PART 1/4: HOW MUCH DO YOU KNOW ABOUT INTERNET SECURITY?

As you know Experian is committed to protecting your credit health in everything we do. It's why we always share our thoughts and information about keeping you safe from cyber criminals.

In this 4-part series, there are dozens of misunderstandings that are constantly being repeated and all too quickly accepted as truth, without them being verifiable.

We have identified a number of common misconceptions and points out how to minimize the risks that result from a misunderstanding of IT security.


Myth # 1: "My PC Firewall protects me from all attacks from the Internet."

Unfortunately, it is not so easy.

Without the right configuration, a firewall does not provide optimal protection against attacks from the Internet. The so-called "personal firewall" controls the incoming and outgoing data flow to protect the home PC against viruses and other malware. However, attacks from the Internet exploit any vulnerability in installed and used programs as well as in the firewall itself.

As with individual programs, the same applies to the firewall: Especially the configuration is crucial. Only with the right filter rules and settings can the security of the computer be guaranteed. Hence, the settings should be checked regularly and the filter rules should be defined so that only absolutely necessary accesses are allowed. If an unknown program requires access to the Internet, the user should review it critically. Do not forget the firewall of Internet routers.


Myth # 2: "If I have a recent antivirus, I do not have to install updates for other software immediately."

This thought is a fallacy.

Although anti-virus protection is important for safe web browsing, updates to the applications you are using should always be installed as soon as possible. Any program installed on your own devices carries the potential danger of being attacked from the Internet.

Current malware can exploit existing vulnerabilities before it is detected by anti-virus programs. For example, the attackers exploit the time window in which a newly developed malicious code is not yet recognized by the anti-virus software. Therefore, software manufacturers are constantly trying to update and so-called patches to close security holes in their programs.

This prevents malicious software from ever taking effect. Of course, anti-virus programs should always be up to date. Because they offer additional protection only if their virus signatures are kept up to date by updates. Information for update and patch management can be found here.


Myth # 3: "A single long letter and character password is perfect for my online services."

No, because if an online service is compromised and your password is stolen, all services protected by that password are in jeopardy.

Especially when using e-mail addresses for authentication, the username and password can be assigned to each other well. Therefore, a good and secure password is essential - but every online service should use a different password. Particularly with services, which contain or inquire sensitive data, is to pay attention to a strong password.

Examples include access to online banking or shopping, In general, it is recommended to choose a password with a length of at least 8 characters, uppercase and lowercase letters as well as special characters and numbers. The password should not appear in dictionaries and should not be a proper name.

It happens that providers impose restrictions on the allocation of passwords, such as the length or the use of special characters. Then the password recommendations should at least be implemented as far as the restrictions allow.

In addition, passwords should be changed at regular intervals and never multiple times for different online services are used. Password management programs help because they not only manage the passwords but also generate secure passwords. More information on handling passwords is given here.


Myth # 4: "I only surf on trusted sites, so I do not have to protect myself from cyberattacks."

Unfortunately, even trusted sites can be affected by malicious software from time to time.

For example, it can hide in banners and install itself unnoticed on the user's PC. It is advisable to stay only on trustworthy sites - but you are not protected from cyberattacks. Users who rely on popular and well-known internet sites with respectable content often find themselves in false security against cyberattacks.

Basically, protection is always required when users surf the Internet, regardless of which pages they visit. So-called drive-by downloads in which content is downloaded in the background without user intervention, and malicious scripts can also be made on popular Internet sites. Thorough protection by virus protection programs and firewalls - with the above restrictions - as well as regular security updates is recommended despite all precautions.