Online safety, or what rules should be followed?

The Internet gives its users access to unlimited possibilities - to perform their professional duties remotely, to shop, to learn or to be entertained. Unfortunately, using the potential of cyberspace also entails a number of risks, which should be protected against. Why is it important to take care of online safety?

Online safety - what is it?

The Internet has revolutionised the world, transforming itself not only into a tool for transmitting information, but also becoming a space of complex virtual reality. Through it, people shop, transfer money, do business or deal with official matters.

The use therefore goes beyond entertainment (which also carries many risks) and includes the processing of sensitive data, such as personal data or passwords to access systems and applications.

As technology advances and the internet develops, new methods of theft and fraud are emerging that are increasingly sophisticated and effective. This does not mean that there is nothing that web users can do about it. They will be protected from many threats by following key security principles.

What is online safety and how do you take care of it?

The term network security covers all measures that aim to protect users from a variety of threats. In practice, this means safeguards against cyber attacks, theft of confidential data or loss of access to individual services.

Every internet user is exposed to a range of risks, with the elderly and children being particularly vulnerable, becoming frequent targets for fraudsters. It is crucial to inform these age groups of the potential risks and educate them about online safety. However, these risks also extend to people for whom going online is a daily part of life. It is important to be aware that anyone using the internet can become a potential victim of these abuses.

One of the most common forms of crime in cyberspace is gaining unauthorised access to personal data. It is common practice to impersonate a person in order to, for example: take out loans, so called instant loans or leases, use payment card data to perform financial transactions.

Phishing i pharming

To defraud people of confidential data, fraudsters use tried and tested methods, one of the most common of which is phishing. This technique involves impersonating various institutions, companies or even the victim's family and friends, with the aim of creating as much trust as possible. Because phishing manipulates the victim's emotions, it is very difficult to detect.

Cybercriminals send SMS or email messages to their victims or communicate with them via social networks. In this way, they try to trick the user into providing data or accessing a dangerous website. A popular practice is to impersonate a potential victim's friends and get them to make a BLIK transfer, which is then credited to the fraudster's account.

Potential threats include any suspicious messages on social networks, e.g. Facebook or Instagram, advertisements as well as emails or text messages. Emails are most often sent from foreign addresses, not associated with the sender of the message, and may contain inconsistent content, e.g. with numerous syntax or spelling errors. Such a message arouses emotions and induces one to act under their influence. In addition, it usually contains a link or attachment.

The method known as pharming, on the other hand, involves modifying the web address (usually by infecting the DNS server) so that the user can be redirected to a fake website that looks confusingly similar to a legitimate website provided by an entity such as a bank. The fake website is controlled by the fraudsters.

Malicious software - malware

Malware can take various forms such as viruses, scareware (false notifications that a device is infected in order to facilitate a cyber attack) or ransomware (blocking access to files or a device and demanding a ransom for them) are tools commonly used by hackers. These software programmes are deliberately designed to harm users. Using it, cybercriminals aim to steal payment card data, gain access to bank accounts or use the victim's device to mine cryptocurrencies, among other things.

Cyberbullying

Online safety is not just about protecting against identity and financial theft. A huge threat to which children in particular (but not exclusively!) are susceptible is cyberbullying. Cyberbullying is a form of aggression and harassment transferred to the online environment. It can take various forms, such as offensive comments and any other verbal aggression, humiliation, exclusion, publishing private, intimate content or creating accounts and websites that ridicule the victim.

Cyberbullying is a huge threat to young people, so it is extremely important to keep children safe online. Cyberbullying can have serious consequences for victims, both psychologically and socially. In this context, it is important to raise awareness and talk about the potential dangers.

Parents and carers should bear in mind that it is not only the usual suspicious sites, such as those related to gambling or pornography, that pose a potential risk. The portals and apps that children use on a daily basis for entertainment are also at great risk. It is the channels of communication commonly used by the youngest that attract people who may pose a threat to them, all the more so because these people can remain anonymous.

How can online security be ensured?

Anyone using the internet should be aware of the potential risks, but how do you keep safe online in practice? There are plenty of practices and rules to help prevent potential scams and attacks. It is worth adhering to each of them so that the virtual space is associated with new opportunities rather than the unpleasantness of being scammed or stolen.

Unikanie phishingu

Above all, do not, under any circumstances, click on links contained in messages that you consider suspicious or that arouse emotions in you. Do not open or download attachments or log on to platforms indicated by the sender until the identity of the person requesting information has been verified. To do this, you can contact the institution indicated in the message directly (using a communication channel other than the one indicated in the message or telephone call).

Do not give out any information on websites or in a telephone conversation if you are not sure of the authenticity of the website or the person you are talking to.

Attempted fraud can be reported to the relevant institution, e.g. to the Financial Supervisory Authority. www.cert.pl .

Using strong passwords

This seemingly obvious rule can make it significantly more difficult to steal confidential data. In order to keep your password strong and effectively secure your online accounts, there are a few key rules to keep in mind:

• Password length: The longer the password, the more resistant it is to attacks. Passwords with a minimum length of 16 characters are recommended.
• Password complexity: A password should consist of various elements such as upper and lower case letters, numbers and special characters, which significantly increases its difficulty to crack.
• Password uniqueness: Each account should use a unique password, which minimises the risk of multiple accounts being hacked.
• Password confidentiality: Do not share your password with others and save it in places easily accessible to others.
• Password manager: Using a password manager is a secure way to effectively store and manage multiple strong passwords.
• Avoid obvious combinations: Avoid using easy-to-guess combinations such as '123456' or 'password'. It is definitely better to bet on more complex structures.
• Use of additional authentication.

While there is an ongoing debate as to whether passwords are actually the best way to access accounts, for the moment it is the most common form of account security.

Despite the ongoing debate over alternative authentication methods, at present the use of robust passwords remains a widely accepted and effective practice for securing online accounts. However, it is worth being aware of evolving security standards and adapting practices to the changing reality of cyber security.

Two-step verification at login

How to improve online security when logging in to different services? Some platforms allow their customers two-step verification when logging in to a service. This is an additional confirmation of the identity of the person logging in.

This solution is used in particular for banks and is really worth using. The reason is that even if the login credentials in the form of a username and password are intercepted by criminals, as long as the fraudsters do not have access to the second authentication component, they will not log on to the victim's service. An example of such security is the use of credentials in the form of a login and password, plus a verification code that comes in the form of an SMS message to a number previously provided by the account owner.

Regular software updates

Many people forget to update their software or postpone it. This is not a good decision, as the current system best supports protection against cyber attacks. This is due to the ongoing removal of any system bugs and security vulnerabilities that make it easier for cybercriminals to infect a device with malware and launch other forms of attacks.

Installation of an anti-virus programme and protection with a firewall

A very important part of online security is to install a good antivirus programme from a reliable source. Furthermore, it is also a good idea to protect yourself with a firewall.

Avoiding public Wi-Fi networks

Any public, unverified and non-password protected Wi-Fi networks can be a potential danger to data privacy. If you connect to such a network, you should be very careful not to give out any confidential data (including credentials, i.e. login and password), e.g. do not try to log on to a bank website. If there is no alternative to connecting to such a network, a VPN (virtual private network) should be used to protect data from unauthorised access.

Prudent publication of content

An extremely important aspect is to publish content prudently. It is not advisable to do it hastily, e.g. under the influence of emotions. It is important to bear in mind that any photos, videos or written statements can be used against their creator. In addition, the spread of information in cyberspace means that once published, material can quickly reach a large audience and may be very difficult, if not impossible, to remove. You should read the privacy policies of the sites where you host content.

Why is online security so important?

Online security awareness is a key protection against criminals operating in cyberspace. Understanding the potential threats and how to mitigate them makes it more difficult for criminals to trick new victims.

However, it is important to remember that once acquired, knowledge is not enough. The Internet and technology are constantly evolving. As a result, new methods of fraud and risks for online users are constantly emerging.

For more information on online safety, please visit our website: inpost.com/security .