Protect your personal data against cybercrime
Cybersecurity is more important than ever for the average individual. A bad actor who gains access to your personal information can block you from accessing email accounts, withdraw money from your bank accounts, and even steal your identity. Don’t think this can’t happen to you, because it absolutely can happen without taking the right steps. Luckily, these steps aren’t too difficult.
What is piracy?
The Hollywood interpretation of hacking usually involves a person sitting in front of one or more computer screens, running esoteric programs and performing complex processes to gain access to secure systems.
Most hacks today consist of tricking the user or online systems into handing over their credentials or allowing illegitimate password resets. Some also rely on interception of sensitive data, called a man-in-the-middle attack. With that in mind, some relatively simple steps can protect your personal data from prying eyes.
How to stay safe from hackers
Keep your devices up to date
Download and install all security updates for your computer and smartphone as they become available. You may need to restart a PC several times and manually click the “Check for Updates” button in Windows Update to complete the process. Also check your smartphone settings from time to time to ensure that the latest patches are installed.
Do not share sensitive personal data
Only enter information such as your social security number and bank details on authenticated and secure websites. Do not include sensitive information in emails or text messages. Don’t tell anyone your login information, even if you’re talking to a supposed customer service agent. Websites store an encrypted version of your credentials and will probably never ask you for your password directly.
Be careful on public Wi-Fi networks
Any time you connect to a network that is not personally owned by you, you are potentially putting yourself at risk. Avoid sharing data wirelessly between devices on public networks, and be especially wary of unsecured Wi-Fi networks that you are unfamiliar with. One method of data collection is to start a seemingly innocent Wi-Fi hotspot, but secretly log all transmissions.
Use a VPN
A VPN essentially creates a tunnel between you and a remote server. The VPN software encrypts all data passing through this tunnel. At the other end, you will also be sharing an IP address with many other users, which will make it considerably harder to identify you on the Internet.
Enable HTTPS-only mode in your browser
Your browser encrypts data using the HTTPS protocol and enabling this setting forces the use of the protocol at all times. Your browser will warn you of any sites that don’t use HTTPS, which is a clear sign of danger if you suspect you’re accessing a legitimate site such as your online banking service.
To enable HTTPS-only mode, open your browser settings and enter “HTTPS” in the search field. In Chrome (and other Chromium-based browsers, including Edge), you’ll need to go to the security menu and select an option that looks like “Always use secure connections”. In Firefox, HTTPS-only mode is enabled once you use the search function.
Don’t mess with Windows security features
Windows Firewall, Windows Defender, and Windows Antivirus are all remarkably powerful tools to protect you from attackers. In fact, most experts agree that Windows’ built-in antivirus is the only one most consumers need.
Changing the settings of these programs can make it much easier for opportunistic hackers to take over your PC.
Beware of phishy emails
Ever since emails became widespread, hackers have used fraudulent emails to gain access to user accounts. This process, called phishing, involves sending a fraudulent email that claims there’s a problem with the recipient’s account, and they need to log in to fix it. The email offers a login link that looks legitimate but actually passes the user’s credentials to a third party. Giving the hacker full control of accounts inevitably leads to some kind of fraud.
To avoid falling victim to a phishing scam, always log into your accounts by navigating to the correct website using your browser and then logging in. Never connect directly from links in emails.
Do not download unknown attachments
This is especially true if you don’t recognize the sender. Even if you do, however, it could still be a spoofed email. If there is an attachment you don’t recognize, don’t download it. Even if you download but don’t actually run a nefarious attachment, some can still infect your PC or smartphone just by existing on the storage.
Use two-factor authentication
When you log into an account on the website and need to provide a code that is sent to your email address or phone, it is called two-factor authentication or 2FA. Most hacks involve a single set of compromised credentials, and bad actors are unlikely to gain access to multiple accounts of the same person (as long as you take the right precautions).
Note that different forms of 2FA provide different levels of security. SMS authentication is the least secure due to the unfortunately relative ease of SIM card spoofing, which can give a hacker access to your SMS. Email authentication is better, as long as your email account is not compromised as well.
Some services use smartphone app-based key generators, which are highly secure due to the encryption level of most phones. The most effective form of 2FA is the physical security key, a device that stores your personal encryption key on a USB drive.
Although two-factor authentication may seem tedious, it is one of the best ways to protect yourself from cybercrime.
Do not share passwords between sites
You probably don’t want to remember different passwords for each site you need to log into. Nobody wants you. There’s a simple way to do this while using incredibly secure passwords.
Use a password manager
You log into a password manager using an encrypted master password that you can remember but is hard for others to guess. Password Manager assigns a separate, complex password to each new account you create. This way you only have to keep track of one password for many services.
Each new password is encrypted against your master password, using a strong encryption method known as AES-256. On top of that, new passwords are randomly generated, long strings, so there’s virtually no risk of brute force hacking being an issue.
Yubico Yubikey 5 NFC
It’s the most comprehensive physical security available, and it supports the common USB-A connection as well as NFC connectivity for use with smartphones.
Sold by Amazon
Apricorn Aegis Secure Key 3NX
Available in capacities from 8 to 128 gigabytes, this USB key has a physical keyboard to enter your passcode and benefits from AES-256 encryption for reliable security.
Sold by Amazon
portable ssd samsung t7 touch
If you have large amounts of data to protect from prying eyes, there’s no better choice than this fingerprint-protected option from a major manufacturer.
Sold by Amazon
SightPro Laptop Privacy Screen
This premium privacy screen ensures no one sitting to your left or right can see what you’re doing, and it also reduces glare.
Sold by Amazon
Gryphon AC3000 Wi-Fi Router
More than most routers, it lets you fine-tune your network security settings, control individual guest access, and manage guest networks to protect your home PCs from intruders.
Sold by Amazon
Sign up here to receive the weekly BestReviews newsletter for helpful tips on new products and great deals.
Chris Thomas writes for BestReviews. BestReviews has helped millions of consumers simplify their buying decisions, saving them time and money.
Copyright 2022 BestReviews, a Nexstar company. All rights reserved.