The internet: all fun and games and virtual reality porn and ignored Candy Crush requests, until someone steals your identity.
The rise of social media means people are making more personal information public than they ever have before. Even if you think you’re only sharing funny memes and artful wardrobe flatlays, more serious details can easily be unearthed by a devious digital scammer.
Hacks of major companies like Yahoo make it clear that privacy should be prioritised, whether you’re a digital native or still trying to figure out what a/s/l means. There’s no time like the present. October is Cyber Security Awareness Month, so let’s brush up on some of the most important ways to protect your online identity.
Limit Your Exposure
The best way to keep your private information private is to… keep it private. Imagine what you’d tell a kid who is just starting to find his way online. Don’t put your phone number, address, or birthday on any social media profile. Don’t mention where you work or go to school. Don’t accept friends or followers you don’t know in real life. Don’t announce that you’re backpacking through Peru for a month, so your apartment is empty and waiting to be raided. Even posts you “like” can offer clues to your location or identity. Be selective in what you share, and whenever possible, lock down your privacy settings so your info is not publicly available.
Strengthen Your Passwords
The importance of creating strong passwords is hardly new advice, but it remains essential and too often ignored. The ideal password goes beyond a few letters and numbers (because you are using both letters and numbers, right?). Throw in symbols. Use uppercase in random spots. Deliberately misspell words. Swap numbers for letters. The best passwords are random strings of characters and never used twice. If that’s too difficult to remember, use a password manager like LastPass to keep track of your login information.
Enable Two-Factor Authentication
Wherever possible, use two-factor authentication. Hackers and their computer algorithms become better at uncovering passwords all the time, so the more layers of security you can add, the better. Two-factor authentication requires you to enter not only your password, but also a second form of ID verification (like a randomly generated pin number texted to your phone) in order to access your profile. It will feel tedious, but the extra hurdle makes it much harder to be hacked.
Set Up Login Notifications
Some services provide this automatically, others require it to be enabled. Always set up login notifications if they are available. You will receive an email or a text message any time an unrecognised IP address attempts to log into your account. Think of it as the internet version of your bank’s fraud detection programme. You may not be able to prevent a breach with login notifications, but knowing quickly can help you minimise the damage.
Trick The Security Questions
Honesty goes out the window when it comes to security questions. Treat them like your passwords – deliberately misspell, replace letters with numbers, mash phrases together to form a single word. You can also give the wrong answer entirely, as long as your memory is good. From now on, your mother’s maiden name is “ZiggyStardust.”
Stick With HTTPS
One letter could mean the difference between staying safe and being hacked. Check for the S in ‘https://’ – it stands for “secure.” A suite of the most vital online services (Google, Facebook) only allow you to connect via an HTTPS connection, meaning any data exchanged between you and the service is encrypted. Do not share sensitive information or make online payments without that S. Pro tip: public wi-fi hotspots often lack it.
Monitor Your Bank Account
Conduct regular checkups of your bank account, credit card statements, and credit report. You’ll want to know as soon as possible if any unfamiliar transactions have been made, or if accounts have been opened under your name without your knowledge. If you see any potential signs of fraudulent activity, don’t hesitate to start making phone calls immediately.
Encrypt When You Can
Encryption is a powerful tool for keeping valuable data safe – whether you’re transmitting it over the Web, backing it up on a server, or simply carrying it through airport security on a laptop. Encrypting your data makes it unreadable to anyone but you and its intended receipient. You’ll need a password – a strong one – to encrypt the file and decrypt it later when you want to view it again. No password, no access. Research encryption to learn where it can be used (probably more often than you think) and what software already has the functionality built in.
Secure Your Wireless Network
That wi-fi network you cleverly named ‘It Burns When IP’? Make sure it’s secure and not just witty. Using a password reduces the likelihood of fraud and identity theft. An open network allows anyone in range – including a scammer – to connect to your router. A skilled cyber criminal can glean access to sensitive information and build a detailed profile of you based on your browsing history.
The bad news: phishing scams use a variety of methods to pose as a trustworthy entity in order to obtain your personal information. The other bad news: there are tons of different kinds, and they get more sophisticated all the time. The good news: vigilence can keep you safe. Educate yourself about common phishing scams and learn to recognise deceitful emails and websites. Never open attachments or links from a sender you don’t know (better yet, don’t open the email at all). Be wary of requests for info like credit card numbers, bank account numbers, and social security numbers. If in doubt, call the institution to confirm validity.
Update Your Tech
Keep your devices up to date. Hackers can more easily exploit known vulnerabilities in the older versions of software, so update whenever you’re prompted to do so. Using the latest editions of your computer or phone operating system, browser, and apps guarantees that you have the most current security measures in place.