Additional tips and links are also included for primers on other cyber practices.

1. Connect to free Wi-Fi at your own risk: Cybercriminals are known to create fake wireless networks in tourist destinations and anywhere else rich in prey. Even the legitimate networks offered by hotels or restaurants may lack solid cybersecurity. In general, avoid using publicly shared Wi-Fi networks. If you really need to, remember to never run applications or visit websites on such networks involving sensitive data. Even then…
2. … Limit browsing to secure pages: While the latest browsers already have a built-in system to alert us when we try to access websites without HTTPS certificates, this is not a total guarantee of safety. A good practice then, is to check the full URLs of the sites we visit with Wi-Fi connectivity — watching out for signs of illegitimate and spoofed content.
3. Use a trusted and secure Virtual Private Network: The use of public Wi-Fi can be mitigated by logging-in to your highly-secure workplace VPN as soon as possible. Even when a corporate VPN is not available or applicable, know that most good home broadband routers allow you to set up a secure VPN that allows you to access your home’s network and connectivity from anywhere with an internet connection (wired or wireless).
4. Avoid having a false sense of Wi-Fi security: Even when we are using what we consider a secure Wi-Fi network, do not let down our guard: always remain alert, think before acting, and avoid impulsive clicks on ads, urgent prompts or log-in pages.
5. Know how to spot dubious emails and messages: One of the most common practices of cybercriminals is phishing — it is therefore essential to follow the best safety practices regarding detecting and handling phishing content.
6. Practice strong password hygiene: Much has been written and archived in CybersecAsia.net about this: here, here, here and here.
7. Enable two- or multi- factor authentication: Enabling this feature (or demanding that the services you use has to offer this security function) creates an additional layer of protection so that cybercriminals who manage to break our password(s) will still have to get past the one-time-password verification stage. As even MFA has been tampered with before, ensure that measures are in place to overcome this possibility.
8. Passwords are passé: As more websites and online services migrate to passkeys and passwordless authentication, you can do your part by making your voice heard: ask for such authentication features from your bank and other online services you deal with. If necessary, abandon those that fail to listen. Remember, customer power is kingly in the digital-first age!
9. Keep devices and software up to date and protected: Keep your devices’ operating system and apps up to date, and protect the entire system with strong cybersecurity software that runs on AI to tackle advanced malware that cannot be detected via code signatures.
10. Set up purpose-driven cards and accounts: That means completely avoiding the use of your main bank accounts and other sources for funds for anything transacted online. Apply for debit cards, wallets and other sources of funds that are strictly meant for internet transactions. Keep the funds stored in these accounts minimized (but topped-up as needed) to fulfill only short-term needs. This way, even if cybercriminals manage to steal account access via your compromised Wi-Fi access, they cannot draw out more than the small amount of funds contained therein. Also, activate credit card protection features that prevent overseas use or cut your credit limit overseas. If possible, avoid the use of credit cards when overseas: numerous safer un-cloneable alternatives are available these days.