Online Security Tips for Baby Boomers

People born between 1946-1964 are known in marketing speak as baby boomers. This generation were the inventors of modern computing, including the Internet. However, baby boomers have not grown up with the Internet like their digital native counterparts. In surveys, possibly contrary to expectations, baby boomers often have the greatest concerns around cybersecurity and/or data privacy. In a survey by SAS, they found that 78% of baby boomers had increasing concerns over data privacy; this isn’t surprising with a continuous stream of privacy violations by the likes of Facebook and Google.

In terms of knowledge of cybersecurity, baby boomers are also winning out. In a survey by Webroot, 47.6% of baby boomers compared to 23.7% Generation Z (born, c.1996-2010) knew what ransomware was. And baby boomers are pretty good at containing malware, with 94% of the age group not forwarding suspicious emails.

With such a seemingly savvy group of people, what advice can we give them in staying cyber-safe?

Well, cybersecurity is something that is never static. It is an ever-changing and challenging landscape of threats, exploitations and socially engineered attacks. One of the worst things you can do in terms of cybersecurity is to become complacent. So, here are 5 tips to help baby boomers maintain the top of the league in cybersecurity.

Tip 1: Being a Safe Silver Surfer

Malvertising or malicious ads are a very neat way to get malware onto your computer. Online ads and videos are being used increasingly as a conduit to spread malware infections. The malware includes crypto-mining bots. YouTube has been a focus for the malicious ads in 2018. Videos on the site were infected with a mining bot (malware) called ‘Coinhive’. Once installed on a computer it would use the PC as a sort of slave to mine cryptocurrency for the cybercriminals behind the scam. The infected computer slowing to a crawl.

This type of infection, via an online ad or video, is becoming commonplace because it is such a slick way to infect a machine. The ad is not usually on a ‘dodgy’ site either; these are ads run by big names. For example, the Hugo Boss website unwittingly ran infected ads back in 2015.
Malvertising works seamlessly. You click on an ad (sometimes you don’t even have to click). This takes you to a server which hosts the malware. It then executes the malicious code and infects your machine.

Being safe online means you have to use proper “cyber-hygiene”, some tips to staying safe online include:

1. Patch and upgrade: Always keep software such as browsers and applications like Adobe Reader, up to date and patches installed. Malware, like malvertising, use vulnerabilities (flaws) in software code to install.
2. Avoid using Adobe Flash and Java: Malvertising often focuses on software like Adobe Flash – if you can avoid using Flash, do so. However, like all cybersecurity threats, hackers evolve and the way malvertising works is evolving too.
3. Install anti-virus and anti-malware software. This way to prevent malware infection is part of an overall arsenal of tools.
4. Use an ad blocker: You can install ad blockers that help to prevent ads opening in the first place.
5. Report suspicious websites: You can report a suspicious website or one you believe may have been the source of infection using this Google link.

Tip 2: Safer online personal data sharing and privacy when setting up accounts

When sharing data with an online service you need to be aware of certain conditions:

1. The data you are sharing should be submitted using a secure service. If you look at the address bar in your browser there should be a lock (like the image below). Next to the lock, the HTTP will have an S added – HTTPS. This shows any data from this page will be sent encrypted – that is scrambled so it can’t easily be read. An important note is that some sites do not implement HTTPS correctly. For it to work, all pages that are involved in the data transfer MUST have HTTPS setup – if they are just HTTP they will not be secure.
2. When you send data to an online vendor they should ask your permission to use the data. This permission or ‘consent’ should also explain what they do with the data – or link to a privacy policy which explains the use. In the EU, it is a lawful requirement that online companies ask your consent to use your data. This law is known as the General Data Protection Regulation (GDPR).
3. Try to avoid sending data to an online service when you are out and about. Free Wi-Fi is usually not secured, that is, no password is needed to use it. Unsecured free Wi-Fi can allow hackers to intercept your communications to steal messages and data you upload and to even install malware to mobile devices, remotely. Wi-Fi hacking or Wi-Fi spoofing is increasingly commonplace. Note that if you use a site that is HTTPS, data will be protected using encryption.

Tip 3: Always use a VPN

In tip 2, we mentioned that free Wi-Fi services you so often see in shopping malls and cafes are insecure. One way to prevent the loss of data, including emails, text messages, and other login credentials, is to use a Virtual Private Network (VPN). A VPN gives you both security and privacy.

1. VPN Privacy: Personal VPNs are becoming very popular. A VPN hides who you are when you browse the Internet. It does this by taking your IP address (this is the address of your Internet router) and replacing it with an IP address from the Virtual Private Network provider. If you live in London you can set it to look like you are accessing the Internet from Germany, for example.
2. VPN Security: A VPN will take any data you transfer online and package it up using encryption. A good VPN will also check to see if the connection is safe too. It’s also one of the best practices to follow for a safer online shopping experience.

Tip 4: App safety

Baby boomers love tablet devices, with 57% of this age group using a tablet compared to 35% of millennials. Tablet devices are a great place to run apps and there is a whole market dedicated to creating apps that target those over the age of 55. However, mobile app security is an area that everyone should be aware of. Mobile apps have a number of security issues and a test by WhiteHat Security found that 85% of apps do not store data securely.

To use mobile apps safely:

1. Always download from a recognized app store: Do not install an app from a link in an email or mobile message.
2. Make sure the privacy settings associated with the app are at a level you are comfortable with. For example, switch off location tracking.
3. Install a mobile version of anti-malware software
4. Update your apps regularly
5. Update the operating system of the tablet device as new versions become available

Tip 5: Be safe but social

Social media is popular with baby boomers as it helps to stay in touch with family and friends. Whilst social media can be a great communication tool it is also an opportunity for cybercriminals. Phishing and other types of scams are common-place on social media. These scams range from things such as social chain letters, make money quick scams, and messages with phishing links that steal data and login credentials. When using social media, to remain safe:

1. Ensure that your privacy settings are set to a level you feel comfortable with. And, check them regularly as social media platforms may update them.
2. Be careful what you post. Never give out details such as times you are away from home or personal details like passwords. Also, be careful if someone asks you for any information that you may use with other accounts; this may be something like your pet’s first name or your mother’s maiden name. Cybercriminals harvest these data to help with identity theft.
3. Social media platforms now allow you to use a second factor to log in. This is usually something like an SMS text code that is sent to your phone when you enter your password. Use this if available.
4. Never login to a social media site from an email you receive. This could be a phishing link that takes you to a site that looks like your social media account but is a well-made fake. If you put your social media username and password into the site, they will be stolen, and your account hacked.