As the wave of data breaches continues to grow, protecting your information online is essential. Here is some important information to know, and steps you should take to increase your security.

YouTube video


Yes, we know—You’re probably tired of hearing about using passwords properly.  However, this is the most important thing you can do to protect yourself when online.

  • Always choose strong passwords. Use complex passwords with numbers and symbols that have at least 8 characters.  Don’t use something that’s obvious, like your pet’s name. Using complex passwords will protect you from brute force logon attempts.
  • Don’t reuse passwords from other accounts. Always make new ones for each of your online accounts. If you can’t remember them, consider using a Password Manager application.
  • Change your passwords regularlyat least a few times a year. Regularly changing your password will protect you if your data with a third party is ever compromised.

If you believe your password may have been breached,  you can always change it.


  • Never use words found in the dictionary or your family names.
  • Never write down or email your passwords.
  • Consider using a Password Manager (e.g., LastPass or 1Password)
  • Create a unique password for work.
  • Turn on Two-Factor Authentication if it’s available.
  • Include a password in a non-encrypted stored document.
  • Tell anyone your password.
  • Speak your password over the phone.
  • Hint at the format of your password.
  • Use the “Remember Password” feature in application programs, such as Google Chrome, Internet Explorer, Safari or others.
  • Use your corporate or network password on an account.

Always Keep Your Antimalware/Antivirus Software Up to Date.

Scrutinize Website Addresses

  • Always check the address bar at the top of a website before entering your password or information. Phishing attacks are getting more common every day. And one of the ways they’re delivered is via fraudulent websites. Make sure that the website address matches the correct site address.
  • Most reputable sites today are protected by certificates. This will be indicated if the site address begins with https, and you can see a lock symbol or the word “secure” in the address.

Beware of Malicious Websites.

These are sites that try to install malware onto your computer device. Malicious websites often look like legitimate websites. They may urge that you should install software that your computer needs. It only takes one unsafe installation to compromise your device and sensitive information. Or, the website might ask for permission to install a particular program, but, instead, install a completely different one – one with malware attached.

Legitimate companies won’t send you an email asking for your credit-card information or to change your password. If you get one of these emails, delete it and notify the company.

When to be Suspicious:

  • If an email asks you to update your account. For example, if you receive an unsolicited email that’s supposedly from your bank that asks you to “verify your information” this may be a phishing attempt. Don’t click the link in this message. Instead, key in the bank’s website address yourself instead of using links displayed in email messages. Never trust links in e-mails, text messages, pop-ups, etc.
  • If a link is shortened. Link shortening is used by criminals who want to put malware on your computers. They’re trying to conceal the true link address.  Note: Consider using a service like CheckShortURL to expand a short link, or loading a browser plug-in right-clicking the short link. There are also link expander sites that let you know if the link is on a list of known “bad sites.”
  • The link contains strange characters. Hackers use URL encoding to conceal the destination of malware or phishing sites. For example, the letter “A” appears as %41 when it’s URL encoded.  If you see a bunch of % symbols in a link, don’t click it.  Consider using applications like Norton SafeWebURLVoidScanURL to check the safety of a link before actually clicking it.

Always Backup Your Data Onsite/Remotely and Securely So You Can Restore Your Data If It Gets Stolen or Locked.


  • Try to solicit your curiosity or trust.
  • Contain a link that you must “check out now.”
  • Contain a downloadable file like a photo, music, document or pdf file
  • Contain an urgent call to action.
  • Display an immediate need to address a problem that requires you to verify information.
  • Urgently asks for your help.
  • Asks you to donate to a charitable cause.
  • Indicates you are a “Winner” in a lottery or other contest, or that you’ve inherited money from a deceased relative.
  • Respond to a question you never asked.
  • Create distrust.
  • Try to start a conflict.


  • Misspellings
  • Typos

For more information about online security, or to learn how STS can help your business take advantage of the latest technology, contact us at: (02) 8212 4722 or [email protected]