Cybersecurity

Cyber attacks: 10 rules to protect yourself online

Stefano Salvadeo Stefano Salvadeo

Find out how to prevent and face cyber threats

There are at least 10 best practices to follow to avoid unpleasant surprises. All too often, common sense is not enough, awareness of this issues needs to be raised to limit cyberattacks, which can lead to a complete loss of data, besides mining the integrity of personal data and thus our cybersecurity.

Rules for a strong password

Having a complex password is the basic rule, nowadays almost all websites require a password containing alphanumeric characters and difficult to guess. To be secure, a password must be at least 8 characters long, include numbers, special characters, uppercase and lower case letters.

It might seem weird, but most violations occur by trial and error, trying first common words and expressions related to the person being attacked. Password need to be updated on a regular basis and it is absolutely inadvisable to use the same password for different websites and portals. Of course, passwords must neither be shared with anybody, nor written down (even on the mobile!).

Beware of emails

Each of us receives lots of emails every day, but not always there is time to pay attention to details. Actually, very often it is possible to spot an email containing viruses or other threats from the subject line. If an email is not pertaining to your activities or interests, better move it directly to trash.

Moreover, very often it is sufficient to pay attention to the language used: being sent simultaneously in more Countries, automatic translation is used in malicious emails. Even when the sender seems to be known, better pay attention to the text of the email (even more so if there are attachments) and to whether it is in consistent with the relation you have with them.

Executable files

Be careful not to launch executable files attached to emails, downloaded from websites of which reliability you are not absolutely certain, or present in mobile devices connected to your PC. Executable files are not only those with the extensions .com, .exe or .bat.

Be careful also with the following extensions (including but not limited to): gif, pif, msi, msp, scr, hta, cpl, msc, jar, application, gadget, cmd, vb e vbs, vbe, js e jse, ws e wsf, wsc e wsh, ps1, ps1xml, ps2, ps2xml, psc1, psc2, msh, msh1, msh2, mshxml, msh1xml, msh2xml, scf, link, inf, reg. Keeping up to date with the dangerous extensions can be a good way to protect oneself.

Browse the Internet safely

Of course, it is better to avoid strange and unserious websites, but it is better not to underestimate those with expired certificates, too. Browsers can identify them and it is better to avoid them right away. Furthermore, it is advisable not to provide personal and bank details upon registering and in any case, better read the privacy statement, even though it requires time and attention.

How to use USB flash drives

It might seem strange, but it is advisable to avoid connecting your smartphone to other PCs and allowing others to use their USB drivers on your PC and vice versa, as smartphones and USB sticks can carry viruses and easily infect other devices.

Timely update your operating systems

The updates required by operating systems can take a lot of time and we often tend to postpone them. But non updated programs are much more vulnerable and open to ever evolving threats. Updating programs as soon as required will make devices much more secure.

Antivirus is not optional

The antivirus software needs to be kept constantly updated, both on the single PC and on the server and even more important on the email server - which can expose us more easily to cyberattacks - as it identifies emails potentially containing viruses.

Backup your data

Even if you use your computer for personal reasons and not for work, it is always advisable to have a backup copy of all your data. Of course, if you use your device for work, a backup is essential to avoid losing everything by mistake.

Turning the PC off and on is not a solution

But what to do if your PC is behaving strangely? If your PC has already been infected, it is better to disconnect it from the network and call the assistance in order to keep damages to a minimum and look for a professional, rather than a homemade solution.

Create two different users

A thing which is not often done, but which can be a good way not to endanger one’s PC, is to create two users with different “tasks”: a user with administration authorisations, for all operations requiring them (e.g. installations, etc.) and a user for daily operations, thus with limited authorisations. For business networks, different levels of authorisation to access different disks can be set: a virus infecting a PC on which all drives are set as local drives, would actually infect all of them.

Find out more on our IT & Cyber-security services.

Cybersecurity
Locking down the value of data How safe is your company? Find out more