Basic Internet Security Tips

October 4th, 2013

In today's world, it can be very easy to find yourself with a compromised internet account. I would like to share with you some tips to reduce the chances of your accounts from getting hacked.

Email Setup

When setting up an email account on your phone, tablet, or other device, make sure you are correctly inputting the server details. Most devices these days have automatic email setup configurations, but those are only for popular email service providers. For other less popular email service providers or a work email address, this opens the possibility of a simple typo resulting in your email account being compromised. I could buy yhaoo.com, for example, and wait for you to try and connect to your email with a wrong server name. Once you try and connect to the fake server, I've just stolen your email and password.

Example of a unsecure connection for Yahoo.

Potential Security Risks

If your email account does get hacked, change the passwords on all other web accounts that your email account is associated with. This would include bank accounts, social media accounts or any other online account. If I have access to your email, I can look through your emails to find out what accounts you have. Then I can send 'forgot password' emails from these websites and gain access to your accounts. Then I can delete them from your inbox and you would never know.

Phishing

Be careful when opening links from people you know, as they may have had their email account hacked, and also trusted organizations. I can write a script in 5 minutes that sends an email out to you that looks exactly like a facebook email and make it look like it was sent from an official facebook email account. You then click on the link, which takes you to a fake facebook website that looks exactly like facebook, and have you login. Then I can steal your facebook user name and password. I can then redirect you to the real facebook.com website to make you think you just had a typo when logging in, so you try logging in again on the real facebook website, and then you go about your merry day not knowing I just got your account details. This is called phishing. Make sure to check the website address in the address bar of your browser to make sure it's the correct website. Any secure website will have you login from an https page. There will be a security bar/lock confirming ownership of the website and that your login submission is secure. When you see this, it means that a website has an SSL certificate. Your browser will verify the credentials of your website with a trusted SSL certificate provider and display that confirmation in the address bar. See the pictures below for examples.

Example of a phishing site that looks like Facebook.
Example of a secure connection for Facebook with FireFox.
Example of a secure connection for Facebook with Internet Explorer.

Any Questions?

Feel free to comment or ask me a question and I will do my best to answer.




About the Author

Brandon Orth

Brandon Orth

Brandon is a web developer with knowledge in HTML, CSS, PHP, MySQL, Javascript, and jQuery and has been developing since 2005. Brandon has been with IOGEAR since 2010. He is recently married with one kid, a Chihuahua, name Cisco (he was adopted with that name). Brandon enjoys playing golf, baseball, programming, science, technology, movies, music, and much more. Always make a side dish without onions and cilantro; he's allergic. Isn't that weird?