Once upon a time, in the ages that were sometimes called the “good old days,” it would have been considered a leak of personal data if, let’s say, you accidentally lost your passport or checkbook on the street. But now it’s 2024, our lives have long and firmly moved online, and the internet is no longer the serene paradise lagoon it was decades ago...
There is no doubt that cyber security is a proper and necessary thing, but, like any sphere of human activity, it has managed to acquire so many rumors, myths and recommendations that it is difficult to distinguish the truth from the fake, and current useful advice from the already outdated. However, people are trying. Like, for example, in this wholesome thread on the AskReddit community.
More info: Reddit
#1

Image credits: anon
#2
Don't reuse passwords and change them often. If one site is breached, if your accounts are associated with your email address, then they all are.
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
"Frequent password rotation isn’t a good idea and is already not recommended by the NIST organization and the InfoSec community overall. At the end of the day, it’s a counterproductive practice with dubious benefits. When a user has a lot of accounts and has to rotate passwords, they end up using weak passwords because of the lack of imagination.
"A better piece of advice is to use password managers and generate longer than 12-14 character passwords unique to each protected resource. Also, necessarily use 2-factor authentication (2FA) wherever possible. Protecting an account with a password only in 2024 - not a good idea. For especially sensitive accounts, physical security keys are recommended such as Yubikey, Google Titan, Thetis, Feitian, SoloKeys, etc."

Image credits: ComradeIX
#3
If your url says https://, the websites secure, if it’s http://, it’s not secure. Don’t put any personal information into an insecure website
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
"I don’t want to scare you too much and cause paranoia, but that "padlock" SSL certificate can be bought for as little as $9 and added to any malicious website. So just that the HTTPS lock exists doesn’t guarantee a web resource’s safety all on its own. It just shows that data coming your way will be encrypted. There’s no difference whether you’ll get a virus from an encrypted channel or not.
So you shouldn’t relax just yet, but you should click on that "lock" to examine the certificate - who was it given to, are the recipient of the certificate and the website name identical, etc. But yes, the general rule is that HTTP is totally trash and you should by no means give your sensitive info (for example login/password) to a website with a bare HTTP."

Image credits: Last-Wealth2377
#4

Image credits: Rolling-Trannies
#5

Image credits: dragoninthewest
#6

Image credits: killfire4
#7

Image credits: skovalen
#8
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
To work out if your details have been stolen in breaches you can link this tool as well.

Image credits: 520throwaway
#9

Image credits: SoundedDoughnut
#10

Image credits: Majoishere
#11

Image credits: anon
#12
Make certain to have your important stuff offline backed up, totally isolated from the net. Worms, virusses, ransomware can hit online but just wipe the lot and give them the finger. Reload and be more careful.
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
"It’s also advisable to encrypt those backups or store them in a drive with a physical encryption, such as disks with PIN code buttons or fingerprint protection."

Image credits: nativedutch
#13

Image credits: anon
#14

Image credits: abubudadu
#15

Image credits: covok48
#16
Don't use your debit card to buy online. If that gets compromised the money coming out is hard cash. If its a credit card it's on the credit card company to get their money back on fraud charges. This can take a long time.
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
"It’s best to use single-use virtual cards for online purchases. For example, Revolut and other payment platforms have them."

Image credits: anon
#17

Image credits: mr_sto0pid
#18
Edited by writer to insert a comment from Aleksandr Valentij, Cyber Security Lead at Surfshark:
"Closing all tabs doesn’t clear all malicious cookies unless you were browsing in incognito mode. For that, you need to clear the browser cache."

Image credits: lulz85
#19
Change passwords often. Store them in a file offline.
Learned this after the My Fitness Pal databreach.
- You Might Also Like: 35 Examples Of Things Banned Around The World To Help You Avoid Awkward Situations While Traveling

Image credits: anon