Do you have a false sense of security online? Take this quiz to find out

Jan. 6, 2021

Think you’re staying safe when you’re online downloading files, viewing YouTube videos, and surfing the news?

If you’re like many respondents in a survey from the National Cybersecurity Alliance, you’re probably more at risk for downloading malware or being tricked into surrendering your bank account or credit card information than you think.

What does the survey say?

According to the alliance's Cybersecurity Awareness Month report released in September 2020, only 35 percent of respondents say they update their antivirus, firewall, or anti-malware software on a regular basis. And only 39 percent said they enabled two-factor authentication on all devices connected to their network.

The same survey found that only 20 percent of older respondents — those 55 and older — are very confident that they would be able to identify a malicious email or link. Only about half of 18- to 34-year-olds said they felt confident that they could identify suspicious emails or links.

And when it comes to public Wi-Fi? The survey found that 54 percent of 18- to 34-year-olds report using public Wi-Fi, while 42 percent of 55- to 75-year-olds never use it. That’s concerning: public Wi-Fi is notoriously vulnerable to cyberattacks.

What do these results show? A large number of people aren't taking the appropriate steps to protect themselves when they're online. They're giving hackers, con artists, and scammers plenty of opportunities to expose their computers and mobile devices with malware, steal their identities, access their bank accounts, or run up fraudulent purchases on their credit cards.

Take the 7-question quiz

But how much do you know about online safety? Take our short quiz to find out just how safe you are when in the online world.

Question 1: Do you know what a VPN is? And do you use one?

If you answered “no” to this question, you’re potentially exposing your activity every time you go online.

A VPN is short for virtual private network, a service that encrypts the data you send and receive when you are online and hides your activities in a type of virtual tunnel. VPNs also have the added benefit of hiding your IP address from snooping eyes.

To use one of these services, you must first sign up with a VPN provider. You can find free services and those that charge. VPNs that charge fees are usually more reliable and feature stronger privacy protections.

Before you connect to the internet, you first log onto your VPN. When you then get to the web, you are not connecting under your device’s IP address, but the address provided by your VPN. This helps you to browse the web anonymously.

VPNs also encrypt your data, creating a virtual tunnel that prevents government agencies, businesses, and hackers from tracking your online activity. This makes VPNs a smart choice when you are logging onto your online bank accounts or credit card portals: VPNs will prevent cybercriminals from spying on you and stealing your log-in information and passwords.

To stay as safe as possible when online, then, it’s a good idea to invest in a VPN service.

Question 2: Do you ever access your online bank or credit card accounts while using public Wi-FI?

You should answer “no” to this question. That’s because public Wi-FI is notoriously easy for hackers to crack. If you use the free public Wi-Fi offered by hotels, coffee shops, and libraries, only use it for benign activities, such as reading the news, checking the weather, and searching for local restaurants.

Never use it to access your important financial portals or other sensitive data. You never know when a hacker is snooping on you. If you use public Wi-Fi to log into your bank account, a hacker could capture your username and password. That same hacker can then quickly access your bank account and drain funds from it.

The same danger awaits if you use public Wi-Fi to access your online credit card portal. A snoop could steal your log-in information and run up plenty of online purchases using your credit card.

The best way to stay safe? Treat all public Wi-Fi like it’s compromised and only use it for the most benign of online activities.

Question 3: Have you enabled two-factor authentication for your most sensitive online accounts?

The answer here should be "yes." Two-factor authentication, also known as 2FA, adds an extra step, and an extra layer of protection, when you log onto a website, online bank account, or online credit card portal.

Here's how 2FA works: When you log into your online bank account, you'll first enter your username and password as usual. But after you enter this information, the site sends a text message to your phone. This message contains a six-digit code. You must then enter this code before you can finish logging into your bank account.

The goal is to create an extra log-in step that helps foil hackers trying to break into your important online accounts. If these criminals don't have your six-digit code, they can't log onto your bank accounts or online credit card portals, even if they know your username and password.

This extra step may be a momentary bit of inconvenience. But it's well worth it if it prevent a criminal from breaking into your most sensitive online accounts.

Question 4: Do you ignore software updates?

You should answer “no” to this question, at least if you want to protect your devices and your privacy.

Yes, it's annoying when you get a notification on your smartphone saying you need to update your mobile device. It's annoying, too, when your favorite web browser sends its own update notice or when you're working on your laptop and receive yet another notice to update your machine's software.

But as annoying as these interruptions might be, don't ignore them. Software developers are constantly updating their products for a reason: They want to boost the protection they offer.

Many software updates are designed specifically to combat newly discovered viruses and malware, or to patch vulnerabilities that have been recently discovered in the software. If you don't approve the updates, your devices are left vulnerable to these online attacks. By approving an update, you might be able to stop spyware, malware, and other viruses from infecting your devices.

Doesn't that sound like a small sacrifice to make?

Question 5: Have you installed security software on your computers?

Good security software can help keep malware and viruses away from your laptop and desktop computers. So do you have this security software installed on your devices? (And, yep, you should answer “yes” to this question.)

Make sure to quickly accept updates to your security software, too. These updates might keep the latest virus from infecting your devices.

Question 6: Can you recognize a phishing email?

We admit it: This isn’t a fair question. Scammers have gotten good at sending phishing messages — emails or texts designed to trick you into surrendering such key information as your Social Security number, birthdate, address, bank account number, or credit card log-in information. Even if you remain on the lookout for phishing attempts, there’s no guarantee that you won’t fall for them.

That doesn’t mean, though, that you shouldn’t remain vigilant. Falling victim to phishing could leave you with plenty of financial pain.

Here’s how phishing attempts often work: You’ll receive an email that looks like it’s coming from your bank, credit union, credit card provider, or other service provider. The message might say that you need to take immediate action to prevent your bank account from being closed, your credit card from being inactivated, or your favorite streaming service from limiting your access.

When you click on a link included in the message, you are taken to a website that again looks as if it is being operated by the supposed sender of the message. This site asks you to enter personal information — again, it could be your bank account number, log-in information, birthdate or Social Security number — to log in. But the site is a fake. When you enter this information, it goes directly to a cybercriminal.

The scammer can then use this information to log into your credit card account and run up charges, access your online bank account to make purchases with your money or even steal your identity and apply for loans or credit cards in your name.

If you want to truly protect yourself when online, remember some simple anti-phishing strategies. Never provide sensitive personal or financial information to anyone, or any institution, that asks for it through email or a text. Your bank, credit card company, mortgage lender, or any other financial institution won’t ask for this information in this way.

If you receive an email that you’re unsure about, call the provider supposedly sending it. Look up the provider’s customer-service number online. Don’t use any phone number provided in the suspicious email. Ask that institution whether it sent the message or if you really do have to take action to prevent your account from being locked down or whether you need to verify purchases. You’ll often discover that the email was a fake, sent by a phisher hoping to steal your personal information.

Question 7: How often do you check your credit reports?

If you said “never,” that’s the wrong answer. You can access each of your three credit reports — one each maintained by the national credit bureaus of Experian, Equifax, and TransUnion — once a year for free by logging onto AnnualCreditReport.com.

Once you order the reports, check them over carefully. These reports list any open loans or credit card accounts in your name and the balances on them. If you notice credit card accounts or loans that you don’t remember applying for? That could be a sign that someone has stolen your personal information and used it to open accounts or take out loans in your name.

This is bad, of course, and it could get worse. These thieves probably won’t make the loan or credit card payments for these fraudulent accounts on time. This could cause your three-digit credit score to plummet, making it more difficult for you to qualify for credit cards and loans.

If you notice suspicious activity on your credit report, contact the appropriate credit bureau. Call the banks or financial institutions issuing the fraudulent accounts, too. They can shut them down.

That’s it. That’s the end of the test. We hope you aced it. If not, it’s a good idea take steps to boost your grade.