How to Protect Yourself Online

Isuru Pamuditha
13 min readApr 2, 2022
Image Source —

The Internet is a wonderful tool. If you walk into a public place, doesn’t matter where it is, you might notice that a significant portion of people is focused on their phones browsing the internet. Even though the vast majority are very keen to spend time online whenever possible, most internet users lack adequate knowledge about how to protect themselves on the internet. The Internet is truly an engineering marvel. You can find information about anything, buy anything and talk to anyone within seconds because of the power & effectiveness of online services. But as you know, the internet is not a 100% safe platform. It does not have an owner or a governing body. This freedom of the platform is one of the reasons for its dramatic development and also for its horrifying depths. By the time of 2018, over 20,000 malicious mobile apps were blocked daily and fake ad traffic-generating apps had been downloaded more than 115 million times.

The importance of understanding how the internet works & how hackers get hold of your sensitive information is growing day by day like never before due to the huge increase of online scams over the last couple of years. So, let’s take a look at the actions, one can take to ensure that their information & privacy is protected online.

Use Strong Passwords

The password of an account is what separates you from another which tries to access your information unauthorized. Therefore, you must create a strong password for your account first of all. A majority of the online services won’t text or email you about a new sign-in to your account or about any suspicious activity related to your account except the technologically advanced service providers such as Google & Facebook. Therefore, even if someone else gets hold of your password for a certain account you won’t be able to know and you will most probably keep using the same account the same way that you are used to until something goes wrong. That is why a strong password is essential to any account. In the present, you can see a password strength indicator in almost all password-setting pages of the relevant website. Use that tool effectively and try to use a mix of both capital/simple letters, numbers, and other symbols. Such a password is much harder to crack. Here are 20 of the most common passwords used on the internet.

“123456, password, 123456789, 111111, Admin, Password1, sunshine, qwerty, iloveyou, admin, welcome, abc123, 123123, football, 654321, !@#$%^&*, qwerty123, donald, nothing, secret”. So if you have one of these as your password or a combination of some of these, it is highly recommended for you to reset it because the security of your account is highly vulnerable. Using your birthday, pet’s name, your name is also not recommended because it is possible to build programs that can crack your password by using those data as keys.

Security Solutions

Always use a paid virus scanner to protect your devices and make sure you keep it up to date (updated) by checking frequently for updates or allowing auto-update. Various services are provided by the leading online service providers to ensure your safety. Some of these services are free and some advanced services are also available for a fee. It is recommended to use these because you cannot put a price on safety. This type of security solution covers all their connected devices and protects against all the different types of threats such as spyware, viruses, malware, financial-trojans.

Always using licensed software and updated versions is another good practice because the updates which come occasionally not only carries the relevant bug fixes but also the security patches which makes the software/devices more protective. Therefore, using licensed software and its updated versions is important. As an example, the older versions of Internet Explorer are notoriously insecure. Therefore, it is recommended that you use a better-updated browser instead for daily use.

It is always a good practice to backup your data regularly to a safe account as a security step. Because if you become a victim of a malware/ransomware attack, unfortunately, there’s a higher chance that you won’t be able to get your data back. Therefore, even if you get into trouble in such a way, it won’t be a total disaster if you have your valuable data backed up frequently.

Try to Minimize the Use of Public Computers

A lot of us are used to signing in with their email accounts and other social media accounts on public computers. Especially in their working place or school. If the computer is not a device that has been given for your personal use, it would be better to not use it for your accounts because public computers can contain various malware and viruses which are designed to steal your data. As an example think of a library computer or an internet cafe computer as a public toilet you never know who has used it before. On the other hand, your passwords might be auto-saved in someplace in the browser without you knowing and others will be able to see them and use them. That is why you need to be careful when using public computers. You can always use the ‘Incognito Mode’ to access your accounts if there’s no other option available. On the other hand don’t keep your passwords saved in a note or a document inside your account or phone because if someone hacks your account, all your bank information and passwords are in the hands of the criminal. As mentioned above don’t use the names of your children, pets, sports team, or dates of birth as these can often be easily sourced from social media profiles, and avoid using the same password for multiple online accounts either. Keep all your passwords written somewhere safe to avoid getting stuck without being able to access your account and for better protection.

Be Careful When You Use Public Wi-Fi

We love free wifi. But we must also understand is that these types of free/public Wi-Fi networks can be highly vulnerable. In simple words, the owner/admin of a Wi-Fi network could obtain immense power over the network & it can be used for both good and bad. There’s a certain possibility that the public Wi-Fi connections that you use are unencrypted, offering the chance for someone else to intercept data being sent and received by your device.

A skilled hacker can set up public Wi-Fi and do anything from hacking into your computer or Google account or hacking your phone or computer webcam. Many highly informative documentaries have been done by leading news reporters in the world, containing footage of the hacking process from A-Z and some of them are available on YouTube. I highly recommend you to watch them if you lack experience and information in this regard and try using a virtual private network (VPN) available by subscription whenever you’re using public Wi-Fi if no other option is available to connect to the internet.

Use Two-Factor Authentication

‘Two-factor authentication’ is an extra layer of security that you can add to an online account. After you have entered the password for a particular account it will ask for a PIN or a prompt which is sent to your mobile device immediately & that is two-factor authentication. This way, even if someone finds your password they won’t be able to log in to the account without the prompting mobile device. This extra layer of security will significantly increase protection. You can also add a personal question, ask for the fingerprint, voice recognition, having an authentication code, using a different email/different phone to confirm a new login or transaction request. If this feature is available on any of the online platforms that you use and if you haven’t activated this service already, it’s highly recommended to use it right away.

Don’t Click on Strange Looking Links

One of the most common ways of spreading malware and viruses is by sending emails containing potentially harmful content. Cyber-criminals can send fake emails that look authentic and important to you. The links sent in these emails contain malicious software that can mine your computer for personal information. Some of these emails might appear legitimate and ask for your account’s security information. Therefore, remember that most online services will never send you emails or texts asking for sensitive information. For your safety, it is advised not to open emails from strangers. If you get a phishing email with malware attached, you don’t even have to download the attachment for it to do damage to your network. Some of these are disguised as “Drive-by downloads” which can install malware on your hard drive without you even agreeing to install/ download. In some cases, this type of download appears as a standard system update for the phone or some other “yes / no’’ question regarding notifications. The bottom line is, try not to open emails from people that you feel suspicious. Using methods to scare the user by sending false information involving banking or another online account failure or informing the user about an urgent action to be taken to ensure control, is popular among cyber-criminals. It gives the user the feeling that they need to act urgently, which leads to making poor decisions and letting them take over the account. Here are some tips to identify a scam email.

1. Wrong company name — The scammers who are sending you unwanted emails will most probably disguise themselves as a company where you are a customer. These emails might ask for your banking information or other sensitive information. If you’ve received such an email first check the email address/other contact information and verify it is legitimate.

2. Language mistakes — Read the email carefully for incorrect grammar, spelling mistakes, or incorrect information. Look for such obvious errors. If there are such mistakes there’s a higher chance that it is spam. Then if it appears legitimate, call them or contact them in any other way to clear suspicion. Following these steps will be important to ensure your online safety.

3. No mention of account information — All the leading service providers will address you and mention some of your account details in the mail instead of just addressing you as “Dear Customer,”. Therefore, read the email carefully to identify such small details.

4. Deadlines — These Emails request an immediate response or a specific deadline for you to take action and it is highly unlikely for a real corporate company. Doesn’t matter who they are, check twice before making a decision.

5. Incorrect or suspicious URL — Sometimes, the URL of a website is all you need to look at to know whether the site is real or not. If the spelling is wrong, if there are additional words attached to the company name, those are clear indications of a fraudulent site.


Therefore always check the URL definition for additional information. The email applications these days have advanced spam filters for your convenience and mark them as inappropriate.

Pay Attention to Your Children’s Online activities

Children might not have the knowledge as you do about the internet. Therefore, they will pretty quickly fall for any of the above-mentioned frauds and they could be installing these malwares in your system without knowing. That is why careful monitoring of their online activity is important. The same can happen to the elderly. Place your home computer in an open area where you can clearly see the monitor when they are using the computer so that you can monitor their activity. Install and use parental control software to filter harmful and inappropriate sites. These parental control software also have additional features like limiting the time spent online. This will keep your children from accessing undesirable websites and sharing personal information online. Always verify the downloading files because most of these malware and viruses are designed as another new version of adobe flash player & to have the file formats/extensions of Microsoft Office.

Beware of Fake Online Sweepstakes & Contests

If you are a frequent user of the internet, you should have come across this scenario at least once. Sometimes when you try to click on a button on a web page it redirects you to a site that mentions that you have just won a fancy prize (Insane giveaways) like an “iPhone 13”, a “Samsung TV”, or even a million dollars. Sometimes these come in the form of emails or texts, congratulating you about a competition or a raffle draw which you have won recently. Most of the time these messages will look like they are been sent by a world-famous brand. As an example, personally, I have received a couple of SMS from accounts that addressed themselves as “BMW”, “Coca-Cola”. Shockingly the prizes offered were $1000000 on some occasions. There are several ways to identify such scams. Most of the time, the scammers appear as a representative from a famous company & the messages have grammar mistakes. When you search a little bit more about this you might find that most of the time these messages are sent from phone numbers registered in underdeveloped countries and the prizes are unbelievably large. Most of such messages are sent in Capital Bold letters & there won’t be any mentioning of the personal information or the designation of the person who is contacting you.

So, if you receive such a message the best thing to do is to check the validity of the message and if it appears to be a scam, block the contact source. Ask for contact information from the sender and details about the company running these contests. Once you start asking questions and act wisely most scammers will no longer contact you. Don’t ever share your details or your account information without checking the source of contact thoroughly and never pay anyone blindly.

Stay Vigilant & Responsive

Most common Social Media scams are disguised as “Find out who’s looked at your profile” tools. But such huge platforms like Facebook have mentioned that no one can track who’s been looking at your profile in their official rules and regulations (official stance). Therefore, the third-party apps and tools claim that to have that ability is a scam. Here are some other services and steps that you can take to ensure your safety online.

1. Set up SMS, Email to notify when there’s a transaction, abnormal activity regarding the account & other messages security information.

2. Regularly check your bank and credit statements to spot any transactions you didn’t make, quickly. If you see anything that looks odd, consult your banking partner.

3. If an online service that you use experienced a cyber-attack change your passwords and settings for better protection.

4. Never submit sensitive information such as passwords and banking information in third-party online information gathering forms (Google Forms, etc.)

5. If you believe your personal information was stolen, it is also a good idea to watch all your accounts for suspicious activity. All modern account platforms are equipped with tools and options to check the suspicious activity of your accounts.

6. Locked padlock symbolSometimes you might have seen a little padlock on the leftmost position/rightmost position (depending on the browser) of the web-address bar of the browser. It is an indication of whether your connection is secured or not provided by a security technology marketer. Always try to avoid the sites which don’t come with a secured connection & make sure that the safety technology exists by checking the safety technology company’s website.


If you’re an unfortunate victim of online fraud or any other incident there are a few steps that you can follow. First of all, you must contact the relevant authorities and file a report by contacting your local police. Don’t think it’s too late for anything. The more people who report such crimes, the more criminals are arrested and that increases the probability of recovery. Then you can reevaluate what happened and try to trace the source or the people who are responsible. It might be an email, a private message; you can check everything twice for any information about the criminal. That will also ease the process of bringing the criminals to justice. But looking for these loose ends must be done quickly.

Don’t Overshare & Don’t Always Trust What You Read Online

You might have seen a post or a video or a blog by another user which you thought inappropriate. There are certain limitations to what we should share on the internet. This is why we must not overshare our personal information or our thoughts on the internet. A skilled individual can use this information to get a good idea about who you are and what you desire. By doing so they can even lure you into something harmful even without you knowing about what’s going to happen next. Therefore, always think before you share something and it is advised that you must never make visible your personal information to the public. Almost all of the social media applications give good control to the user over your profile and what you share on the internet. It is highly recommended to use these tools and take the right steps to ensure the privacy settings of the account. Social networking sites like Facebook are a great place to connect with friends and family online.

The Internet is a place filled with false information. As I mentioned earlier, the internet is a wonderful tool. Anyone can use it for good as well as bad. We must realize that anyone can create a website on the Internet with wrong intentions. For example, a website could be created to help spread fear, racism, financial fraud, lies, or malware. This wrong information can turn a country upside down. Especially the information distributed through social media during an election can make or break governments. Therefore, getting to conclusions purely based on what you see online is not a good idea. Always know that there are two sides two every story and be smart enough to figure out the truth remaining unbiased.

We can never know what will happen and how things can go wrong at certain times. But we can always stay alert and not let things slip through are hands blindly. To do so, we must have knowledge about what we are dealing with. That is why I wrote this article to share my knowledge with you all so you can browse the internet a little more securely than before. There are many other ways that you can further improve your use of the internet and those are for another article. Good Luck!



Isuru Pamuditha

Ponder & Wander... That'll make you an interesting person || Engineering Undergraduate ||