E-Security Tips – Akhil Bhartiya Cyber Suraksha Sangathan (Regd.)

🔐 E-SECURITY TIPS — COMPLETE GUIDE

E-Security (Electronic Security) refers to the practices, habits and technical measures that protect you, your devices, your data and your money in the digital world. As India rapidly moves towards a fully digital economy — with UPI payments, online banking, e-governance, digital identity and cloud storage becoming part of daily life — the risk of cyber attacks, data theft, financial fraud and online harassment has also grown exponentially. Whether you are a student, housewife, professional, business owner or senior citizen — following basic e-security practices can protect you from 95% of cyber threats. This page provides a comprehensive, easy-to-follow guide across all major areas of digital security.

🛡️ KEY AREAS OF E-SECURITY — COVERED ON THIS PAGE

🔑

Password Security

Strong, unique passwords for every account

📱

Mobile Security

Protect your smartphone from threats

🌐

Safe Browsing

Secure internet usage habits

🏦

Online Banking

Protect your money online

📧

Email Safety

Avoid phishing and email fraud

📶

Wi-Fi Safety

Secure your network connections

💾

Data Backup

Protect against data loss

🛒

Online Shopping

Safe e-commerce practices

👥

Social Media

Privacy on social platforms

🧒

Children Online

Keep children safe on internet

🔑 1. PASSWORD SECURITY TIPS

Use Long, Complex and Unique Passwords

Create passwords of at least 12–16 characters combining uppercase letters, lowercase letters, numbers and special symbols (@, #, $, %). Example: M@ngo$2024!Delhi is far stronger than mango123. Never use your name, birthday, mobile number or common words.

Never Reuse the Same Password on Multiple Accounts

If one website is hacked and your password is stolen, criminals use it to try all your other accounts — banking, email, social media. This is called credential stuffing. Always use a different password for every account.

Enable Two-Factor Authentication (2FA) Everywhere

2FA adds a second layer of protection — even if someone knows your password, they cannot access your account without the OTP sent to your phone. Enable 2FA on your email, net banking, social media and all important apps immediately.

Use a Trusted Password Manager

A password manager (like Bitwarden, 1Password or Google Password Manager) securely stores all your passwords encrypted — so you only need to remember one master password. It also generates strong, random passwords for every site automatically.

Change Passwords Immediately If Compromised

If you receive alerts of unusual login activity, if a service you use reports a data breach, or if you suspect your password has been stolen — change it immediately across all affected accounts. Check haveibeenpwned.com to see if your email is in any known data breach.

Never Share Passwords with Anyone — Including Family

Your password is like your ATM PIN — never share it with anyone. Do not write it on paper near your computer. Do not share via WhatsApp, email or SMS. Do not tell anyone on the phone claiming to be bank staff, police or tech support.

📱 2. MOBILE DEVICE SECURITY TIPS

Always Lock Your Phone with a Strong PIN, Pattern or Biometric

Enable screen lock immediately — use a 6-digit PIN, complex pattern or fingerprint/face lock. Set auto-lock to activate after 30 seconds of inactivity. A locked phone protects all your data, banking apps and private messages if your phone is lost or stolen.

Install Apps Only from Official Stores

Download apps exclusively from Google Play Store (Android) or Apple App Store (iOS). Never install APK files from WhatsApp forwards, websites or unknown links — these often contain malware, spyware or banking trojans designed to steal your data and money.

Review App Permissions Carefully Before Installing

Does a flashlight app need access to your contacts, camera and SMS? No — that's malware behaviour. Before installing, always check what permissions an app requests. Deny any permissions that are not necessary for the app's function. Review permissions of existing apps in Settings regularly.

Keep Your Phone's OS and All Apps Updated

Software updates patch security vulnerabilities that hackers exploit. Enable automatic updates for your Android or iOS system and all installed apps. Never ignore system update notifications — they often contain critical security fixes that protect your device from known threats.

Enable Remote Wipe and Find My Device Features

On Android enable "Find My Device" (Google) and on iPhone enable "Find My iPhone" (Apple). These allow you to locate, lock and remotely erase all data from your phone if it is lost or stolen — preventing criminals from accessing your banking apps and personal data.

Do Not Click Links Received in SMS or WhatsApp

Fraudulent SMS messages claiming to be from banks, IRCTC, delivery services or government agencies with links are one of the most common ways to steal credentials and install malware. Never click such links — go directly to the official website or call the official helpline to verify.

Install a Reputed Mobile Antivirus and Anti-Malware App

Use a trusted security app (Kaspersky, Bitdefender, Avast Mobile Security) to scan for malware, block malicious websites and detect suspicious app behaviour. Avoid free antivirus apps from unknown developers — some are themselves malware in disguise.

🌐 3. SAFE INTERNET BROWSING TIPS

Always Check for HTTPS and the Padlock Icon

Before entering any login credentials or payment details on a website, ensure the URL starts with "https://" and shows a padlock icon in the browser address bar. HTTP sites are unencrypted — your data can be intercepted. Never enter sensitive information on HTTP websites.

Verify Website URLs Carefully Before Clicking

Fraudsters create fake websites with URLs that look almost identical to real ones — sbi.co.in.verify.net or incometax-refund.org instead of sbi.co.in or incometaxindia.gov.in. Always type official URLs directly in the browser. Bookmark important websites and use bookmarks to navigate to them.

Keep Your Browser and Extensions Updated

Use a modern, updated browser (Chrome, Firefox, Safari, Edge). Enable automatic updates. Outdated browsers have known security vulnerabilities. Remove unused browser extensions — some extensions are malicious and can steal passwords, track your activity or inject ads.

Never Save Passwords in Your Browser on Shared Computers

On public computers at cyber cafes, libraries or offices — never save passwords in the browser, never tick "Remember me" and always log out completely after use. Use incognito/private mode on shared devices so your session data is not saved after you close the window.

Be Wary of Pop-Ups, Fake Alerts and Download Prompts

"Your computer has a virus! Click here to clean it!" — these pop-ups are scams. Never click on browser pop-up alerts claiming your system is infected. Close the browser tab immediately. Never download software from pop-up ads — they almost always contain malware.

Use a VPN When Accessing Sensitive Information

A Virtual Private Network (VPN) encrypts your internet traffic and hides your IP address — providing an extra layer of security especially on public networks. Use a reputed VPN service (NordVPN, ExpressVPN, ProtonVPN) when accessing banking or sensitive accounts from public or unfamiliar networks.

🏦 4. ONLINE BANKING & PAYMENT SECURITY TIPS

Type Your Bank's URL Directly — Never Use Links

Never access your net banking through links received in emails, SMS or WhatsApp messages. Always type your bank's official URL directly in the browser address bar. Bookmark it for future use. Verify that the URL is correct before entering any credentials.

Never Share OTP with Anyone — Ever

Your bank will NEVER call you and ask for your OTP, net banking password, CVV or full debit card number. Any call requesting this is fraud. Hang up immediately and call your bank's official helpline. OTP is a one-time secret — sharing it even once can drain your entire account.

Enable Transaction Alerts for All Account Activity

Register your mobile number and email with your bank and enable instant SMS and email alerts for every transaction — debits, credits, failed attempts and login notifications. This allows you to detect and report unauthorised transactions within minutes of occurrence.

Set Daily Transaction Limits on Your Net Banking and UPI

Log into your net banking and set a low daily transaction limit — for example ₹5,000 for online transfers. This limits the damage if your account is ever compromised. Temporarily raise the limit only when making large planned transactions.

Never Do Banking on Public Wi-Fi or Shared Devices

Public Wi-Fi at airports, cafes and hotels is unsecured — attackers can intercept your banking credentials using man-in-the-middle attacks. Always use your own mobile data (4G/5G) for any banking or payment transactions. Never access banking on a shared or public computer.

Always Log Out After Every Banking Session

Never leave your net banking session open in the browser. Always click "Logout" — not just close the tab — after every session. Clear browser cache and history after banking. Enable session timeout in your net banking settings so you are automatically logged out after inactivity.

Verify UPI Payment Requests Before Accepting

In UPI fraud, scammers send payment REQUEST links claiming you are receiving money. When you enter your UPI PIN to "accept" — you are actually sending money OUT of your account. Money is received automatically without any PIN — if someone asks you to enter PIN to receive money, it is a fraud. Reject immediately.

📧 5. EMAIL SAFETY TIPS

Always Verify the Sender's Full Email Address

Do not trust only the display name — always check the actual email address. A display name can say "SBI Bank" while the actual sender address is sbi@gmail.com or alerts@sbi-secure.net. If the domain does not match the official organisation domain, it is a spoofed or phishing email.

Do Not Open Unexpected Attachments

94% of malware is delivered via email attachments. Be extremely suspicious of unexpected attachments — even from known senders (whose accounts may be compromised). Hover over attachments to see the actual file extension. Never open .exe, .bat, .vbs or macro-enabled Office files from email.

Enable Spam Filters and Report Phishing Emails

Use your email provider's built-in spam filter and report phishing emails using the "Report Phishing" or "Report Spam" button. This helps protect other users too. In Gmail, you can report phishing by clicking the three-dot menu next to the Reply button and selecting "Report Phishing."

Never Enter Credentials on a Page Reached via Email Link

If an email asks you to "click here to verify your account" or "update your details" — do not click the link. Instead, open a new browser tab, type the official website URL directly and log in from there. Legitimate organisations never ask you to enter sensitive details through email links.

Use a Separate Email for Critical Accounts

Create a dedicated email address used exclusively for banking, government services and critical accounts — and never share this email publicly or use it to sign up for shopping sites, newsletters or social media. This dramatically reduces its exposure to phishing campaigns and data breaches.

📶 6. WI-FI AND NETWORK SECURITY TIPS

Secure Your Home Wi-Fi with WPA3 or WPA2 Encryption

Log into your router settings and set Wi-Fi encryption to WPA3 (or WPA2 if WPA3 is unavailable). Never use WEP — it is easily cracked. Use a strong, unique Wi-Fi password of at least 12 characters. Change the default router admin username and password immediately after setup.

Never Use Public Wi-Fi for Sensitive Activities

Public Wi-Fi networks at airports, hotels, malls and cafes are unencrypted hunting grounds for hackers. Never access net banking, make payments or log into email on public Wi-Fi. If unavoidable, use a reputed VPN to encrypt your traffic before connecting to any public network.

Update Your Router's Firmware Regularly

Routers also have software (firmware) that can have security vulnerabilities. Log into your router admin panel periodically and check for firmware updates — or enable automatic updates if available. An outdated router can be hijacked to spy on all your internet traffic or block your access to safe websites.

Disable Wi-Fi Auto-Connect on Your Phone

Turn off "auto-connect to open networks" on your smartphone. Criminals set up fake Wi-Fi hotspots with legitimate-sounding names (like "Airport_Free_WiFi") to intercept the traffic of devices that auto-connect. Always manually select and connect to only trusted, known networks.

Create a Separate Guest Network for IoT and Visitors

Most modern routers allow you to create a separate "Guest Network." Put smart devices (CCTV cameras, smart TVs, smart speakers) and guest devices on this network — isolated from your main network where computers and banking devices are connected. This limits damage if a smart device is compromised.

💾 7. DATA BACKUP AND RECOVERY TIPS

Follow the 3-2-1 Backup Rule

Keep 3 copies of your data — 2 on different storage devices (external hard drive + USB drive) and 1 in the cloud (Google Drive, OneDrive, iCloud). This ensures you can recover your data even if your computer is hit by ransomware, stolen or physically damaged.

Schedule Automatic Regular Backups

Do not rely on manual backups — set up automatic scheduled backups weekly or daily. On Windows use File History or Backup and Restore. On Mac use Time Machine. For mobile, enable automatic backup to Google Drive (Android) or iCloud (iPhone) for photos, contacts and app data.

Disconnect External Backup Drives When Not in Use

Keep your backup drive disconnected from your computer when not actively backing up. Ransomware encrypts all connected drives — including external ones. A disconnected offline backup cannot be encrypted by ransomware and is your most reliable recovery option after an attack.

Test Your Backups Periodically

A backup is only useful if it works when you need it. Periodically restore a few files from your backup to verify that the backup process is working correctly and the restored files are intact and accessible. Many people discover their backups were corrupted only when they desperately need them.

🛒 8. ONLINE SHOPPING SAFETY TIPS

Shop Only on Reputed, Verified Websites

Stick to well-known e-commerce platforms (Amazon, Flipkart, Myntra, Meesho). For unfamiliar websites, research reviews, check for HTTPS, verify their GST number and look for a physical address and customer care number. If a deal seems too good to be true — it almost certainly is a scam.

Use a Dedicated Low-Limit Card for Online Shopping

Use a credit card or a separate debit card with a low limit exclusively for online shopping. Keep your main salary account card for ATM withdrawals only. Credit cards offer better fraud protection than debit cards — fraudulent charges can be disputed and reversed more easily.

Never Save Card Details on Shopping Websites

Avoid saving your card number, CVV or net banking details on e-commerce websites or browsers. If that website suffers a data breach, your saved card details are directly exposed. Enter card details fresh for each transaction — the few extra seconds are worth the protection.

Beware of Fake Customer Care Numbers in Search Results

When searching for customer care numbers of Amazon, Flipkart, banks or any service — fraudsters place fake numbers in sponsored search results. These numbers connect to fraudsters who impersonate customer care and steal your account or payment details. Always get contact numbers from the official website directly.

👥 9. SOCIAL MEDIA PRIVACY AND SAFETY TIPS

Set Your Social Media Profiles to Private

On Facebook, Instagram and Twitter — go to Settings and set your profile, posts, photos, friend list and contact information to "Friends Only" or "Private." Public profiles expose your personal information to cybercriminals who use it for phishing, stalking, identity theft and social engineering attacks.

Never Post Real-Time Location, Home Address or Daily Routine

Avoid posting check-ins, live location tags or photos that reveal your home, office, school or daily travel route. Share vacation photos after you return — not while you are away, as burglars monitor social media for such posts. Never post your Aadhaar, PAN, passport or vehicle number on social media.

Be Cautious of Friend Requests from Unknown People

Do not accept friend requests from people you do not know in real life. Fake profiles are used for cyber stalking, romance fraud, phishing and gathering personal information for identity theft. Check if the profile has genuine mutual friends, a history of real posts and realistic activity before accepting.

Think Before You Post — Deleted Content Can Still Be Found

Once something is posted online, it can be screenshotted, cached and shared before you delete it. Never post anything in anger, never share others' private content without consent, never post sensitive documents, and always think "Would I be comfortable if my employer or parents saw this?" before posting.

Do Not Participate in Viral Quizzes That Ask Personal Information

Social media quizzes asking "What's your mother's maiden name?", "What city were you born in?" or "Your first pet's name?" are data harvesting tools. These answers are commonly used as security questions for bank accounts and email — providing this information to unknown quiz creators is a serious security risk.

🧒 10. CHILDREN'S ONLINE SAFETY TIPS (FOR PARENTS)

Enable Parental Controls on All Devices and Browsers

Use parental control features built into Android (Family Link), iPhone (Screen Time), Windows (Family Safety) and browsers (Google SafeSearch). These filter inappropriate content, limit screen time, restrict app downloads and allow parents to monitor online activity. Adjust settings as your child grows.

Place Devices in Common Areas of the Home

Keep computers, tablets and gaming consoles in shared living areas — not in children's bedrooms. This allows natural supervision without invasive monitoring. Children are less likely to engage in risky online behaviour when they know adults can see the screen. Avoid devices in bedrooms at night.

Teach Children to Never Share Personal Information Online

Educate your child never to share their full name, school name, home address, phone number, photos or passwords with anyone online — even people who seem friendly. Explain in age-appropriate language that online strangers may not be who they claim to be, and that they should tell you if anyone makes them feel uncomfortable.

Have Open Conversations About Online Safety Regularly

Create an environment where children feel safe to tell you if something online makes them uncomfortable — without fear of punishment or device being taken away. Regular, non-judgmental conversations about cyberbullying, inappropriate contact and online scams are more effective than strict restrictions alone.

Monitor Gaming and Social App Friend Lists

Online games (PUBG, Free Fire, Roblox) and social apps have chat features that predators use to contact children. Periodically review your child's friend lists and chat histories on games and apps. Enable privacy settings so only approved friends can message your child. Report suspicious adults immediately.

✅ QUICK E-SECURITY CHECKLIST — DO THIS TODAY

☐ Enable 2FA on email, banking and social media

☐ Change weak or reused passwords right now

☐ Enable screen lock on all your devices

☐ Set social media profiles to private

☐ Update your phone OS and all apps

☐ Enable transaction alerts on your bank account

☐ Back up your important data today

☐ Check if your email is in a data breach

☐ Change your Wi-Fi router default password

☐ Install a reputed antivirus on your devices

☐ Remove apps you no longer use from your phone

☐ Enable parental controls if you have children

☐ Set a low daily limit on UPI and net banking

☐ Save National Cyber Helpline 1930 on your phone

📝 Report a Cyber Crime to ABCSS

Cyber Links

Important Links