Blog Post
Beyond the VPN – Staying Safe Online with Common Sense

Beyond the VPN – Staying Safe Online with Common Sense

There are plenty of online tools and software solutions out there for those seeking to protect themselves online, and many of them make perfect sense. After all, anyone with malicious intentions is unlikely to carry out a targeted, manual attack outside the most extreme scenarios. Instead, these attacks are often software-based, not least because it makes for an efficient opportunity to go after multiple targets simultaneously.

In these cases, your software can provide all the protection you need, and your defenses automatically stand up to incoming threats.

However, one of the dangers of becoming over-reliant on software is that people can forget or underestimate the importance of using common sense. Not all malicious attacks are direct, and unscrupulous internet users are certainly not above setting traps and capitalizing on absentmindedness when working towards their goals.

If Something Seems Too Good to Be True, It Probably Is

Direct attacks remain as much of a problem as ever. Still, some of the most successful security issues occur without any direct security compromise on the part of the victim. Indeed, indirect attacks are often more successful, as they take advantage of someone else’s trust and accountability to convince others to make a supposedly informed decision.

Most people have experienced phishing messages across email and cellphones, and they are well-known enough to be easily avoided for the most part.

However, if a hacker can gain access to a trusted source, difficulties may arise. One such example involves attackers accessing Twitter accounts of famous and, more importantly, wealthy people and promising to double cryptocurrency investments with no questions asked. The blue checkmark and widely known wealth are all it takes to make the concept legitimate for the uninitiated.

Do Me a Favor

There is also the favor scam, whereby the ‘boss’ asks an employee to buy gift cards on their behalf, saying they will reimburse them later. The scammer then either receives the digital codes or requests manual input via email in the case of a physical gift card purchase. The employee is out of pocket, and the boss is faced with quite the dilemma.

This attempt thrives on the desire to impress and goes beyond the kinds of brute force online attacks that software can protect against. In essence, the danger from both of these scams stems from playing on emotions and encouraging someone to do something under ‘free will’, which security software cannot filter out.

Think Before You Type

As touched on already, an overreliance on software solutions can lead to carelessness. Most people know not to enter sensitive information on a website without a security certificate. However, when the VPN is active, and their antivirus software is up to date, it is easy to forget about the personal responsibility that goes alongside it.

An online transaction involves two separate parties. Just because your connection is secure and encrypted does not guarantee that the same applies to who you are communicating with. HTTPS – the sign of a secure website – and a VPN protect different things. Put simply, HTTPS and VPNs are not the same. Ideally, both are present as part of any online transaction. If not, it is potentially worth heading elsewhere.

Security technology for the end-user is improving all the time. The HTTPS versus VPN example still rings true, but most browsers will alert users when their connection to a website is not secure. Such events are not always malicious – it could be an expired certificate or configuration issue on the part of the website owner. However, as a general rule, no certificate should mean no provision of personal data. Such is the importance of SSL certificates on the modern internet that there is speculation that their presence is considered a ranking factor for search engines.


As technology improves to battle online threats and older techniques fall out of favor, new attacks will continue to emerge. Malicious online activity is no longer a case of just finding flaws and weak points to gain access. More incidents of data theft and financial loss occur due to user error than ever before. When the weaknesses of technology disappear, bad actors shift their focus to the weaknesses of people.

In the days before personal firewalls, VPNs, password managers, and antivirus software, common sense was often the best defense against malicious activity. While automated solutions are more robust than ever before, the priority has not changed, and many would argue that thinking before acting remains the best way to protect yourself online.

Related posts

Leave a Reply

Required fields are marked *

Copyright © 2022 All rights reserved.