InfoSec Blog - 7 Tips on How to Stay Safe Online for University Students
January 17, 2020
With the start of a new semester, here are some tips that can help you with your online security and how to limit the risk of a compromised account.
1. Avoid downloading entertainment from third party app stores
Downloading applications from known sources like Google Play and Apple’s App store can minimize significantly the risk of downloading malware along with an app. Malware could lead to banking and credit card information theft and result in fraudulent transactions and purchases. For music, YouTube and Spotify offer a variety of free music without the worry of “Is this safe?”.Music providers like iTunes, provide with low cost safe music services. Movies is always one of the most common categories where BitTorrent is big. Fortunately, there are plenty subscription-based services offered nowadays at different price levels that can cover a variety of needs.
2. Beware of Phishing Campaigns
Around days like Black Friday and Christmas, when there is a higher volume of online orders, students’ awareness of scams and phishing attempts needs to be heightened. For example, e-mails including order confirmations from products that were never bought are common. That makes tracking your e-mail, credit card and banking account closely, essential as well as not falling victim to false order links.
3. Be mindful of hotspots and your wifi connections
While on campus, you can use UoG-Wifi-Secure but what happens with public/open networks such as your neighborhood’s coffee shop? In general, using a VPN product is often a fairly inexpensive solution comparing to the risk of having your personal information stolen, since it encrypts all communications. Disabling the automatic connecting to wifi networks in your mobile devices can help you avoid these risks as well as setting your computer not to be detected by other devices in the same network.
4. Online presence in social media
In the recent years having an online presence might seem like a default state for young people but take a step back and rethink what you post online.
- Use settings like reviewing the posts you are tagged in, or completely disabling the option from being tagged by other people.
- Avoid posting pictures while you are away on a trip, since that way you let other people know you are not home. You can always post them when you are back.
- “Close off” your profile and what other people can see.
- Avoid adding personal information like birthdate, school, pet’s name since these might be answers that you have given to security questions or even used as passwords.
5. Online transactions only with HTTPS sites
When you are thinking about completing a transaction online, pay close attention to the site’s URL. HTTPS sites have a lock icon in the beginning of their URL but it is important to be aware that hackers can also fake an HTTPS site. It is better to go directly to the source, instead of following links in a promotional e-mail.
6. Use Two-Factor Authentication
Multi-factor authentication is used by most banks and a variety of the most popular websites and applications. Having a 2FA adds a protective layer to your accounts therefore can be essential. Options on how to receive the information from the 2FA include text message, e-mail and recorded message. In addition to these “virtual” options, you could invest in getting a physical token that you can attach to your keychain. They work in similar fashion, primarily to authenticate computers and mobile devices for a plethora of apps.
7. Updating and keeping backups of your devices
It cannot be stressed enough how important is to keep all your devices and applications up to date as with every update you receive bug fixes, new features as well as removal of old ones and of course, security updates. Backing up your devices can help you when your computer crashes, but you still have that final paper you need to submit. Investing in an external hard drive, space on the cloud or a USB is definitely something that is worth looking into.
Written by: Eirini Roumpa (Identity and Access Management Analyst, Information Security)