Safe internet surfing means not sharing your (personal) data with third parties unintentionally, be it other people or companies. That might sound straightforward, but unfortunately, it’s not that easy. After all, your data is worth a lot of money, and many companies, including tech giants like Google and Meta, base their business on collecting and aggregating data into user profiles. That means that the internet is teeming with people interested in finding out as much as possible about you, your interests, and your online behaviour.
Then there is the threat of cybercriminals who may not only sell your data but use it for criminal ends such as identity theft, credit card fraud or doxing. But now for the good news: it only takes a few simple steps to drastically minimise your footprint on the worldwide web and protect your privacy.
The dangers of surfing the web
In discussions about data privacy, there are two sides you’re most likely to hear: the ‘I got nothing to hide’ people and the ‘They already know everything about us anyway’ types. And neither approach is entirely wrong. Anyone who wants to go online with a reasonable degree of ease will simply not be able to remain entirely anonymous.
Thanks to social media, we’ve long become accustomed to sharing everything with the public, from what we have for lunch, where we go on holidays and even the tricks of our pets.
In theory, many people are only aware of the dangers that result from a lack of privacy. We all feel uncomfortable when a stranger stares at our computer screen in a café or on the train. But somehow, we are less interested in what happens to our data ‘behind the screen.’ Out of sight, out of mind, as the adage goes.
Yet dangers are lurking on the internet, risks that can be put into three categories:
1. Tracking and advertising
When it comes to data tracking, the least of all evils are probably the ubiquitous web ads that target your interests so enticingly. At the latest since the Cambridge Analytica scandal we know that bad actors can misuse personal profiles for mass manipulation by spreading fake news.
2. Data theft through data leaks or spam and phishing
Things get decidedly creepier when your personal data falls into the wrong hands, for example, through data leaks. You’ve probably heard that hackers looted Uber’s data bank, stealing millions of users and drivers’ personal data (such as name, location and trip distance). In trying to cover up the case, Uber put the victims at additional risk.
Why is this important? Because stolen personal data can be used for:
- Spam and phishing, i.e. sending unsolicited emails containing malware
- Doxing, i.e. publishing private information online (e.g. private photos along with the victim’s address)
- Identity theft and credit card fraud, i.e. when criminals use your personal data to make purchases or empty your accounts
3. Surveillance by international governments
Snowden revealed how government agencies like those run by the U.S. are spying on citizens around the world. At a bare minimum, the NSA has access to metadata hosted by U.S. companies related to our chat histories, calls and physical location.
Our 9 tips for safe surfing online
Given the many risks you face when you go online, it’s more important than ever to know how to protect your privacy on the web. Here are nine tips to help keep your personal data safe online. Absolute anonymity is not the point of these tips. Instead, the focus is on equipping you to protect your personal data as much as possible when surfing the web. While they can be effective, anonymous surfing strategies are much more time-consuming.
Tip 1: Delete cookies regularly
Cookies are small files (usually JavaScript) that websites store on your device while surfing the web in your browser. They track your online behaviour, among other things, to ensure that online shops show you products that are targeted to your tastes. If you looked at a white ball gown the last time you were shopping on Zalando, the website would use cookies to ‘remember’ this, so it is likely to suggest related products such as bridal veils and white shoes on your next visit.
If you never delete your cookies, the websites you visit will go on learning more and more about you. For that reason, our first tip is to delete your cookies regularly.
Tip 2: Block all third-party cookies
Third-party cookies are stored on your device by a provider other than the host of the website you visit. This kind of cookie tracks your surfing behaviour across multiple sites.
Many browsers install with third-party cookies already deactivated. But not Chrome. To block third-party cookies in Chrome, follow these steps:
- In the Chrome menu bar at the top, click on the three-dot button to enter the ‘Settings’ menu
- Then click on ‘Privacy and security’ in the left menu
- Select ‘Cookies and other site data’
- Now select ‘Block third-party cookies’.
Learn more about the cookieless tracking: How to prepare for a web without cookies.
Tip 3: Use a proxy server to hide your IP address
An Internet Protocol address is a unique string of numbers that identifies your device on the internet or a local network. In the same way that your postal address makes it possible to contact you, your IP address ensures that routers can forward data called ‘data packets’ to your device.
When you’re surfing the web, each website you visit records your IP address. This lets a website know the country you’re accessing it from, allowing you to then show or block content on a country-specific basis. However, your IP address can also be used to determine your exact location and the device you are using to go online.
You can prevent this by using a proxy server to surf anonymously. A proxy server hides your actual IP address and assigns you a new one. Attempts to trace your IP address back to you will only lead to the proxy instead.
Tip 4: Use alternative search engines and email providers
Search engines like DuckDuckGo or Startpage deliver good results without collecting data on your preferences or search behaviour. And they’re just as easy to use as Google or Yahoo. Just set the alternative search engine of your choice as your browser’s default, and you can use the address bar to search the web like you’re used to.
When it comes to email, providers such as ProtonMail, Mailbox.org or Posteo are also competing with the market leader Google. They offer server locations in Europe, better encryption and additional services such as metadata header stripping, which removes or ‘strips’ metadata about the recipient from emails.
Tip 5: Block pop-ups and ads
Pop-ups and ads are not dangerous per se. At DataGuard, we even use them ourselves – just like almost every other business wanting to reach customers online. But some untrustworthy sites use pop-ups containing malware. Blocking them will protect your privacy and shield your device from viruses.
Tip 6: Always check the sender of incoming emails
Did you know that 83% of all cyber attacks in the UK begin with phishing emails?
Many people often overlook this simple security tip: check the sender of every incoming email. Hackers email spam with links that can install malware on your device with just one click. This is called a phishing attack and it works alarmingly well.
It might be a notification to claim a prize you won, or maybe it purports to inform you about a security issue at your bank. Hackers are a truly imaginative breed. And having become more sophisticated, phishing emails are no longer as easy to identify as they were in the early days when spelling mistakes were the hallmark of an attempted attack. These days, their design and language make phishing attacks appear believable at first glance.
The only way to protect yourself is to take a very close look at every email you receive. You can also check the UK Information Commissioner’s Office to find out more about the spam emails.
Tip 7: Configure your home router
Routers use a default password (usually ‘password’) and a default username (usually ‘admin’). The fact that the default login credentials are the same for all routers makes it easier for users to set up their new devices. But if you fail to change them, anyone who can connect to your WLAN can hack your router and change your WLAN password or DNS server settings.
In the worst case, hackers can leverage this weakness to gain access to files on your computer, use your internet connection for illegal purposes or infect your network with viruses and other malware.
Tip 8: Use social networks intentionally and minimise personal data
As a 2015 study by Cambridge University showed, Facebook understands the personalities of its users better than their friends, family, partners and in some cases even themselves. As few as 150 likes were enough for the social media service to identify personality traits better than a user’s own siblings or parents.
A recent study highlights that TikTok tracks users’ personal data more than any other social media app.
After all, we reveal a lot about ourselves through our clicks, likes, comments or even just the time we spend on a given post. Meta, TikTok and Co. use this data to target us with tailored ads. Or they sell our personal data to third parties – that is, if it’s not stolen by hackers.
For example, the personal data of 533 million Facebook users was leaked online in 2021, including phone numbers. In a 2021 report by NordVPN, 14% of respondents reported unauthorised activity on their social media accounts.
Despite all these risks, only few people are willing to pull the plug on social media completely. If you’re one of the many who believes social media still has a role to play, at least be aware that every like and every interaction reveals a little more about you. And it is unclear who will end up getting their hands on this data – and what they’ll use it for once they have it.
Tip 9: Always check free tools and plug-ins before installing
Plug-ins (also called extensions or add-ons) are a good way to add new functions to your browser. But plug-ins may install malware unbeknown to you depending on where you download them or who made them.
So, before you download free software, at least briefly verify that the provider is trustworthy. For instance, can you find any negative articles online? By the way, the same applies to installing apps on your smartphone.
Safe(r) surfing is easier than many think
With 100% security practically out of reach for regular internet users, many of us give up before even trying. And some situations truly are out of our control.
For example, the risk of data leaks makes it impossible to rule out the possibility that your personal data might fall into the hands of bad actors. After all, hacker attacks can hit anyone, anywhere and anytime – even some city governments have been unable to protect themselves. But that doesn’t mean it’s hopeless because you can minimise your personal data that’s available online. By following the tips from this article, you will be surfing the web far more safely than most everyone else.
How DataGuard can help you stay safe online
At DataGuard, our mission is to help organisations achieve sustainable compliance by setting up data privacy and information security processes. By following certain rules and increasing awareness of practices for safe surfing, you lay the foundation for watertight information security.
Get in touch with our information security experts today to find out more how we can help.
Data Protection and Cookies Checklist
Your Checklist for Data Privacy compliant cookie management and tracking.