How to protect yourself from hackers and improve your cybersecurity

Protect your personal data against cybercrime

Cybersecurity is more important than ever for the average individual. A bad actor who gains access to your personal information can block you from accessing email accounts, withdraw money from your bank accounts, and even steal your identity. Don’t think this can’t happen to you, because it absolutely can happen without taking the right steps. Luckily, these steps aren’t too difficult.

What is piracy?

The Hollywood interpretation of hacking usually involves a person sitting in front of one or more computer screens, running esoteric programs and performing complex processes to gain access to secure systems.

Most hacks today consist of tricking the user or online systems into handing over their credentials or allowing illegitimate password resets. Some also rely on interception of sensitive data, called a man-in-the-middle attack. With that in mind, some relatively simple steps can protect your personal data from prying eyes.

How to stay safe from hackers

Keep your devices up to date

Download and install all security updates for your computer and smartphone as they become available. You may need to restart a PC several times and manually click the “Check for Updates” button in Windows Update to complete the process. Also check your smartphone settings from time to time to ensure that the latest patches are installed.

Do not share sensitive personal data

Only enter information such as your social security number and bank details on authenticated and secure websites. Do not include sensitive information in emails or text messages. Don’t tell anyone your login information, even if you’re talking to a supposed customer service agent. Websites store an encrypted version of your credentials and will probably never ask you for your password directly.

Be careful on public Wi-Fi networks

Any time you connect to a network that is not personally owned by you, you are potentially putting yourself at risk. Avoid sharing data wirelessly between devices on public networks, and be especially wary of unsecured Wi-Fi networks that you are unfamiliar with. One method of data collection is to start a seemingly innocent Wi-Fi hotspot, but secretly log all transmissions.

Use a VPN

A VPN essentially creates a tunnel between you and a remote server. The VPN software encrypts all data passing through this tunnel. At the other end, you will also be sharing an IP address with many other users, which will make it considerably harder to identify you on the Internet.

Enable HTTPS-only mode in your browser

Your browser encrypts data using the HTTPS protocol and enabling this setting forces the use of the protocol at all times. Your browser will warn you of any sites that don’t use HTTPS, which is a clear sign of danger if you suspect you’re accessing a legitimate site such as your online banking service.

To enable HTTPS-only mode, open your browser settings and enter “HTTPS” in the search field. In Chrome (and other Chromium-based browsers, including Edge), you’ll need to go to the security menu and select an option that looks like “Always use secure connections”. In Firefox, HTTPS-only mode is enabled once you use the search function.

Don’t mess with Windows security features

Windows Firewall, Windows Defender, and Windows Antivirus are all remarkably powerful tools to protect you from attackers. In fact, most experts agree that Windows’ built-in antivirus is the only one most consumers need.

Changing the settings of these programs can make it much easier for opportunistic hackers to take over your PC.

Beware of phishy emails

Ever since emails became widespread, hackers have used fraudulent emails to gain access to user accounts. This process, called phishing, involves sending a fraudulent email that claims there’s a problem with the recipient’s account, and they need to log in to fix it. The email offers a login link that looks legitimate but actually passes the user’s credentials to a third party. Giving the hacker full control of accounts inevitably leads to some kind of fraud.

To avoid falling victim to a phishing scam, always log into your accounts by navigating to the correct website using your browser and then logging in. Never connect directly from links in emails.

Do not download unknown attachments

This is especially true if you don’t recognize the sender. Even if you do, however, it could still be a spoofed email. If there is an attachment you don’t recognize, don’t download it. Even if you download but don’t actually run a nefarious attachment, some can still infect your PC or smartphone just by existing on the storage.

Use two-factor authentication

When you log into an account on the website and need to provide a code that is sent to your email address or phone, it is called two-factor authentication or 2FA. Most hacks involve a single set of compromised credentials, and bad actors are unlikely to gain access to multiple accounts of the same person (as long as you take the right precautions).

Note that different forms of 2FA provide different levels of security. SMS authentication is the least secure due to the unfortunately relative ease of SIM card spoofing, which can give a hacker access to your SMS. Email authentication is better, as long as your email account is not compromised as well.

Some services use smartphone app-based key generators, which are highly secure due to the encryption level of most phones. The most effective form of 2FA is the physical security key, a device that stores your personal encryption key on a USB drive.

Although two-factor authentication may seem tedious, it is one of the best ways to protect yourself from cybercrime.

Do not share passwords between sites

You probably don’t want to remember different passwords for each site you need to log into. Nobody wants you. There’s a simple way to do this while using incredibly secure passwords.

Use a password manager

You log into a password manager using an encrypted master password that you can remember but is hard for others to guess. Password Manager assigns a separate, complex password to each new account you create. This way you only have to keep track of one password for many services.

Each new password is encrypted against your master password, using a strong encryption method known as AES-256. On top of that, new passwords are randomly generated, long strings, so there’s virtually no risk of brute force hacking being an issue.

Yubico Yubikey 5 NFC

It’s the most comprehensive physical security available, and it supports the common USB-A connection as well as NFC connectivity for use with smartphones.

Sold by Amazon

Apricorn Aegis Secure Key 3NX

Apricorn Aegis Secure Key 3NX

Available in capacities from 8 to 128 gigabytes, this USB key has a physical keyboard to enter your passcode and benefits from AES-256 encryption for reliable security.

Sold by Amazon

portable ssd samsung t7 touch

portable ssd samsung t7 touch

If you have large amounts of data to protect from prying eyes, there’s no better choice than this fingerprint-protected option from a major manufacturer.

Sold by Amazon

SightPro Laptop Privacy Screen

SightPro Laptop Privacy Screen

This premium privacy screen ensures no one sitting to your left or right can see what you’re doing, and it also reduces glare.

Sold by Amazon

Gryphon AC3000 Wi-Fi Router

Gryphon AC3000 Wi-Fi Router

More than most routers, it lets you fine-tune your network security settings, control individual guest access, and manage guest networks to protect your home PCs from intruders.

Sold by Amazon

Sign up here to receive the weekly BestReviews newsletter for helpful tips on new products and great deals.

Chris Thomas writes for BestReviews. BestReviews has helped millions of consumers simplify their buying decisions, saving them time and money.

Copyright 2022 BestReviews, a Nexstar company. All rights reserved.

Previous Decade-old bugs discovered in Avast, the AVG antivirus software
Next 5 Best Debt Consolidation Options