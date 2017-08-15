In the past few months, we got a firsthand look at the importance of Internet safety when GoldenEye, a new strain of the Petya ransomware, hit systems across the globe. The attack affected more than 230,000 computers in more than 150 countries.

These attacks are tremendously damaging, but you can help reduce their likelihood of hitting your system. The best path to Internet safety is improving online education, increasing awareness of identity and data threats, and taking proactive steps against those risks. Here are a few tips for ensuring your online experience stays secure.

Update Your Operating System

GoldenEye took advantage of a Microsoft Windows security vulnerability called EternalBlue. Microsoft announced multiple patches to fix the EternalBlue exploit. The catch? Your computer is still vulnerable unless you update. If even a single computer isn’t updated within a network, the vulnerability can impact the entire system.

To help reduce the risk of attack, install updates when they become available on your operating system and software. Patches and updates minimize the threat risk that infect computers, programs, and apps. For businesses, ensure every computer on the network is up-to-date with the latest patches, and educate employees on the importance of these updates.

Get Interactive

Last month, Google unveiled Be Internet Awesome, a program designed to teach kids common Internet pitfalls. Be Internet Awesome features educational materials on the fundamentals of online safety, covering topics like “Share with Care” and “Secure Your Secrets.” It also includes a game called Interland, an “adventure-packed online game that puts the key lessons of digital citizenship and safety into hands-on practice.”

Research consistently shows students of all ages learn best with hands-on opportunities. By turning children into active participants, rather than passive listeners, we can more effectively demonstrate Internet safety basics.

Google isn’t alone in providing interactive learning opportunities. The U.S. Navy and the National Science Foundation developed CyberCIEGE, a video game that teaches users about computer and network security concepts. Kaspersky Labs also provides simulation games that present different scenarios for businesses of all types with the goal of establishing a better security understanding between senior managers and decision makers.

Check Those URLs

A recent report from PhishLabs noted a rise in a phishing attack that targets mobile devices. The attack, called “URL padding,” starts with hackers adding several hyphens to a URL to push the real source of the site outside of the address box on mobile browsers. On your mobile device, you are less likely to see the real URL after the padding, and can be tricked into entering personal information or downloading malicious software on the spoofed site.

URL padding works especially well for mobile users because they are typically less cautious with mobile activity, says Crane Hassold, a senior security threat researcher at PhishLabs’ Research, Analysis, and Intelligence Division. In a blog post accompanying the PhishLabs report, Hassold wrote, “As a population, we’ve been conditioned to check our phones constantly and to browse or follow links in a far more lackadaisical manner than we would on a desktop or laptop. As a result, we’re generally paying far less attention to any warning signs that might crop up.”

Unfortunately, the same lax attitude towards security and mobile devices typically applies to our social media use, as well. “People still have an inherent trust of social media. They’re having fun using it,” said Dan Smith, Director of Product Management at Experian Consumer Services. “In reality, the sites and platforms aren’t that secure. They’re not like a banking site, and they’re not held to the same standards, either.”

Pairing social media with mobile use often leads to a lowered guard. Smith suggests increasing vigilance for attacks targeting social sites and mobile devices. Keeping an eye on security news from platforms like Facebook, Twitter, LinkedIn, Instagram, and Snapchat help minimize the risk of falling victim to attack. If something seems off, practice the same caution on a mobile device as you would with a desktop or laptop.