Improve your passwords. The golden rule for being safe online is to have a different random password for each site. Long and random passwords prevents brute-force attacks.Dont use password that are easy to guess. Your password is the authentication to your account. Using a different password for each account prevents having all your accounts compromised at once when a data breach occurs because of password reuse.
Use two-factor authentication for important accountsAdd a second factor to the accounts for the services that you care the most about, such as Gmail, Dropbox, Facebook, Twitter, GitHub, iCloud etc
Update your operating systemKeeping your computer up to date is the first step to being safe online. Start by updating your operating system and turn on automatic updates if you haven’t done so. Windows, OSX and Linux support this. Consider also updating to the latest version of your operating system if you haven’t done so yet.
Secure your computerMake sure your antivirus and firewall are working properly. Here is how to check if your setup if correct for Windows 10 and OSX.Use a reputed antivrus such as Bitdefender or Kaspersky.
Beware of click-jackingIt is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages
Always look for httpsIf you look at a web address in your browser, you’ll see that it has some letters and symbols in front of it, normally ‘http://’. These letters tell you about how your messages are being sent.Before you send any sensitive information such as personal or banking information to a website you need to make sure it is secure. Instead of ‘http://’ you should see ‘https://’. This extra ‘s’ tells you that the connection is secure and safe for you to send information over. Most browsers should also display a padlock to the left of the web address: if you click on this it should tell you more about the security credentials of the site. If a site asks for your bank or personal details but does not show these security signs you should decline to give your information.