According to Check Point Research, global cyberattacks in the third quarter of 2022 increased by 28% compared to the same period in 2021. Many companies have also been victims of ransomware attacks and data breaches, with many mistakenly providing sensitive information to threat actors through phishing scams. And as we enter a new year, we can expect cybercriminals to develop new and more sophisticated ways to steal sensitive information from innocent victims. Fortunately, there are many things you can do to stay safe online in 2023.

1. Use strong and unique passwords

It is important to use strong passwords to protect your online accounts. In this way, you can reduce the risk of falling victim to brute force or brute force attacks used by cybercriminals who use common passwords to guess the account holder’s credentials.

One way to create strong passwords is to use passwords or unrelated strings of words that you use as passwords. Because they’re made of words, they’re easier to remember than regular passwords that contain random numbers, letters, and symbols. For example, according to Useapassphrase.com, it would take approximately 2,563,379,452,772,621 centuries for a threat actor to guess the “fleshy uncut fiber pale” password.

Finally, make sure you use a unique password for all your accounts. That way, even if one of your accounts is hacked, attackers cannot access your other online accounts. If you have trouble remembering passwords, you can use password managers like Dashlane and 1Password. Password managers can create and store your passwords in an encrypted vault that can only be accessed with your master password. Make sure to create a secure master password to avoid the risk of your account being hacked.

2. Use multi-factor authentication (MFA)

Passwords can only be used to protect your online accounts. MFA increases the security of your accounts by requiring you to enter two or more factors to verify your identity when signing in to your account. These authentication factors can be a one-time PIN (OTP), face or fingerprint scan, or a physical key. With MFA enabled, even if a cybercriminal gets your username and password, they won’t be able to access your account unless they provide other authentication factors.

However, avoid using SMS-based authentication as much as possible, as it is an insecure authentication method. For example, cybercriminals can change SIM cards by impersonating you and telling your mobile operator that your SIM card is damaged. They will then ask the operator to transfer your mobile number to a new SIM card. This will give them access to OTPs and password reset links sent in text messages. Former Twitter CEO Jack Dorsey was the victim of such an attack in 2019, as a result of which his Twitter account was hacked.

3. Install security updates as soon as possible

Device and operating system (OS) updates don’t just offer new features. They also provide critical security patches that can prevent cybercriminals from exploiting vulnerabilities to access your sensitive information. Therefore, be sure to install security updates for your operating system as soon as possible.

4. Protect yourself from phishing

Phishing is a type of cyberattack in which threat actors send legitimate emails to trick users into providing personal information such as names, email addresses, passwords, and credit card details by impersonating a reputable organization such as a bank or trusted friend.

Phishing is one of the most common cyber attacks today. Cybercriminals have also improved their tactics as they now use text messages and voice calls to target people.

Be careful when clicking any link to protect yourself from phishing, as attackers may publish a URL such as “pay-pal-login”.[.]com” for a legitimate URL. Also, do not download any attachments from spam and never share your personal information with anyone online. Legitimate organizations would never request such information via email, text message, voice call or social media.

5. Back up your data

Years ago, if you were infected with ransomware, you could easily recover it by restoring from a local backup. However, the attackers took their game to the next level and made it difficult for victims to recover their data using this method.

That’s why it’s important to keep your backups separate, such as an external hard drive or flash drive. You can also use a cloud storage system such as OneDrive or Google Drive that allows you to store your data online. External file backups will not be affected even if your system is encrypted by ransomware.