Security

Below you will find general information about how to use the internet safely and basic rules we recommend you apply when browsing online, including when making online transactions.

Best navigation practices

In general practice, there are a number of minor but critical elements that you need to keep in mind when browsing online. The most important thing is not to leave your computer unlocked and make sure you only shop on secure sites. Always check the Padlock prefix and https:// on any site you visit. This means that the site is secure / encrypted, data traffic interceptation will not be possible between the device (laptop, phone, desktop) and the router on which it is connected.

This advice is especially important when using you credit card information or other sensitive information. It's also a good idea to clear your history, downloads, and cookies as often as possible. This helps your device run optimally, faster, and also leaves less information behind, which can often be tracked and monitored.

When browsing online, it's a good idea to make sure your browser is updated. Hackers often exploit vulnerabilities already known and fixed in browsers that do not have the latest security updates against recently discovered vulnerabilities. Also, when using an application or any type of software, always read the privacy policies. These can be quite long. However, if users actually read the data accessible through these applications, they are much less likely to use it.

Avoid PUAs

A potentially unwanted application (PUA) is a program that a user can download and proves to have unwanted side effects. They are not considered viruses or malware. An example is a free software application that promises to protect your computer from viruses, but it changes your default search engine and it is difficult to change. In addition, they can occupy important system resources.

The truth is that a lot of free apps can turn out to be PUA. Download only reputable, high-rated applications and programs that have stood the test of time. It may be helpful to limit yourself to a few high-quality programs instead of using various extensions, add-ons, and antivirus programs. So do not download PUAs that say they will improve safety or speed, as they can often do the opposite. Limit yourself to well-known and high-quality services.

Never use public WiFi

Hackers have created fake WiFi hotspots with names like „free public WiFi." When you connect to their network, your data is theirs. Make sure the network you are connecting to is genuine.

Also, an attacker can use a public WiFi network, already existing such as the one in the restaurant, public spaces or buses to monitor the traffic of all those connected to that router.

Always activate 2FA

2-factor authentication (2FA) is one of the most important security precautions you can take when browsing online. Even if you take all the necessary security measures, there is still a chance that your username and password may be compromised. Hackers are creative and innovative in many ways. But with 2FA, even if a hacker has access to your online shopping account or email address, you're safe.

With 2FA a code is sent to the smartphone every 30 seconds. You need this code to sign in to your account. So when a hacker has your username and password, they won't be allowed to sign in to your account because they won't have the additional code that changes every 30 seconds. Whenever you use a new browser or log in with a new IP address, you will be requested to enter a 2FA code. The best and most popular 2FA application is Google Authenticator. It is available on Android and IOS. You can link multiple websites to your 2FA account.

Social Networking Dangers

Social Engineering

It is a way used by hackers to gain access, steal information or infect your systems with malware. In a Social Engineering attack a hacker will send you a personalized email that perfectly mimics the correspondence that usually comes from someone you know. At other time, the attack is less personalized, exploiting a larger number of recipients with generic emails that appear to come from widely used applications, e-commerce sites, and financial services firms.

Phishing is the most dangerous method of Social Engineering. In this situation, hackers use information taken from your LinkedIn, Facebook, Instagram, Twitter profile etc. To fool you hackers can contact you by phone, email, notifications, etc.

Phishing

It is an email attack sent to a specific person or organization. Its purpose is to obtain confidential information such as usernames, passwords and credit card details by disguising itself as a trusted entity. Usually, performed by email or instant messaging, it often directs users to enter personal information on a fake site, the appearance of which is identical to the legitimate site.

It is an example used to deceive users. Users are often drawn to messages that claim to be from trusted parties, such as social sites, auction sites, banks, online payment processors, or IT administrators. The annual impact of global phishing is estimated at nearly $ 5 billion.

Malware

It is a type of software designed to damage or infiltrate a computer, and / or damage or infiltrate entire computer networks without the consent of its owner.

Most often, the malicious software is used to take, without the owner's consent, personal information from the infected computer, such as: passwords, bank data, other confidential information.

It is recommended to avoid clicks on shortened URLs. You will receive such notifications from hackers hiding behind social media applications: Twitter, Instagram, Facebook, Linkedin. If you click on such a link, it may direct you to a site that installs all sorts of malware on your computer.

Saving passwords in browser or password manager

Idea::Bank does NOT recommend saving usernames and passwords in the memory of the internet browser (Chrome, IE, Opera, Safari). Such a practice can bring with it a huge risk that an attacker will gain access to all your accounts just by simply breaking the account to which the browser is linked.