Many people unknowingly put their computers at risk by engaging in unsafe habits. Cybercriminals exploit these vulnerabilities to steal data, install malware, or otherwise gain unauthorized access. Here are the most common mistakes you may be making today which compromise your PC’s security, and how to avoid them.
5 alarming Windows cybersecurity facts you probably don’t know
Time to wake up and secure your PC
5 Downloading software from untrusted sources
Resist the temptation of free software
One of the most common mistakes is downloading files or software from random websites. Even if it is being offered for free, it might be modified to include malware, spyware, keyloggers, or some adware that will nag you with pop-ups all day long.
Cracked software might be the most dangerous of all. In addition to the fact that it's stealing from the makers of certain apps, the risk of infecting your PC is highly probable.
To avoid this problem, download software only from official websites or certified vendors that guarantee the safety of the products.
You may also use a sandbox or virtual machine to test the software before installing it on your working machine.
This problem can also be tackled by setting up the protection settings in your browser. For instance, Microsoft Edge has a feature called Block potentially unwanted programs available in Settings > Privacy, search, and services > Security. This feature can help prevent you from downloading such potentially hazardous apps.
4 Using weak or reused passwords
Go for a password manager and use complex passwords
Weak passwords can be easily brute-forced or guessed. We've probably passed that era when we used 12345, our name, or date of birth for passwords, at least I hope. Even using common words is not okay though.
However, the biggest problem is using the same password for multiple websites or accounts. If a website you log into is hacked and your password is vulnerable, all of your accounts may fall like dominoes if the password is being used elsewhere.
To avoid this problem, first, try to use multi-factor authentication whenever possible. Then, it’s a good idea to use a trusted password manager. If you don’t like that idea, make sure to create distinct passwords for every account. They should be at least 12 characters and contain a mix of letters, digits, and symbols. By doing this, you will strongly reduce the possibility of compromising the security of your PC.
I also use the Windows Hello Fingerprint recognition feature to log in to my laptop and as multi-factor authentication protection on accounts. It's a pretty efficient, fast, and reliable option.
3 Clicking on phishing emails & links
If something looks fishy, stay away
Phishing is one of the leading methods which compromise the security of your PC. Fortunately, you can counter any phishing attack with a little bit of attention to detail.
Phishing works by tricking you into entering your credentials on fake websites. You might get an email that looks like it is coming from a legitimate service or product, asking you to log into your account to benefit from certain offers, to change some information, or to check out an alleged payment. The bait email will provide a link to a fake website that looks a lot like the official one you're familiar with. However, when you log in, you will actually be sending your credentials to the attacker, who then will be able to use them to log into the official site and steal your data or money.
That’s the basic mechanism of phishing, but the techniques have become more sophisticated than they used to be. A phishing attempt may recommend downloading and installing software that will trigger a malware attack to steal information from your PC. To counter this problem, you have to be vigilant and inspect the e-mail, its content, or the website you are redirected to and spot the differences between the fake and the official version.
As a general rule, don’t click on any links inside the e-mail. Just go to the official website of your service and verify the information, offer, or whatever the message is offering. Most of these e-mails are blocked by spam bots from your client, but some of them get through and may take you by surprise.
2 Disabling or ignoring antivirus and firewall protection
There’s a reason for the antivirus warnings
Your firewall blocks unauthorized access to your PC. Also, antivirus software detects and removes malware, spyware, and ransomware. The first step for most malware and viruses is to disable your antivirus and firewall if they can do that. If you notice that any of these shields are disabled, and you didn’t intentionally do that, it’s a sign of trouble.
However, if you disable them just because they are blocking the installation of software, you’re inviting trouble on your PC.
Of course, there may be some software that is wrongfully detected as malicious by certain antivirus programs, which may make you feel like disabling it temporarily. The so-called false positives are not that common though. You should be absolutely sure that the software is trusted before going past the antivirus or firewall recommendation. If you have any doubts, don’t install or download that file or software.
1 Ignoring software and OS security updates
Security patches are a must for almost any program
Every month, Microsoft issues patches for dozens of software vulnerabilities during Patch Tuesday events. Some of them are for critical or even exploited vulnerabilities. Not all of them are impacting regular users, but those are just for Microsoft products.
Many other software companies and developers patch their software regularly to avoid such vulnerabilities. However, many older or abandoned programs are not updated anymore.
Obviously, installing the latest security updates for your OS and software will play an important role in protecting your PC's security. Most applications (and your OS) will receive automatic updates unless you disable them. Some of the updates may also come with minor issues, but it’s a small price to pay to keep your PC safe.
All these mistakes can be avoided
Overall, just try to remember not to download software from untrusted sources, use distinct and strong passwords, don’t click on fishy links in your email, don’t override the antivirus or firewall protection, and keep your software up to date.
In order to further protect your PC and data, you should also avoid some common mistakes when using your browser.