From Sony to the U.S. Senate, Target to Home Depot, dozens of organizations have been attacked, with intruders making off with the personal or financial information of tens of millions of people long before the break-ins were discovered.
So what's the solution if even the world's largest organizations can't stop the crooks from stealing your data? Believe it or not, the best way to start to make yourself — and the Internet — safer is to do it yourself.
A recent survey (opens in new tab) found that most people fail to take the most basic precautions when it comes to computer security. Fortunately, there are some commonsense changes you can make on your own. Here are 10 ways you can make the Web safer for yourself, and possibly others.
Install an antivirus program
Macs, PCs and Android devices are vulnerable to daily threats. Even if you don't open an email attachment and never download a file or program, just visiting a website can put you in peril.
Most malware infections these days come from websites, often legitimate sites that have been unknowingly infected themselves.
The only way to fight back, no matter which platform you're on, is touse an anti-virus program. We recommend paying for it if you're running Windows, but there are solid free options for all platforms, so there's no excuse not to use antivirus software.
Here are our lists of the best antivirus software, the best Mac antivirus software and the best Android antivirus apps.
Avoid "free" wireless networks
That gratis Wi-Fi network in the local brewpub is probably a den of digital iniquity. Such networks usually aren't secured or encrypted, allowing strangers to track your online movements, record your passwords and make off with your credit-card information before you realize what's happened. Use a virtual private network (VPN) service when you're on public Wi-Fi, or stay off it altogether and use your own cellular hotspot.
Use secure Web connections
The "HTTPS" acronym at the beginning of many Web addresses denotes a site that is using encryption (the "S" stands for secure).
Many websites have this option, but most of us don't know or don't bother to use it. You have to purposely set it in some Web-based email programs, although major services such as Gmail and Facebook default to it. HTTPS can occasionally cause other programs to hiccup, but the inconvenience is worth it.
To handle these settings automatically, try using the HTTPS Everywhere plugin for the Firefox, Chrome and Opera browsers. It will connect you to more secure versions of your favorite websites.
Don't be too social
Want to share your latest vacation pics on Facebook? Great — just wait until you get back from your trip.
Let's say I have three Facebook friends whom I know are away from home. That probably means other "friends" know, too, and not all of them may be nice. If you don't want thieves to know when you're away, use more caution about when and what you post.
Shop safely online
The convenience of letting a shopping website, especially one you visit frequently, save all your personal information and credit-card numbers is tempting — but don't do it.
There is no such thing as a website that's impervious to hackers. Assumeyour data will be stolen from a business at some point, so keep the credit-card number to yourself.
Proper password management
One of the best protections is also the simplest. Changing your passwords frequently can keep you one step ahead of the thieves. If your bank password has been stolen and is up for sale online, changing it will take away the criminal's keys to your account.
And while it might be OK to use the same password on sites that don't hold any of your personal or financial information, always useunique and strong passwords for online banking, social networking or webmail sites.
To keep all those hard-to-remember passwords straight, use a password manager. But don't let the manager save the "master" password — instead, keep that in your head.
Finally, enable two-factor authentication wherever you can. That way, when you log into Facebook, Google, Dropbox or even Amazon from a new computer or device, you'll have to verify your identity with a code sent to your mobile phone.
Would you, could you on a train? Don't
Sitting in the commuter car or in any public place makes you vulnerable to "shoulder surfers," people who scan other people's laptop or smartphone screens looking for passwords or other personal information.
Many of these crooked cruisers don't even turn their heads; they just take a picture with their cellphones as they go by.
So consider where you're sitting and what you're doing. Can't you wait until you get home to pay that bill online?
Update your software
Most successful computer attacks use known software holes that simply haven't been patched by a computer's user. To avoid this fate, make sure you install all updates to your operating system and other software soon after it becomes available.
Avoid app attacks
Don't be the first kid to jump into the pool. In other words, when you discover a new app for your smartphone, tablet or browser, check it out before you tap "install."
Look carefully at the permissions the app asks for. Better still, see how often it's been downloaded (the more times, the less likely it's malware) and read the reviews.
Both Android and iOS devices are targets of choice for many cybercriminals. Malicious apps are common in "off-road" Android app markets that aren't authorized by Google, and even iPhones and iPads have been feeling the heat.
Let the Tor be with you.
For the truly paranoid, or for people who have reason to believe they are being tracked online, there'sTor. It's a free program that attempts to keep your online anonymity intact by bouncing your Web communications around a number of servers on the Internet to prevent someone from following you.
Whistleblowers and political activists use Tor religiously, and if you don't want companies, authorities or divorce lawyers to see what you're doing online, you should too.