15 cybersecurity tips for staying safe from cyber attacks
The readers like you support PrivacySavvy to help keep up the good work. When you purchase using links on our website, we may earn an affiliate commission at no extra cost to you. Learn how PrivacySavvy.com makes money.
Do you always ensure to lock your house before stepping out? Do you care about your home security to avoid thefts? If your answer is a yes (which should definitely be), cool! But what about your online security? Ever wondered about staying safe from cyber-attacks?
Although, many internet users like you might think of a cyber attack as something focused on large organizations only.
However, few out there know that they remain as vulnerable to cyber attacks as any corporate organization.
In fact, today, these incidents have increased drastically, targeting every internet user. It means everyone, including you, should stay vigilant about protecting yourself online.
So, here I share a detailed guide for you on staying safe from cyberattacks.
What is a cyber attack?
To implement all the cyber security tips to protect yourself online, you should first understand what a cyber attack is.
According to the cybersecurity software and research firm Check Point’s definition, a cyber attack is an orchestrated online assault from a criminal(s) computer(s) to other computers.
Through these attacks, criminals tend to conduct various malicious activities.
A cyber attack is an assault launched by cybercriminals using one or more computers against single or multiple computers or networks. A cyber attack can steal data, disable computers, or use a compromised computer (or other devices) as a launchpad for other attacks maliciously.
Today, these attacks not only remain focused on attacking computers. Rather the attackers also target any other device connected to the internet.
That includes everything from your smartphones to WiFi routers to internet-connected home appliances like Smart TVs and home security solutions.
Different types of cyber attacks threatening you today
Although, most of you fear hacking attacks in the way usually depicted in movies.
However, in practice, hacking isn’t a big deal for an avid cybercriminal. Neither does the attacker have to manage lots of computers, nor does it always involve attacks pilfering money from you.
In fact, a hacker can simply target you by sending an email, a text message, or even a call. Or, they can hack your system by making you install an app, or simply by throwing a malware (or a virus) your way.
Usually, most cyber attacks that pose a threat to your online security fall in one of these categories.
- Malware attacks – hackers infect your device/system with a malicious tool.
- Phishing attacks – hackers trick you via tempting yet malicious text messages or emails.
- Ransomware attacks – criminals infect your device/network with malware that encrypts all your data and makes your system inaccessible. They then ask you to pay the ‘ransom’ to free your computer.
- Denial of Service (DoS) attacks – these attacks render your device or the entire IT structure out-of-service.
- Man in the Middle (MiTM) attacks – hackers intercept your network to snoop your online activities and steal your data.
- Cryptojacking – hackers hack your device to mine cryptocurrency for them.
- SQL Injection attacks – the attackers exploit a security vulnerability to hack your database.
- Zero-Day exploits – hackers exploit unpatched bugs in the apps or the operating system of your device to target users.
So, these are the most common ways through which a cybercriminal can specifically or generally target you. And, these are the things against which you need to defend yourself online.
Why do you need to protect yourself online?
If you are just an average internet user employed somewhere, a student, or a person at home, you might think of yourself as unimportant for the hackers.
Subsequently, you may want to ask why should you care about cyber attacks protection in the first place.
Well, to answer that question, let me make one thing clear for good. YOU are as IMPORTANT to CYBERCRIMINALS as any large organization or a millionaire is.
In fact, for a smart hacker, you are a preferred victim than anyone else.
It’s because you are easy to target. You are likely to have a low-level or compromised cybersecurity on your devices. And, you might be holding a lot of data useful for the hackers.
Your personal photographs to your videos, the documents saved in your smartphone or PC, your chats, and, your bank details, everything attracts hackers.
Moreover, by targeting your device, a hacker can target many other users as well without hassle.
They can then steal data from all devices, or develop a botnet to wage an attack against a robust target.
For instance, in a recently reported incident, the hackers compromised lots of Android smartphones via a malicious app. Then, they used all those devices to conduct a DoS attack on a security firm ESET.
So, staying safe from cyber attacks is necessary to not only protect your own data but to protect others too.
How to stay safe from cyber attacks
Now that you know what cyberattacks are, and why should you combat them, let’s start with how to do so.
Below, I have listed the best cyber security tips to stay safe from cyberattacks for you to employ. Regardless of what you do or where you live, applying these tips will largely protect your online presence.
1. Use a VPN
Like always, the key to staying safe from cyberattacks is to hide yourself online.
Of course, you cannot wear a mask or go invisible but you can certainly mask your online identity. For this, all you need is a VPN.
Wondering how will a VPN protect you from cyber-attacks?
Well, as you browse online, from the search engines (such as Google) to the websites you visit, everyone tracks you. These sources track your IP address, your location, your browser, and even your device.
That’s why you keep seeing ads of related products the moment you make a purchase on an e-store.
Moreover, as you browse online, the hackers keep looking for ways to snoop into your data. They look for bugs and intercept your network to access and steal the data. This can even make you lose your account passwords and other sensitive information such as your banking details.
With a VPN, you can certainly avoid all such tracking. It is because the VPN encrypts all the data generated from your device. Hence, even if a hacker manages to intrude on your network, he cannot see your data.
Likewise, a VPN also protects you from unnecessary tracking by websites. It changes your online location as it connects your device to the servers located in other geographical locations. Hence, as you connect to the websites, they see you as a user from the country chosen by your VPN.
With such a change of location, the VPN also assigns a different IP address to your device. Hence, even if the websites or search engines attempt to track you, they fail due to the fake country IP address.
Hence, with a VPN, you can quickly repel all possible cyberattacks heading your way.
Things to Consider While Choosing a VPN
Maybe, after reading the above point, you had done a quick online search to install a VPN and headed back to this article. Certainly, the overwhelming presence of VPN apps online makes it confusing to pick the right one.
So, to make things easy for you, here I list a few features that you should look for while choosing a VPN.
Though this might sound weird, but trust me, no free VPN is ever good for you. These VPNs usually ditch your privacy in one or the other way as they tend to monetize your data.
Whereas, in case of a paid VPN (a reputable, one though) you can stay relaxed that your data is in safe hands.
Moreover, since the service already takes money from you, it is more likely to provide you with good services to have you as a long-term customer.
Though, every VPN service claims to encrypt your data. However, what matters here is the level of encryption it offers.
Today, hackers have become much smarter to break encryption protocols as well. Yet, some protocols still remain impossible to decrypt by unauthenticated sources.
Hence, while choosing a VPN, watch out for the ones that offer robust encryption. Such VPNs certainly help you in staying safe from cyberattacks.
As you surf online via a VPN, you are likely to experience interruptions in the connectivity.
At times, due to poor internet speed or other factors, your VPN may get disconnected. In such instances, your data encryption halts, and you are exposed online.
It means during the few minutes of VPN disconnection, every website you visit can track you. Then, even after your VPN connects again, it will be of no good to you.
To combat this situation, many reputable VPN services offer Kill Switch.
It is a feature that kills your internet connection altogether the moment the VPN disconnects. In this way, it saves you from being exposed online.
The next thing that you should look for while choosing a VPN is how the service providers collect your data.
If everything is transparent, you are good to go. If not, then it’s better to avoid services with dubious terms and conditions.
Lastly, the thing that will guide you the best is the opinion of other customers.
Of course, some services put up fake or paid reviews as well on their products. But, if you keenly read all the reviews, you can easily distinguish between the genuine and the paid reviews.
So, check out what the customers say about a VPN. Certainly, the one with more good genuine reviews will also meet your needs.
Our Pick – ExpressVPN
Albeit, the market is flooded with VPN services. Yet, the one I like the most, and would defiantly recommend everyone to use, is the ExpressVPN.
You might ask me what’s so significant about it.
Well, at the moment, ExpressVPN tops the list of all VPNs available to date. It has got remarkable features, offers tremendous services, and takes care of your privacy like nobody else.
From the very affordable subscription plans to distinct features like no-logging, kill switch, inclusive military-grade data encryption, and fast speed, this VPN offers everything you would ever wish to see in your VPN.
Moreover, it has a huge network spreading over 90 countries with more than 150 servers. Hence, you get plenty of options to choose your online location.
Lastly, it never leaves you in trouble with its 24/7 customer support. It means the moment you get perplexed while using ExpressVPN, you can contact them right away for quick help.
Want to know more? Feel free to browse our detailed review on ExpressVPN!
2. Choose a smart anti-malware
Perhaps, you might already know what antivirus is, and would have installed one as well on your device.
But, having an average antivirus doesn’t ensure protection. Rather what you need is a dedicated security suite that also works as an anti-malware solution.
What’s the difference between the two? I hear you ask.
Although, people use these terms interchangeably. However, from a cybersecurity point of view, the two are different.
To understand this difference, you should first know the difference between a virus and malware.
Briefly, a virus is malicious software that harms your computer.
It replicates quickly whilst damaging the data files and spread over the entire system or the network. This is the most common threat you are exposed to. And, this is what an antivirus fights back.
Whereas, malware is a broader term that includes numerous malicious programs, one of which is a virus. The other types of malware it includes are adware, spyware, keylogger, ransomware, rootkits, and even crypto miners.
As you can see, these programs may or may not damage your files. However, they always invade your computer with undesirable intent. For example, the adware will barrage you with ads, something which you don’t want to see while working, do you?
Likewise, a cryptominer will exploit your computer’s power to mine cryptocurrency.
While this won’t directly harm your data files, it will certainly cause other issues related to excessive power consumption, such as damage to hardware. Not to forget about the excessive electricity bills.
So, an antimalware fends off all such programs with malicious intent.
Hence, for inclusive security, what you need is to load your devices with a good antimalware solution.
3. Improve your browsing habits
You should pay attention to this even if you are using one of the secure internet browsers out there.
While visiting websites, you may seldom look at the URL or the website address. However, this is the most important thing to do.
If you take a look at the URL, you will notice an “https://” or an “http://” at the beginning of the link. This is what you should take care of while browsing.
The “https” is a secure protocol implemented by websites that makes sure that your data remains encrypted as you visit the sites.
Though you are visible on the internet, as you visit these websites, your data gets hidden. Thus, any perpetrator spying on your online activities may not intercept that data.
This is especially useful for online stores and banking websites where you need to enter personal and billing details.
Even if it isn’t a banking site or an e-store, I still advise you to visit HTTPS websites only. With HTTP, you aren’t protected.
If you are a Chrome browser user, you may not see that ‘https’ easily. But you can click or tap on the address bar to see the full URL (such as the link of this article). Alternatively, you can be sure of the HTTPS status due to the padlock symbol appearing before the link.
4. Don’t fall for emails/messages from untrusted sources
Another common way through which anyone can hack you is ‘phishing.’
It is simply the cyber variant of fishing, where the hackers use emails (in most cases) or SMS messages, or instant messages (IM) in place of the hook.
They then show you some alluring offers as baits, like prize money for a lottery, the property of your distant grandma waiting for you to claim, or, they simply impersonate your bank or some other monetary scheme popular at your place.
Eventually, they expect you to get trapped in these offers (like a fish). With malicious links embedded or included in those emails or messages, the hackers strive to steal your details.
For example, if they pose as your bank, they will set up a malicious website like your bank’s legitimate website. Or, they may send you fake emails notifying you of suspicious activity on your Facebook account. In this case, the phishing web page would impersonate the login page of Facebook.
Consequently, if you fail to spot the attack, you are likely to enter your real credentials on the fake pages. And there you are ‘phished’! You shared all the required data to the hackers unknowingly. Now the perpetrators are free to exploit your details in whatever manner they like.
Sometimes, the phishing emails also carry attachments. For instance, the email would lure you to open the attached ‘invoice’ regarding some outstanding payments. Or, it would pose an important document sent from your employer.
In such cases, the attachments carry the malware that would execute on your device right after you download it. These campaigns are usually more damaging since hackers do not aim at merely stealing your credentials. Rather they intend to damage your system with the embedded virus or malware.
How to preventing phishing attacks:
Now that you know what phishing is, what you should do is to avoid trusting such emails or messages.
If you receive a message/email impersonating your bank, do not follow it right away. Instead, call your bank and inquire about the message. You will know whether what you received was legit or not.
Likewise, if you receive a login alert notification possibly from Facebook, or any other account like Gmail, Apple ID, Spotify, etc., better check your account independently by signing in to it on the other tab.
You can easily spot phishing emails by being a little vigilant. For example, an email with an enticing or panicking subject line, a text creating a sense of emergency and panic demanding urgent action from you, and a weird sender’s email address, all these things hint that the email you received isn’t genuine.
Besides, don’t be scared if you receive such messages or emails. In most cases, they are harmless on their own, unless you click on the given link or download the attachment.
5. Avoid installing apps from unknown sources
Whether you own an Android device or an iPhone, a Windows laptop or a MacBook, you would surely like to have it loaded with interesting apps, won’t you?
In fact, most smartphone users love using beauty camera apps, video editing apps, or other social media apps. That might include you too.
But, before downloading any app, did you ever verify the developers behind it? Did you ever check the customer reviews? Ever wondered why the app that made boastful claims didn’t work as intended on your phone?
If your answer is ‘No’, then you’re in trouble. And that’s the habit you need to change!
Although, having entertaining and useful apps on your devices is fun. But the cybercriminals know this habit of yours, and hence, prey on you this way.
These hackers simply create catchy and interesting apps that might entice you. But, after reaching your device, these apps show up the actual malware at their back. The malware then takes over your device, steal your data, spy on your activities, and harms you in any possible manner you can ever imagine.
You can find such apps flooding the whole internet. Whether it’s about third-party app stores, or the legit Google Play Store, Apple App Store, Mac AppStore, or Microsoft Store, hackers can penetrate anywhere.
Though, the chances of coming across harmful apps on legit app stores are minimal since these stores have various security checks in place. Still, the hackers can bluff them anytime and reach the store with an apparently harmless app.
Hence, what you should do is to avoid downloading an app unless you can verify the developers.
Moreover, always go through the user reviews and see what others say about the app. If it’s all okay, you may give it a try.
Though, sometimes, even the most top-rated apps turn malicious after a while if the developers are not known. So, what’s better is to only download the apps from the developers you know.
6. Never install pirated or third-party software
Well, this one is simply an extension of the point I explained above. Like apps, the cybercriminals also craft malicious copies of popular paid software and spread them on the internet.
Naturally, you would love to download a program for free for which you would otherwise have to pay a lump sum. That’s what the hackers exploit.
After downloading the malicious pirated copies from third-party sites, you unknowingly download the accompanied viruses too. Hence, you get trapped to hackers for merely avoiding a few bucks.
So, the next time you need to download Adobe Acrobat, Windows 10, Microsoft Office, or any other program, avoid choosing the free cracked versions and pirated copies.
7. Secure your online accounts
Apart from avoiding phishing attacks, you should also make sure that all your online accounts are safe.
Wondering how to do that?
It’s all simple. Every internet account requires you to maintain login credentials.
So, you just need to follow the best practices to keep your login credentials secure.
Here I list some quick means through which you can protect your accounts.
- Never reuse your passwords. Make sure to set up unique passwords for all your accounts.
- Create long passwords, (rather passphrases) and make them complex by adding numbers and special characters. For example, instead of ‘mypassword’, go for ‘mypa55w0rd’ or rather ‘[email protected]$$w0rD.’
- You can instead use password managers such as LastPass, 1Password, and KeePass, to generate unique passwords for you.
- Ensure not to use the same password for more than one account. Otherwise, a single data breach would suffice to make all your accounts across various services vulnerable to hacking.
- Employ two-factor or multi-factor authentication on your accounts. This will make sure that only you can log in to your account, filtering out any suspicious attempts.
- For sensitive accounts, or wherever you can, use hardware security keys, such as Google Titan, that fend off phishing attacks.
Besides, keep checking your passwords for a potential appearance in breached data. Troy Hunt’s Have I Been Pwned is an excellent option to check yourself for breaches.
8. Never save your login credentials online
Continuing with the above, here I want to emphasize the importance of protecting your login credentials.
Your responsibility doesn’t end at creating unique passwords. Instead, you should make extra efforts to keep your account safe, and that includes keeping your credentials secret.
So, briefly, never share your password with anyone. Plus, do not even save it in your device. Whether it is about saving passwords in your browsers, or saving credentials in separate files, never store any of these details on your phone or PC.
Otherwise, the moment your device gets hacked, you will lose your credentials to the hackers, no matter how unique and difficult to break they are.
9. Keep your devices updated
Another important thing you should do to keep protected from attacks online is to keep your devices up-to-date.
Although, this may sound weird since you may think of device updates and cyber attacks as two different things. However, they are much related.
Though, whenever you see your device software or apps updating, you might think of some UI tweaks. Perhaps, that’s what you would experience too.
However, not every update is meant for design or feature upgrades.
Rather, in most cases, these updates address various security vulnerabilities that the vendors may or may not disclose.
These vulnerabilities, upon an exploit by an attacker, may cause serious damages not only to the vendor but to you as the end-user too.
Therefore, the vendors roll out updates releasing the fixes with them. And so, you should always keep all your devices updated to the latest version.
10. Watch out for tech support scams
People getting scammed on PayPal and other online shopping sites is very common today, but hackers sometimes can target you via technical support scams, too.
What do you do when your PC freezes in the middle of your work, or a virus takes over your device? Perhaps, call a tech support service, isn’t it?
Though that is pretty normal, that’s what the hackers exploit about you as well.
While phishing attacks usually involve SMS or emails, another thing that you should be careful of is tech support scams.
In these scams, the hackers (rather the scammers) tend to con you by posing as technical support service.
For a successful attack, they may even reach you via phishing attacks, taking you to malicious web pages which would freeze your PC. Ultimately, you would be bound to contact the given tech support number that suddenly appears on your screen to help.
Or, they may also lure you into contacting them via advertisements.
Regardless of whatever they do, once you contact them, they then get better access to your system. They ask you different questions, including detailed personal and technical information of you and your home. They would even gain access to your PC and wipe off your data without you knowing.
In the end, what you are left with is financial and data losses.
Therefore, avoid contacting any cheap support service to fix your PC or your phone.
Instead, whenever you face any problem, get in touch with the genuine repair services near you. Or, contact the original makers of the device, or the operating system, to help.
11. Back-up all your data
Backing up your data is also among the most useful internet attacks protection tips that we always advise.
While you can keep your accounts secured and your passwords alongside the banking details protected by fending off phishing, you risk losing data in case of a malware attack.
And, if the attack involves ransomware, then you are in serious trouble.
Because ransomware attacks not only lock you out of your system but also encrypt all your data. Also, today, some ransomware threat actors have started stealing your data besides encrypting it.
Of course, to eliminate these attacks, it would be very expensive to pay thousands of dollars as ransom. That too, when you aren’t even sure that your data has remained private to you.
Hence, what you should always do on your part is to maintain a robust and up-to-date backup of all your data.
You can save your data in separate storage drives or better opt to use a free cloud storage provider, such as Google Drive, OneDrive, DropBox, and iCloud.
Recommended Reading: Make Dropbox More Secure
Encrypting storage drives (the hard drives) is also a great idea to keep your data secure.
Whereas, services like OneDrive also offer special data protection features like ‘Personal Vault’. It adds an extra security layer to your data, requiring you to go through two-factor authentication for accessing the secured folder.
You can then access your data back regardless of whether you suffer a ransomware attack or any other technical issue that makes you lose access to your system.
12. Delete unnecessary data from your device
Just as you need to back up all sensitive data, you should also delete it all from the systems readily accessible to anyone.
Although this may be a bit of a burden to keep connecting your storage drives again and again to your PC, that’s important.
Of course, if you keep all the sensitive data saved on your smartphone or PC, backing it up will do nothing to protect you. It will only save you from a data loss, but no protection from hacking attacks.
So, for staying safe from cyber attacks, delete all your critically important data from your device right after storing it in some other location.
Apart from deleting data, the other thing that you should delete at the earliest is any unused app.
Your device would have numerous applications that are from reputable sources but you seldom use them. Although, such apps may not always be harmful.
But little do you realize that you are unknowingly sharing all your data with the app since you have permitted it to do so. Whether you use it or not, the app will continue running in the background gathering your data.
At any time, if the app turns malicious, or a perpetrator exploits any of its security flaws, you become vulnerable to cyber attacks.
Hence, I strongly advise you to go through your PC or your smartphone. Check out all the installed apps, and delete whatever you don’t use or don’t need.
13. Avoid using public WiFi
After applying all the cyber security tips for your device, what’s left that still makes you exposed to cyber-attacks?
Public WiFi, or free WiFi!
Well, everyone loves using free WiFi available at public spots, like airports, hospitals, and even restaurants. But the hackers also know that you love free WiFi, and so, they also love free WiFi.
That’s why public WiFi serves as a safe haven for cybercriminals. The perpetrators leverage these hotspots as the ultimate opportunity to prey on a bulk of users without hassle.
Hence, as you connect to a public WiFi, your data becomes visible to the hackers, making you exposed to cyber attacks. They can steal your information, can take control of your device, and do whatever they want to do with your data.
So, what’s desirable is to simply avoid using public Wifi or free WiFi at all costs.
If you need an internet connection, it’s better to go with the one offered by your service provider. It’s paid, but it’s safe. Definitely, spending a few bucks is better than risking all your privacy and security, isn’t it?
However, if you really need to use Public WiFi, then make sure you use it with a VPN. Since a quality VPN like ExpressVPN encrypts all your data, it will help you in staying safe from cyber attacks possible due to public WiFi.
14. Use social media apps carefully
All right, now that you have secured your data, your devices, your accounts, have checked all the apps, and use your own internet, are you now safe?
The answer is NO!
Staying safe from cyber attacks is only possible when you actually think about it at all times.
You should not merely follow these tips just because I ask you to do so. Rather you need to recognize and realize your vulnerability to cyber attacks, and to stay vigilant at every second.
So, what’s left for you to apply now? Social media security.
By this, I don’t mean applying two-factor authentication to your account. Though it’s important, I already told you about it in point no. 7.
At this point, what I want to highlight is the way you use social media.
Of course, many of you would have updated countless statuses and check-ins on your Facebook profiles.
You would have heartily shared your personal details (your favorite food, favorite color, favorite place, birthplace, mother’s name, etc.) in response to various posts that look like fun-filled online activities.
But wait for a second here, and go through the above lines again. Did you realize that these questions look similar to what your bank asks you as your secret questions?
Perhaps, you won’t ever share your bank’s secret questions with anyone. But you just did on Facebook without proper Facebook privacy practices implemented at first-hand.
Will you now wonder if you witness fraudulent activities in your account?
Would you be shocked by how the hacker managed to know your secret answers?
So, that’s what you need to control.
Do’s and don’ts of social media
Using Facebook, Twitter, Snapchat, and other platforms is fun. You get connected with a lot of like-minded people globally.
But this doesn’t mean that you should be open to your social networking.
It’s good to be frank, but don’t compromise on your privacy. You never know when you unknowingly get connected to a cybercriminal on these platforms. Being open about your routine only puts your security at risk.
So, in short, don’t upload personal data as statuses, don’t post check-ins, don’t comment on activities asking your personal data.
And, lastly, don’t connect with persons you don’t personally know. If that’s something you can’t avoid, then do your best to verify the existence of the human behind that account.
15. Spread awareness about cybersecurity
The old proverb ‘Sharing is Caring’ couldn’t be more relevant for any other niche then cybersecurity.
Learning all about online security and the tips to staying safe from cyber attacks doesn’t end your responsibility.
Instead, after developing your knowledge, it becomes utmost important to spread awareness about it. That’s not for other’s safety, rather your own.
Of course, all your security measures will go in vain if your children don’t know about how to keep their home network safe.
Likewise, regardless of how much you spend on keeping your organization secure, if your work staff is ignorant, your firm remains vulnerable.
Therefore, as you learn about online security tips, spread the word among your family, friends, work fellows, and all acquaintances.
Tell them what cyberattacks are and how they are vulnerable. Make them realize the importance of online security and guide them about the tips to stay protected.
Staying safe from cyber attacks is the need of time.
Luckily, you don’t need to invest a fortune to keep your privacy secure. Instead, simply follow the cyber security tips elaborated above and you can surely repel most cyber threats coming your way.
What’s important, however, is to never consider your security measures as fool-proof. Just like the technology is getting smarter with every passing day, the cybercriminals also become more dangerous.
Thus, keep searching and learning about the best tips to fend off cyberattacks. And continue spreading knowledge among the people around you.
Stay safe everyone!
About the author
Abeerah is a passionate technology blogger and cybersecurity enthusiast. She yearns to know everything about the latest technology developments. Specifically, she’s crazy about the three C’s; computing, cybersecurity, and communication. When she is not writing, she’s reading about the tech world.