a premium VPN. It costs, sure, but the premium options are the ones that collect less data or don’t track anything you do online.
Free options also tend to be slower and they may impose bandwidth restrictions. VPNs are banned in some countries, so check the laws of your region first in case you risk getting in trouble.
You should also check which countries your chosen VPNs are registered in since some governments can request information from VPN companies. For two popular premium VPNs, check out NordVPN and ExpressVPN.
When it comes to setting up accounts online, you want to have a great password.
As we mentioned earlier, hackers can find out details about your life that allow them to socially engineer your passwords.
Yes, that means the more a password correlates with personally-identifying information, the higher the likelihood a hacker who’s targeted you for long enough can figure it out.
The National Cyber Security Centre in the United Kingdom found that the most common passwords to be compromised contained names, favorite football (soccer) teams, musicians, and fictional characters, all in lowercase lettering with no numbers or capital letters (National Cyber Security Centre, 2019. ‘UK Cyber Survey’).
This is why you need a strong password and some accounts that handle financials even demand it, otherwise, you can’t open the account.
This is usually done in the form of requiring a capital letter, a number, and maybe even a special character like an exclamation point. The more varied a password is, the less chance a hacker can crack it.
Have many passwords, too. Having one password for everything is convenient and easy to memorize, sure, but that means the hacker only needs to hit one target to get access to everything.
If memorizing many passwords sounds like your personal brand of hell, then there are password managers and software that generate random passwords you can use. Lastpass and Dashlane are popular examples.
A handy safety net for any password is two-factor authentication. This is where, after entering your password correctly, you need to access another device like your phone and receive a second, randomly generated code.
If you get an unsolicited second code flash up on your smartphone, you know an almost-successful attempt has been made to access one of your accounts.
Google isn’t the only watering hole in town.
While that search engine is overwhelmingly the most popular option, we’ve seen the rise of privacy-focused search engines over the last few years.
One of the most popular of these is DuckDuckGo, but you can also look into the following sites:
The tracking cookies that monitor your online activity have to be kept somewhere, and that’s in a cache.
Your browser history also retains data about your Internet travels, so to cover your tracks online, you should purge your search history.
This is a relatively simple process; you should know how to access search engine history if you’re familiar with the search engine you used to find this very page.
From there, delete search history but make sure to tick any boxes that delete cookies, site data, and cached images or files.
Along with securing your mobile device by making sure you don’t access public Wi-Fi often and only downloading apps that are verified and trustworthy, you should also update your phone often.
Whenever there’s an update, you should let it happen.
The same advice is true for desktop computers, of course, but we use our phones so much that people are prone to putting updates off. Updates contain important, well, updates to the coding of your smartphone. Part of that is the security measures that are in place.
If an update has a much-needed security overhaul that has come to the attention of your phone’s manufacturer, then chances are they caught wind of this due to successful hacks on the phone model you’re using.
By keeping an outdated version on your phone, those old tricks will still work on you while they won’t work on somebody who was diligent and updated their smartphone when first prompted.
As we covered, you’ll want to take a look at how secure the sites you visit are.
As a general rule, don’t spend too long or input any information on a site that shows a red symbol before its URL.
The reason site security certificates exist, which search engines look for, is to verify that the site is real and not a replication intended to honeypot trap people’s data.
The two main things you can do to improve the safety of any site you visit are to keep your firewall on and use an antivirus extension that can detect and notify you of any problems that may exist on the sites you visit.
If you run Windows, a Windows Defender Firewall can be found and accessed in the control panel.
If you ever have troubles with a firewall, you should add trusted programs and pages to its exemption list so you can access them without a false positive threat alert coming up.
Antivirus software usually comes with a firewall anyway, and one more competent than you’ll ever get with a free firewall. AVG is a classic option for those who want functioning antivirus and firewall protections without paying.
So far, we’ve talked a lot about restricting or not engaging with certain parts of the Internet to keep your data safe but it’s not all doom and gloom, there are quite a few plug-ins that make online security much easier. Check some of them out below.
That’s it, you should now know all of the basics you need to know to stay safe online. Whether it’s avoiding the aggressive behaviors of certain Internet users, protecting your loved ones from possible predation, or safeguarding your valuable accounts and data from fraudsters.
It’s important to remember that for most people, most of the time, you have full control over where your personally-identifying information goes.
By being vigilant when online, you can prevent everything from worst-case scenarios to relatively minor occurrences and annoyances, all while you and your family enjoy the positive things that the Internet has to offer.