6 bad cybersecurity habits everyone should give up

Welcome to Threat Intel’s #WednesdayWisdom column, a weekly read to help improve your cybersecurity knowledge and keep you informed on important developments.

At this time of year, when spring is in the air and we leave winter behind, people often try to take up some new habits, and leave bad ones behind.

A habit everyone should try to adopt is better cybersecurity practices. With that in mind, here is a list of some bad online security habits that everyone should try to give up.

Get rid of those bad cybersecurity habits

1. Re-using passwords

People in the know about online security are always saying how important it is not to re-use the same password across multiple online accounts, yet it is something people continue to do. Major data breaches at companies such as LinkedIn, Yahoo, and MySpace in recent years have underlined the dangers of re-using passwords online. If you have the same password for all your accounts you make it a lot easier for hackers to invade your privacy or steal information about you. Use a strong and unique password for all your online accounts. Using a password manager, such as Norton’s Identity Safe, can help you manage having a vast array of passwords.

2. Using terrible passwords

An analysis by a security team of the passwords leaked in the 2012 LinkedIn breach revealed some unsurprising information — people are still choosing terrible passwords. 123456, LinkedIn, and Password were the top three passwords revealed in that breach, and every year we see lists in the media revealing that people are still using easy-to-guess passwords. Choose passwords that are long, strong, and unique, and which feature a combination of upper and lower case letters, numbers, and symbols. Do not use things like your name or date of birth as passwords.

As unbelievable as it may seem, people are still using ‘password’ as a password. Image via Giphy

3. Not paying attention to the permissions you grant apps

Many people, when downloading apps to mobile phones and other devices, often mindlessly accept whatever permissions the apps request. However, you should pay attention to the requests apps are making, as some apps may be gathering more information about you than you realize, such as location information. This can have privacy implications, and also means that more of your data than you may realize could be at risk if the app was compromised. Always read the small print before agreeing to app permission requests.

4. Opening and following links in unsolicited emails

Phishing, and especially targeted spear phishing, is still a big area for cybercriminals. Cybercriminals will often send an email asking you to follow a link to do something such as ‘change a password’ or ‘log into your online bank account’ in an effort to steal information that will give them access to your online accounts. Do not open emails if you do not know who they are from. Do not follow links in emails unless you are 100 percent sure they are genuine. Type the address for the website — such as your bank — into the address bar, so you know you are going to the legitimate website. If you think you have been sent a phishing email, delete it, and if it was purporting to be coming from an organization such as your bank, alert them to the fact that someone is using their name in a phishing scam.

5. Not applying updates

Everyone has been guilty of hitting the ‘Remind Me Later’ option when urged to download updates for devices, apps, or browsers. However, this is a mistake, as failing to download updates means you could miss out on having potentially serious vulnerabilities in your browser or software patched. Leaving vulnerabilities unpatched means you could be an easy target for cybercriminals.

People don’t always pay enough attention to mobile phone security

6. Failing to have security packages on devices

Protecting personal computers or laptops with security software and applying software updates has become common practice. However, despite the fact that we now have so much personal information on our smartphones and tablets, users can still take a relatively lax approach to security for those devices. A full-featured security package such as Norton Mobile Security can help protect sensitive information stored on your mobile devices.

Check out the Security Response blog and follow Threat Intel on Twitter to keep up-to-date with the latest happenings in the world of threat intelligence and cybersecurity.

Like this story? Recommend it by hitting the heart button so others on Medium see it, and follow Threat Intel on Medium for more great content.