Ideally, we all want to keep our data and identities safe online, but there's a lot of confusion about what online privacy means in the real world. You might think you’re doing everything right, following all the key recommendations - but within those tips are some nuances that you might not have realised.  

Here, we debunk four myths about online privacy and security to help you enhance your cyber security strategy and protect your information more effectively.

 Myth: Private browsing modes make you anonymous online

Reality: Private browsing modes, like Incognito Mode in Chrome or Private Browsing in Firefox, are just there to prevent your browsing history from being stored on your device. However, they do not hide your IP address or encrypt your activity, which means websites can use tracking data for marketing, your internet service provider (ISP) can keep track of use, and network administrators (aka your employers!) can still track your browsing. If you need greater anonymity, consider using tools like VPNs  – and make sure you limit personal use of browsers at the office which should be a best practice code of conduct anyway.

Myth: Strong passwords are enough to keep your accounts secure

Reality: I know, we tell you this all the time, but in reality - while strong, unique passwords or passphrases are crucial, they are just one part of the overall strategy. Many breaches occur due to phishing, malware, or data breaches at service providers where even strong passwords can be compromised or sold online to be vulnerable to credential stuffing – especially if that strong password is reused. To enhance security, ensure all passwords are also UNIQUE to the service you are using, and enable multi-factor authentication (MFA) on your accounts, which requires additional verification (like a code sent to your phone) to access your accounts, making unauthorised access significantly more difficult.  

Myth: Once data is deleted, it's gone forever

Reality: Deleting files or clearing your browser history doesn't completely eliminate data. In many cases, deleted data can be recovered with specialised software unless it is securely wiped or overwritten. Furthermore, online services and cloud storage providers may retain backups that include your "deleted" data. If you're concerned about data privacy, investigate how to securely delete data and understand the data retention policies of your service providers.

Myth: Cyber security is only a concern for important people

Reality: Security is everyone’s responsibility. A cognitive bias of ‘It won’t happen to me’ or a security awareness gap can mean it’s open season on your data. It’s not just high-profile individuals or large corporations that are attractive targets for cyber crime. Cyber criminals often target ‘ordinary’ users to collect personal information for identity theft, to use compromised devices for further attacks, or to encrypt personal data for ransom. You might understand the importance of cyber security in theory but underestimate the risk to yourself or organisation specifically.

The difference between how important people believe cyber security is and how they actually behave can be quite different, and for this reason, phishing awareness training and instilling a culture of cyber security is important for personal and organisational safety.  Get in touch now and get a personalised demo of our phishing and security awareness training platform, and see how educating your people can create a lasting culture of security.