As a college student, you might regard the internet as your go-to resource for researching a term paper, staying in touch with friends and family, and maintaining your photo collection. The internet isn’t as private as many people treat it, however. Your personal information and safety could be at risk based on your online behaviors. The following tips will help prevent you from becoming the victim of cybercrime.
Disclaimer: Any information found within our website is for general educational and informational purposes only. Such information is not intended nor otherwise implied to be medical or legal advice by Student Caffé Corporation. Such information is by no means complete or exhaustive, and as a result, such information does not encompass all conditions, disorders, health-related issues, respective treatments, or recovery plans. You should always consult your physician, other health care provider, or lawyer to determine the appropriateness of this information for your own situation or should you have any questions regarding a medical condition, treatment or recovery plan, or legal situation. Click to read the full disclaimer.
Use common sense.
Personal safety of all sorts involves a lot of common sense. If you think that something on the internet doesn’t seem right, it makes sense not to click the link or open the email. Beware of connecting with “friends” who you don’t actually know or giving out more personal information than seems absolutely necessary. Recovering from identity theft or a stolen credit card can be a long, arduous process, and staying smart about your online purchases and your public presence may prevent you from ever having to go through something like that. Use your head when you’re using the internet, and follow the tips below to maintain privacy online and keep your computer and identity safe.
Know the lingo.
When a cyberattack is big enough or high profile enough, it makes the news. In 2017, Equifax was the company that you probably heard most about, when the personal information (including Social Security numbers) of millions of Americans was stolen in a cyberattack. These types of attacks don’t just happen to massive corporations, though. In fact, individuals are targeted every day. The following list will help you keep track of the words associated with cyberattacks.
- Spam: Any unsolicited and unwanted email; this can typically be “reported as spam” to your email account provider in an attempt to prevent further similar messages from making it to your inbox.
- Malware: Any form of malicious software that is intended to damage a computer, an operating system, or software.
- Virus: A form of malware in which malicious code infects a file or program. Once the file or program is opened, the virus becomes active. If the infected file or program is shared between computers via email, flash drive, etc., the virus spreads and infects other files and systems. Viruses may disable applications or destroy data.
- Worm: A form of malware that self-replicates and runs in the background while you use your computer. Unlike a virus, a worm does not need to be physically or electronically shared by a user to spread between files and systems.
- Trojan: A program that comes across as legitimate in an effort to get you to download it (like the gift of the Trojan Horse). Once it’s been downloaded, it becomes clear that you’ve downloaded malware. Trojans cannot self-replicate.
- Phishing: Any attempt to get you to give up your password, bank account number, pin number, etc. You may be emailed a link from a cybercriminal masquerading as a reputable company that asks you to login and confirm particular information after clicking the link.
- Spyware: Software that is secretly installed on your computer to collect data about your computer or online habits, which is then sent back to the hacker. Spyware may just collect information on the pages you visit or links you click, or it could watch everything you do every time you log on.
- Ransomware: Software that alters your computer so that you cannot login or access any programs or data. Once you attempt to use your computer, you will be given a message demanding a ransom payment in return for your computer being unlocked.
Use a firewall, an antivirus, and an antispyware program.
If your laptop doesn’t already come with some sort of internet protection (Windows Defender, for instance), many colleges will offer to install a security application free of charge. Colleges want to keep their students’ computers protected because schools generally offer only one or two WiFi networks for the whole campus. Any breach, then, has the possibility of affecting hundreds of other users. If you need to purchase a security system, what you need will depend on what type of computer you have. As an example, Norton Security protects both Macs and PCs against viruses, malware, and phishing (an attempt to gain sensitive information by a cybercriminal masquerading as a legitimate company).
Create a new email account for junk and newsletters.
If you are the type of person who signs up for online sweepstakes, coupon codes, and morning newsletters, consider creating a separate email account from your school or personal email to receive promotions. Not only will your personal inbox stay personal, it’ll also stay free of spam. Google, Microsoft, and Yahoo all offer free email services.
Only shop online with a credit card, not a debit card.
When you shop online, regardless of how reputable the website is, use your credit card. If you use your debit card, the money is automatically removed from your bank account. If someone steals your debit card information, then, it will give the hacker a direct link to your money. Using a credit card protects your bank accounts, and since credit cards don’t have to be paid off immediately, you have the chance to check your charges (and call your bank to dispute anything that doesn’t seem right) before you have to pay. Most banks will work with you if you’ve become the victim of credit card fraud; they may alert you to suspicious charges, freeze your cards and send you new ones, or reimburse you for any charges that you didn’t make. Thoroughly check your credit card bill each month and compare the charges listed to charges you know you made. If there are any discrepancies, immediately call your bank and report your credit card number as stolen. Consumer protections are limited after fraud goes unreported for 60 days.
Look for the lock symbol.
When you go to some websites, you will see a lock symbol (or the word “secure”) next to the URL. You may also see “https” instead of “http.” This means that your connection to that website is encrypted (making it harder to hack). Only make purchases from companies that provide you with an encrypted connection. Likewise, any site that asks for personal information, whether or not you’re paying for something, should also be secure. If you’re unsure whether a site is secure, don’t divulge any personal or banking information.
Be password smart.
Use different usernames and passwords for all the sites to which you regularly log in. Passwords should be complex, incorporating many letters, numbers, and special characters. Most sites will require that your password be at least eight characters long. For a stronger password, use a combination of uppercase and lowercase letters in addition to at least one number and one special character. Don’t use personal information (like the name of your dog or your address) in your passwords. For example, $@raH, although it has special characters and both upper- and lowercase letters, wouldn’t be a strong password because it clearly resembles a name.
Similarly, apps and sites that require a pin number to access should use different sets of numbers. Avoid using the same pin number that is associated with your debit card, skip using birthdays and anniversaries, and don’t use numbers in sequence (e.g., “1234” or “2468”).
If a site or app offers you the ability to implement multi-factor authentication when logging in, do it! This merely means that after entering your username and password, you will be prompted to verify your identity in another way before gaining access. You may be asked to set up and answer secret questions (e.g., “What was the name of your first pet?” or “What was your grandmother’s maiden name?”) or you may be asked to input a code that will be texted or emailed to you each time you try to login. Setting up multi-factor authentication adds more layers of protection to your accounts and apps.
Your phone or computer may have the ability to use biometrics (fingerprint or facial recognition) as an authentication method. Generally, these are hard to hack and provide an additional level of safety for your device, especially if it is lost or stolen. However, you should use biometrics in combination with a password or pin code for the highest level of security.
Finally, it seems obvious, but never share your password with anyone. There is no reason that anyone else would need to login to your accounts, period.
Be wary of links and attachments to emails and messages.
If a link comes from someone you don’t know, don’t click it. Links can embed all sorts of malicious viruses or just lead you to places that you don’t want to go. Hovering over the link without clicking it may display the actual destination, but when in doubt, just delete the email or message. The same goes for attachments. Unless you are expecting something and you receive an attachment from the person from whom you are expecting it, be safe and don’t open the file.
Don’t post personal information on social media.
While it’s perfectly okay to have your name displayed on Facebook, you may not want to advertise where you live and what your phone number is, especially if your account isn’t set to private or “friends only.” If people want to learn more about you, for whatever reason, social media is one of the first places they will look. Don’t advertise when you’ll be out of town, and don’t post anything you wouldn’t want your mother or a potential employer to see. The Student Caffé blog offers more information about managing your social media presence.
Keep your photos private.
It’s always important to be careful about what you say on social media, but it’s arguably more important to be vigilant about what photos you share online. Again, don’t share anything that you would be uncomfortable having your parent or a potential employer see. It’s easy to self-monitor what you upload to Facebook, Instagram, or another social media site, but it’s harder to monitor photos that are uploaded or shared by others. Keep yourself safe by increasing your privacy settings online. Facebook, for instance, allows you to choose whether or not you’d like to review a photo in which you are tagged before allowing it to show up on your profile. Photos that you or your friends may think of as harmless have the potential to do damage, especially if they depict illicit or underage activity.
Photos aren’t only shared over the internet, though. Individuals are turning to messaging services (iMessage, WhatsApp, etc.) to share messages and photos as well. Think twice before sharing private photos through messaging, regardless of who the recipient is and how much you trust him or her. Images can be shared among friends, used for bullying, or posted online. Keep your photos clean or choose not to share any over messaging at all.
Don’t fill out forms that require sensitive information when you are on an unsecured wireless network.
If a network is unsecured, it means that anyone could be using it. Inputting your name, address, and phone number can give hackers a direct line on your personal information. Putting in your credit card number, your debit card number, or your password for online banking is just asking for identity theft. Be especially aware of any forms that ask for your Social Security number. The only people who would ever need your Social Security number are the Internal Revenue Service, government agencies, your employer, and credit card companies.
Be wary when talking to strangers on instant messaging applications.
You may think that you’re talking to a cute college student, but you may, in reality, be talking to a convicted sex offender, an 85-year-old man, or a 13-year-old girl. Unless you are face-to-face with someone, you never know. Under no circumstances should you reveal personal information (name, neighborhood, school, birthday, etc.) about yourself, your friends, or your location to a stranger online.
Keep software and apps up to date.
You may have noticed on your phone that your apps need updating rather frequently. Sometimes these are routine changes (adding new levels to a game, for example), but sometimes these updates add extra security or fix a flaw found in the previous version. When you are prompted to update your operating system or your applications, it’s generally a good idea to do so. When software becomes outdated, it becomes more open to cyberattacks.
Backup your files and data on a regular basis.
If you do get hacked or your computer unexpectedly dies, you want to have a backup plan. This may come in the form of the cloud, an external hard drive, or a flash drive. Pick a date (the last day of the month, for example) and back up all of the files on your computer on that day every month. If you’re working on something particularly important, like a senior thesis, back up your files more frequently. This way, you’re not starting from scratch if you’re attacked by ransomware or if you spill juice all over your computer and drown it past the point of no return.
Page last updated: 12/2017