Computer and internet security tips against viruses and hackers
The internet is full of threats and each day new threats, such as malware (computer viruses, ransomware, spyware, adware, rootkits, trojan horse, worms, etc.) arise.
Also, hackers (phishing, identity theft, etc.) are a real threat online and all these threats can cause serious damage to your computer and even your personal life.
Fortunately, there are some things you can do to better protect your computer, home network, internet connection, and online activities against viruses (and other malware) and hackers.
Computer and internet security tips
The best computer and internet protection is YOU and you will have to be careful with everything you do, online and offline. These tips will help you to better protect yourself from viruses (and other malware) and hackers.
1. Use a genuine version of Microsoft Windows.
Using pirated (cracked) versions of Windows can bring you many disadvantages, such as:
- No official and commercial support from Microsoft.
- Windows could be modified by a hacker to spy on you.
- No official versions and updates. Updates are very important!
- Windows could work slowly because of the hacks been done to make it genuine.
- Malware (computer viruses, spyware, trojan horse, worms, rootkits, etc.) pose an unstoppable threat.
Tip: if you don't want to buy a genuine version of Microsoft Windows, then I recommend using an alternative free operating system, such as Linux Mint or Ubuntu (both are quickly installed and easy to use).
2. Use a Firewall.
A firewall is a software or hardware that helps screen out hackers and malware that try to reach your computer over the Internet. (1) Windows comes with a (software) firewall built-in, but you must be sure that it's turned on.
3. Use antivirus software – no matter how careful you are.
No matter how smart you think you are, you can still benefit from antivirus software on your Windows PC. You can see antivirus software as your final layer of protection. (2) Even one of your favorite websites can one day be infected with malware and antivirus software can protect you against it.
The free antivirus programs I recommend are:
If you need more functions (e.g., multi-layer ransomware protection) and settings, then you can try a paid antivirus program.
Most antivirus companies offer the option to download and try their paid antivirus programs for free for 30 days.
The paid antivirus programs I recommend are:
Bitdefender and Kaspersky always have top results in antivirus tests, like AV-TEST and AV-Comparatives.
4. Keep Windows and software always up-to-date.
Updates may include important patches to fix security vulnerabilities and this prevents attackers from exploiting security holes.
5. Always take security warnings from Windows, antivirus software and your web browser seriously.
If you ignore security warnings from Windows, antivirus software and your web browser, then your system will get infected with malware.
6. Don't use a Windows administrator account for daily use, but use a standard account instead.
If malware or a hacker gets access to your system, then the malware or hacker has the same rights to whatever account you're using. So if you use an administrator account and malware or a hacker takes control of your system, then the malware or hacker can do anything he, she or it wants and have full control of your system, but if you use a standard account then they can only do things that don't require administrator permission, so he or she can't change important system settings or install malware, and malware can't install itself unless you enter the administrator password.
7. Don't download, install and use pirated/cracked software.
Pirated (cracked) software could infect your PC with malware. The crack (a piece of software used to crack the software to make it look genuine) might actually be disguised malware. (3)
8. Always download software from a trusted source, like the official website of the maker of the software.
Nowadays when you want to download software you have to be very careful before you click on any download button or link, because you never know what you may end up with! You might be downloading and installing crapware or adware.
9. Pay attention when installing software.
Never click to fast on Next, Install or OK when installing software, because you might install extra unwanted third-party software (like toolbars). If you see extra offers, then uncheck all their checkboxes.
10. Never click on OK, Yes or Run when a pop-up window appears to ask you to download and install unknown software.
Malware will sometimes try to trick you into installing even more malware. Example: a pop-up window appears with a warning message like “Your Windows computer could be at risk! Install the repair tool to clean and protect your system” and when you click on Secure now, OK, Yes or Run then your system gets infected.
11. Check free software before downloading and installing it on your computer.
The software could just be Malware disguised as software, so always Google the software first and look for reviews or forums that talk about this software.
12. Don't download and open email attachments from a suspicious email – unless you can verify the source.
Many computer viruses are delivered through an email attachment. Attachments that contain viruses are either executable programs (file extensions: .com, .exe, .vbs, .zip, .scr, .dll, .pif, and .js) or macro viruses (file extensions: .doc, .dot, .xls, and .xlt). (4) And if you don't trust a file or link, then you can also check it using VirusTotal.com.
13. Disable or better yet, uninstall Java if you don't need it.
Java has a lot of security vulnerabilities which are constantly being exploited in cyber attacks. Java vulnerabilities are one of the biggest security holes on your computer. It needs constant patching (security updates).
14. Disable or uninstall Adobe Flash Player if you don't need it (disable also in your web browser).
Like Java, Adobe Flash Player has also a lot of security flaws which are being exploited in cyber attacks. You should also disable it in your web browser because browser plugins are a favorite target for malware and cybercriminals because they are generally full of unpatched or undocumented security holes that cybercriminals can use to take complete control over vulnerable systems. (5)
15. When you insert a USB flash drive or external hard drive from someone else into your PC, then scan it first with your antivirus program before opening or copying anything.
It's always a good idea to scan someone's USB flash drive or external hard drive for malware when you use it on your PC because USB plug-and-play devices are the easiest method to infect computers.
16. Never click on unknown links or links that look suspicious.
Links can bring you to malicious websites that will infect your PC, or they can bring you to a fake login page and when you type your login information into this fake login page then hackers will have this information also. So when you get an email with a link in it, then don't just click on it. Same counts for links on unknown websites. If you are curious about a link, then you could check the link (URL) at VirusTotal.com.
17. Never download codecs or players to watch videos online.
If a website wants to install video codecs or a media player then don't allow it. It's not worth the risk. Most likely you can find the video on YouTube or another video website anyway.
18. Disable macros and ActiveX in the Microsoft Office suite (Word, Excel, PowerPoint, etc.)
These are bits of software that cybercriminals often use to spread malware and infect computers. (6)
19. Enable the “show file extensions” option in Windows and always verify file extensions before clicking on them.
Cybercriminals are very good at camouflaging files to make them look harmless. The purpose is to trick you into clicking on them and launch a malware infection that will take over your system. Change your Windows settings to show file name extensions, so you will avoid clicking on shady file extensions, like .jpg.exe (.jpg isn't dangerous, because it's an image format, but combined with .exe it is malware).
20. Disable Autoplay on your PC.
Autoplay is a Windows feature that allows you to quickly open digital media from USB flash drives, External hard drives, CDs and DVDs with designated software. Malware can use this feature to start running automatically and gain access to your computer.
21. Don't keep wifi and bluetooth on – unless you're actively using it.
Cybercriminals can use both of these connections to attack and compromise your devices.
22. Secure your home network.
- Keep your router's firmware up-to-date.
- Change your router's default IP address.
- Change your router's default administrator password and username.
- Encrypt your Wi-Fi network with WPA2 or WPA encryption (WPA2 is the strongest). Don't use WEP encryption.
- Disable UPnP (Universal Plug and Play).
23. Be careful when using a public, shared and free wifi network.
- Use a VPN (Virtual Private Network).
- Don't do things that require your bank account information, credit card information or other personal, important and sensitive information, like online banking or online shopping.
- Don't share files with personal, important and sensitive information, because they might get intercepted by someone.
- Disable network discovery, file and printer sharing and public folder sharing in Windows.
- Visit only websites that use HTTPS encryption, so that you will have a more private and secure connection to that website. Example: https://www.facebook.com.
24. Don't use too many web browser extensions (add-ons/plugins).
Web browser extensions are just part of the problem. Any form of browser integration can create security holes. (7)
25. Disable Windows PowerShell if you don't use it.
Windows PowerShell is a tool that's much more powerful than the Command Prompt. There are many types of malware (like ransomware), who abuse PowerShell to plant and execute malware deep in the victim's system.
26. Create regular backups of all your important files.
Ransomware is a type of malware (malicious software) designed to block access to a computer system until a sum of money is paid. If this happens, you will also lose access to all of your files (e.g., documents, photos, videos, etc.). Paying the ransom will not guarantee that you will get access to your system and/or files again. Ransomware is one of the world's fastest-growing types of malware. So having a backup of your files is very important.
27. When providing answers to security questions for your online accounts, add a short word (that only you know) to the end of your answer.
Social media can usually provide answers to common security questions. Adding a short word to the end of your answer can help prevent hackers (who have your personal information) from knowing the answer. Example word "day", so if your mother's maiden name is Johnson, then enter something like Johnsonday (e.g., Mother's maiden name: Johnsonday).
28. Disable SMB1 on Windows.
Microsoft recommends that you disable SMB1 for security reasons – especially for WannaCrypt, Petya (also known as Petwrap) and other ransomware because they also use this to attack the Windows operating system. (8) (9)
29. Be wary of emails asking for confidential information – especially financial information.
A legitimate organization, like a bank, will never ask for sensitive information like your password, bank account, or credit card by email. When you have any doubts, visit the main website of the organization in question, get their phone number and give them a call or visit their office.
30. Never leave your computer, tablet or phone unattended in public.
If your device gets stolen, then someone has not only your device but maybe also your personal information (e.g., usernames, passwords, etc.). All it takes is someone with more than basic computer knowledge to get your personal data.
31. Use strong passwords for your online accounts.
Passwords protect your online accounts, so it's important to use strong passwords. A strong password is a combination of numbers, uppercase letters, lowercase letters and other characters.
If you are having trouble with creating and remembering multiple strong passwords, then use a password manager, like LastPass, KeePass, 1Password or RoboForm.
32. Never use the same password for multiple accounts.
If you use the same password for multiple online accounts and someone obtains your password in one way or another, then he or she will have access to all of your online accounts that use the same password.
Your password can get compromised by a phishing attack or in a data breach. Data breaches happen more often than you might think – even with big sites, such as LinkedIn, Twitter, Yahoo, MySpace, and Tumblr. If you want to check if you have an account that has been compromised in a data breach, visit https://haveibeenpwned.com, type your email address or username and click on the “pwned?” button. If your account is “pwned!”, you will have to act fast and change your passwords on all accounts that use the same password as the account that has been “pwned!”.
If you are having trouble with creating and remembering multiple strong passwords, then use a password manager, like LastPass, KeePass, 1Password or RoboForm.
33. Use two-factor authentication for your online accounts (email, social media, etc.).
Two-factor authentication (also known as two-step verification) is an extra layer of security for your online accounts designed to ensure that you're the only person who can access your accounts – even if someone else knows your passwords.
34. Cover up your laptop's webcam.
Hackers can access webcams through malware. If your computer gets infected with malware, then that malware could contain executable code that can turn on your webcam and watch and/or record you. (10)
If you want to be absolutely sure nobody is watching and recording you, then cover your webcam with tape, a peel-off sticker, or something else that can obscure the lens but can be removed easily when you actually want to use your webcam. (11)
35. Don't post a photo of your airline boarding pass on social media (and don't just throw it away either).
The barcode of a boarding pass contains information about you, such as your name, future travel plans and frequent flyer account. (12)
Someone can take a screenshot of your boarding pass, go to a website that can read and decode the data stored in the barcode of your boarding pass and view your information.
With this information, a hacker can get access to your frequent flyer account and reset the PIN number that you use to secure your frequent flyer account, change seats and even cancel any future flights.
When the flight is over and you're home or at your accommodation, then burn the boarding pass or toss it in a paper shredder.
That's all. If you want to learn more about computer and Internet security (cybersecurity), then please visit one of the following pages (after the ad).
Maybe you're also interested in:
Windows 10 security tips and is Windows Defender good enough?
Computer virus: types, symptoms, protection, and removal
How to remove malware (virus) from your Windows PC
Malware: types, protection, prevention, detection, and removal
Microsoft: What is a firewall?
HowToGeek: You need an antivirus on Windows, no matter how careful you are
Bitdefender: Dangers of using pirated software
MakeUseOf: 3 top ways people get infected by an email virus
KrebsOnSecurity: A month without Adobe Flash Player
HeimdalSecurity: The anti-ransomware protection plan you need to follow today
HowToGeek: Don't use your antivirus' browser extensions: they can actually make you less safe
Microsoft: Stop using SMB1
TheWindowsClub: Why and how to disable SMB1 on Windows 10/8/7
Mashable: Why it's a good idea to cover up your webcam
PCWorld: Why you should cover up your laptop's webcam
KrebsOnSecurity: Why it's still a bad idea to post or trash your airline boarding pass