Hackers devote their lives to breaking your website. They often have more time to devote to discovering flaws in your website than you have time to devote to building your website! While there is always going to be some risk of being hacked when you have a popular website, there are some important steps you can take to minimize that risk. There are some particularly high-risk situations that you can avoid to bring your chances of being hacked down to a very small percentage.
Using an open wi-fi network at a coffee shop, library, school or hotel, your connection is rarely very secure. Although many of these networks are password protected, the data itself is not always encrypted. Even on encrypted networks, public networks are notoriously out of date and running on razor thin budgets.
When you do surf on an open wi-fi network, exercise caution in what information you send over that network. Whatever accounts you log in to over that network are potentially targets. Any hacker that has gained access to that network could be sitting there in real time, capturing your information and saving it for use later on. Often, when one password is captured it can lead to accessing more of your personal and private information.
Providing passwords to help desk staff presents some risks as well. While it might seem unlikely that the support desk would give your password out, any time you provide your password you increase the risk of attacks. If you provided your password to a help desk tech, make a point of changing it once the problem is resolved.
Malware – one of the most common methods of attacking computers these days – is often spread through downloads. By downloading a seemingly safe file from an unknown source, you could unwittingly install malware on your PC. Once installed, malware can access nearly all of your private information, passwords and other logins and then transfer it to a 3rd party. In particular, avoid any website that makes you download a player before viewing content such as a video. If you really want to view this content, try downloading the program from the official site instead of the a third party.
Email phishing scams are also very popular and are getting very sophisticated. Email phishing is when you get a fake email posing as a legitimate website such as PayPal, Google or Facebook. These emails will often tell you there is a critical problem with your account, or that you have some important message waiting for you and you just need to view the attachment or click a link. Always exercise extreme caution in following these instructions. If you do mistakenly click on one of these links, make absolutely sure not to follow through and download any software that it might prompt you to install. When there is a file attachment, never, ever, ever open it unless you know who the sender is.
These messages are always identifiable under intense scrutiny. If you look at a real message from your site, you can sometimes see the difference. But even the most convincing email can’t fake the sender in all cases. Check the ‘from’ field to be sure. The address should have an official domain name after the ‘@’ sign. In order to be totally sure, look in your mail client for an option to display all the email headers to get the official sending address (sometimes they will use a fake sender address, but the source email address is usually identifiable). You can always play it safe by leaving your email, going to the official site and logging in from there.
Whenever you have multiple people using a computer you’re putting your accounts at risk. Even if it’s a family member or friend, they might inadvertently click something or log in to an account that exposes your personal information. If you need to share a password, make a point of changing it when they are finished. If you have multiple people sharing a single computer, consider setting up separate accounts for each user.
Surprisingly, most of the malware and viruses aren’t that sophisticated. They often use the same old tactics to infect your system – fake emails, bogus downloads and misleading links. Make it a habit to think twice about anything you click, download and especially any email attachment you open. These simple steps can prevent 90% of malware intrusions.