Thanks to Norton by Symantec for sponsoring this post and encouraging me to share these internet safety tips. All opinions are my own, lessons learned the hard way!
When you are on the internet all day and all night like many of us are today, it’s easy to not think much about the risks involved in making that connection. I admit to being lax and often jumping on free Wi-Fi connections whenever I find them to check Facebook and Instagram, download email, and quench the constant flow of information that I’m, frankly, addicted to.
A few recent issues have made me think twice. First, a few months ago my website (this one!) was hacked. I came to my desk one sunny spring morning to log into Ever In Transit. Instead of my normal WordPress login page, I found an ugly and, yes, scary landing page placed there by the hacker to show off. I was locked out and unable to get into my site. I started getting emails from you guys–readers–who came to the site and found the page to let me know. I was terrified of losing the four years of blog posts and photos and memories, and worse, that the hacker would have gotten into my email and other personal accounts. I spent three days and several hundred dollars to clean the mess up. In the wake of the attack, I found viruses and malware on my primary desktop computer which either caused the hack or came in as a result of the hack — I’ll never be sure.
At about the same time, my good friend, Cathy’s, Instagram account was hacked. Her password was stolen and her account was taken over, leaving her helpless and unable to login. She’s an elementary school teacher and her biggest fear was that the hacker would share something obscene that would risk her job and hurt her students. Luckily, she was able to prove her ownership to Instagram and they helped her get her account back, but there was plenty of fear and lost sleep.
Over the last few months, I’ve been a lot more careful about how and when I connect to the internet and I’ve installed some software on my computers and my blog to help protect it so that hopefully this doesn’t happen again. I recently started testing out Norton Security Premium, a group of tools developed by Norton by Symantec
. Norton sent me the bundle to review and asked me to share some internet safety tips for travelers and bloggers.
Here are a few internet safety tips for travelers:
- Use a professional antivirus software on all the devices you use — even Apple laptops! When my site was hacked, Kevin and I were not using an antivirus product on any of our three PC and Mac computers, nor on our phones and Windows tablet. Find an internet security package that covers multiple devices and install it on all of them. Norton Security Premium
lets you install it on up to 10 different devices (PCs, Macs, smartphones, and tablets). Are you a Mac user? You’ve probably heard that you don’t need an antivirus because you use a Mac, but that’s no longer really true. This used to be the case 10-20 years ago when Macs were a much smaller percentage of the global computer market — it wasn’t worth it for hackers to program malware for Macs because there were so few of them. Today, Apple holds 12.8 percent (and growing) US market share and is a much more valuable target for attackers.
- Update your virus definitions and scan it regularly. Set your antivirus software to update daily and run it at least once a week.
- Use lengthy and hard to decipher passwords and use a secure “password safe” to keep track of all of them. Norton Security Premium includes an Identity Safe with password generator and secure password storage that works on computers and mobile devices.
- Set up two-factor authentication on all accounts, especially email address, bank accounts, cloud storage (Dropbox, etc), and social media accounts. Two-factor authentication means that instead of just entering a password to log into a site, you’ll have to enter a second piece of information, commonly a code generated by an app or a text you receive on your phone. This way, if an attacker figures out your password, they still won’t be able to log in unless they had access to your phone. To see whether your sites offer Two-factor authentication, check out this website, TwoFactorAuth.org.
- Avoid using free, unsecured public Wi-Fi networks. As tempting as they are, avoid using free, unsecured Wi-Fi. Use your mobile data connection, a mobile router/mi-fi device, or find a hotel, shop or cafe with secure, password-protected Wi-Fi. Never shop or provide personal information (log into email, social media, etc) when you are using an unsecured network.
- Look for the lock. Before giving personal or financial information on a website, always make sure that the URL starts with “https” and has a green lock icon, which means that the connection is secure.
- Backup your data. Always backup your computer, tablet, and phone’s data, especially irreplaceable photographs, before you go on a trip and every day or two during the trip. Norton Security Premium
Additional tips for bloggers and website owners:
- Make sure your WordPress installation and all plugins are kept updated. I know a lot of bloggers are reluctant to update WordPress and their plugins when they first see these notifications, but this is very important. Plugin and WordPress developers are constantly learning of new weaknesses in their code and releasing patches that will fix your website and keep it safe. It’s important to log in daily (or at the very least, weekly) and update all your plugins and code.
- Make sure all other WordPress websites that you own are kept updated. When my site was hacked, Ever In Transit was clean and updated, BUT another old site I was hosting for a friend’s defunct tour company was not updated and it was hacked too. I hadn’t logged into the site in a few months and it is very possible that the hacker entered Ever In Transit through the insecure plugins on that site.
- Set up two-factor authentication for all of your website logins. Your WordPress dashboard login, your web hosting, and your domain registration, etc.
- Backup your website! It’s really important to make sure you have a backup copy of your website and all photos and files that you can re-install if your website is attacked. Check to see if your webhost offers free, automated daily site backups. If they do not, get a WordPress plugin that automates those backups for you. I use a plugin called BackupBuddy and set it to run daily database backups and weekly full-site backups.
What did I miss? What things do you do to stay safe online?
This post was written in partnership with Norton by Symantec. To learn more about their products, visit their Learning Center.
This is awesome! It’s so important in today’s world that you protect and secure your wifi from outside forces and potential threats. Nice pointers! Thanks for your advice!
I’ve had some of my blogs hacked, more than once. Keeping everything up to date is crucial. I also try to avoid free WP themes. Unless they are the official ones, I steer clear of them.
Last but not least – backup. If it’s a business site, put money into constant backups by a third party.
Those are really good tips, Anne! The free theme thing is so important and I’m ashamed I forgot about it. I used to use a free theme and while it was never hacked, it seemed to break every time I installed a new plugin. I haven’t had a problem with that since I switched to the Genesis Framework. And I totally agree with the backups–the money I spend on BackupBuddy is SO WORTH the peace of mind. I did have to restore my site from backups once and it was relatively easy. I was so grateful to have the file ready to go.