Nine “justs” that threaten your security

Some habits, at first glance, seem to have nothing at all to do with security. However, looks can be deceiving.

All of us use the Internet and have by now probably settled into some online routines. For example, the first thing many people do in the morning is check their e-mail. Such actions seem so normal and natural that we just do them and don’t think twice. But perhaps we should. Some everyday habits negatively affect our life in general, others only one aspect of it: online security. That’s what we’re here to talk about.

With the above in mind, pause and think if you ever…

1. Just download applications

You read about a new cool app for music streaming, you’re looking for a fitness tracker or task manager, or maybe you’re after a browser add-on for downloading photos or music from social media. Eager to install, you go right to the “I Accept” button…

Stop. What are you accepting? Have you ever wondered what it is you’re actually letting the app do? Many apps demand a lot of permissions on your devices, including some that can seriously harm you. In this post, we examine in detail the dangers of granting certain permissions to apps on Android-based devices. Roughly the same principles apply to add-ons for browsers like Chrome and Firefox. They too are rights-hungry, and users too often oblige without reading the small print or even pausing to think.

2. Just walk away from the computer

If you need a break from the screen, what do you do? Just get up and walk away. What’s bad about that? Nothing, as long as you remembered to lock your computer — and set it to require a password to get back in. You’ve got one, right? Sure, it’s a nuisance having to enter it every time, but it’s not half the nuisance you’ll face if a passerby gets total access to your data — which they’ll have in an instant if you leave your computer on and unattended.

Therefore, create a strong password and get into the habit of pressing Win-L (Windows) or Ctrl-Shift-Eject (Mac) when leaving your workstation for any period of time. Yes, even at home. That way, it’ll become a habit, and you’ll never leave your computer unlocked, say, in a café or at work.

3. Just ignore updates

Yes, update notifications can be tiresome. But did you know that 99% of Windows computers are prone to hacking because of vulnerabilities in just eight apps? They include popular browsers, media players, Flash plugins—you probably use at least one of them. These applications are closely monitored by cybercriminals because vulnerabilities in them can be used to attack the maximum number of users.

For that same reason, popular apps are constantly probed for weaknesses both by researchers (who regularly inform companies about detected flaws) and developers (who release updates and patches to fix these security holes). Don’t just dismiss update notifications; doing so leaves your system at risk. Instead, make it a rule to install updates — your system will be much safer as a result.

4. Just do lots of stuff all at the same time

Doing multiple things at the same time is also known as multitasking, and modern research tells us that it’s not good. It can harm not only your concentration and productivity, but also your security.

With so many on-screen distractions, multitaskers tend to pay less attention to what they’re opening, clicking, downloading, and so forth. The multitasker is easy prey, more likely to be fooled by a phishing website, download malware masquerading as a legitimate program, or do something similarly foolish—all because their mind is elsewhere.

Moreover, multitasking makes you more tired and consumes your time. So try to close the endless row of tabs in your browser and focus on what you’re actually supposed to be doing. Whatever it is, you’re sure to do it faster, better, and safer.

5. Just take a peek

Sometimes curiosity overtakes cautiousness. Who among us isn’t guilty of going, at least once, to a site or clicking on a link simply because the title looked interesting? If you’re a frequent offender, it’s probably past time to change your behavior. In particular, avoid sites with especially juicy titles, which are more likely to be malicious.

Unfortunately, it’s not always possible to determine on your own whether to trust a particular site. That’s where security solutions come in, with their databases of malware and phishing sites, as well as tools to spot suspicious activity.

6. Just accept the Terms of Service

You’re hardly the only one who uses this or that program, and terms of service are boring. Surely there’s no harm in just clicking through, right?

Not quite. Very few people read license agreements, and developers often benefit from the fact that no one knows what’s hidden in there. Here you can read a light-hearted yet slightly scary collection of shocking things encountered in various companies’ EULAs. We also recommend that you take a look at a site called Terms of Service Didn’t Read, which analyses the user agreements of some popular resources and provides highlights (and lowlights) in plain English. In general, license agreements are worth reading. Check out our blog post about EULA gotchas for some tips on keeping it as painless as possible.

7. Just register on sites using social media logins

“Register here” or … aha! “Sign in with Facebook.” Using a social media account to sign in gives you access to a site or app in two shakes. Convenient, right? But if someone hacks your Facebook page, they’ll immediately get access to all other accounts linked to it.

There’s another problem: When you sign in to a site using a social media account, the site gains partial access to your account data. True, it’s public information only, but you might not be too happy about it all the same. It’s a bit like going into a store holding up a poster displaying your name, hobbies, and other information about you in large print — we probably wouldn’t do it.

8. Just register — here, there, and everywhere

How many accounts do you have online? How many of them do you actually use? Do they all have unique passwords? What happens if a service you haven’t thought about in years springs a data leak? If possible, it’s best to delete any accounts you no longer use or need. They’re the ones that are most vulnerable, because you no longer monitor them, yet they hold valuable information such as your e-mail address, phone number, password, and other sensitive data.

9. Just post stuff

Anything you’ve published — say, your phone number — will never again be private. The Internet remembers everything, and efforts to remove something can backfire (see the Streisand effect). Therefore, before you publish or post anything, ponder this: Are you content with this information remaining on the Web and being accessible to anyone, anywhere, forever?

The most remarkable thing about these nine “justs” is just how unremarkable they are. People do them frequently and mechanically, without thinking about the consequences. Now that you’ve read this post, have a go at catching yourself in the act of doing something you now know to be unsafe. Take the time to think about what you do online and how you do it — you’ll thank yourself for it. Our parting words of advice would be to turn these “justs” into hackproof habits. For some more golden security tips, take a look at this post.

Tips