How to protect your data from cybercriminals: detailed instructions
Tips for all occasions, from fraudsters to law enforcement surveillance or the interest of an overly curious ex-partner.
We all digitally store a lot of important data, and no one wants it to end up in the wrong hands. Danger can lurk anywhere. For example, you may be stalked by an overly persistent partner who tries to access your social media accounts. You could be targeted by burglars and crooks eager to get hold of your bank account. Or become a victim of police brutality if you simply participate in rallies and marches. In this guide we will show you how to protect yourself from such situations, or at least reduce your losses from them. Information security is just as important as the security of your home, because when a lock is broken, you immediately call a master from TOP Locksmith https://emergencylocksmithvancouver.ca/ in order to have a lock fixed quickly.
General rules
First of all you need to understand what you need to protect and from whom. It is worth evaluating how serious consequences are waiting for you in case of data theft. And to decide how much effort you are ready to make to prevent them.
Most importantly, don’t overestimate your threat. By using complex technology unnecessarily, you’re putting yourself at risk, because it’s easy to get lost in it. And because of a false sense of security, you can forget about simple but effective steps.
Keep your programs and applications updated.
Many cybercriminals exploit vulnerabilities in outdated programs, so check the version of your browser, PDF reader, and other utilities. With an up-to-date version, you are less likely to fall victim to attackers, because after new viruses appear, manufacturers make fixes to their product. Postponing updates is like leaving your apartment door unlocked.
The advice applies not only to individual programs. Don’t forget to update the router and modem firmware, as well as install operating system updates. And you don’t have to have the latest OS. Most often security updates are released even for previous versions of the operating system. But this does not apply to Windows XP, stop using it!
Use a password manager
Many people use two or three passwords for all their accounts, but this is very dangerous. It’s not so scary if your account at some music service gets hacked. But if you used the same password at an online bank, you could lose your savings.
To avoid having to remember dozens of combinations, install a special program that automatically creates complex combinations and remembers them for you – a password manager. According to researchers, people usually use too simple combinations that are easy to remember (and crack, too). So let a password manager create your passwords for you.
With it, it’s enough to come up with just one combination – the master password. But it has to be very strong. Forget about capital letters, symbols and numbers. It’s more convenient and secure to use a passphrase. This is a few words that are not connected in meaning, but easy to pronounce and remember. For example, a labeled dog.
It may seem unsafe to store passwords in a third-party manager. But it is unlikely that some super hacker will deliberately attack your password database. On the other hand, there is a very high probability that hackers will obtain the code you use on multiple services by compromising one of them.
There are a fair number of applications and services for storing passwords:
- 1Password,
- RoboForm,
- LastPass
- and so on.
KeePass is also worth checking out. KeePass has some important advantages.
First, it stores its data in its own file, not in the cloud. This is preferable to the cloud of the same LastPass, which has been hacked repeatedly. Second, KeePass is open source, so there’s much less chance of any “bookmarks” in it. And third, it is completely free.
And by no means use the browser’s built-in feature to save passwords. It’s very insecure. So just disable the browser’s offer to remember login information.
Set up two-factor authentication
Do this for all services where it’s provided – you can check it out at twofactorauth.org. But first for the most important ones – email, banks, and social networks. Go through the list and make sure you’ve secured all the services you use:
- Google;
- Facebook;
- Instagram;
- Twitter;
- Telegram;
- iCloud;
- Dropbox.
Now you will have to enter not only a password, but also a one-time code to log in to your account.
Keep in mind that the most common method – getting the code by SMS – is no longer considered safe. There were recorded cases when attackers substituted the delivery number of the message. And dishonest employees of mobile operators can create a duplicate SIM card with a fake power of attorney, or intercept the SMS.
So it’s better to use an authenticator app on your phone that will generate codes. The most popular options are Google Authenticator, Microsoft Authenticator and Authy. They work offline, which means you’ll be able to log into your account on your computer even when you don’t have a mobile connection. For example, when you are abroad.
But the most reliable option is an electronic key. This is a special device that connects to your computer via USB or Bluetooth. To enter the site, you will need to enter your password and insert this key. Without it, intruders will not be able to access your data. In case you lose your device, buy and set up a duplicate in advance.
Don’t use Flash Player
This is probably one of the most vulnerable programs on your computer. Fortunately, most services have stopped using it, so feel free to uninstall . Or at least change your browser settings so Flash doesn’t run automatically.
Install antivirus
If you’re using Windows 10, you already have built-in antivirus – Windows Defender. It may be enough, provided that you do not go to dubious sites and do not download suspicious files, but it is better to be reinsured. For macOS, there is much less malware, so it is not considered necessary to install antivirus. But you can still do it just in case.
Don’t forget about mobile devices. If you have an iPhone, you are quite protected. If you have an Android smartphone, install an antivirus program. This is where we wrote about the best ones.
Use an ad blocker
Sometimes it’s enough for attackers to lead a user to the site they want to get their data. So be sure to install an ad blocker. It will protect against malware embedded in ads and news. The most popular ad blocking extensions are AdBlock Plus and uBlock Origin.
Don’t install questionable extensions
Depending on their function, extensions can have access to a huge amount of your data, such as your browsing history. Or even change the way it is displayed to you. So choose your programs very carefully. Install only what you really need and only from the official browser store.
Use a VPN
When you connect to Wi-Fi in a public place (cafĂ©, airport, hotel), you share the network with strangers. And if an intruder is on it, he can intercept your data. Although the connection is safer now thanks to the spread of HTTPS, a VPN service still can’t hurt. With it, you first connect to a virtual private network, and only then to the entire Internet – this gives you an extra layer of protection.
Choose the right service and don’t forget to use it. Remember, however, that it’s not a panacea. A VPN will hide your IP address, but it won’t protect you from downloading a malicious file or reaching a phishing site.
- TunnelBear VPN
- HotspotShield VPN
Make copies of important files
If you’re afraid that intruders will destroy or block important documents, be sure to prepare duplicates. Ideally, do this offline and save copies to an external hard drive that is not connected to a computer.
Don’t give away too much information about yourself
For example, in any case, do not post on social media photos of credit cards or boarding passes. In general, try to report as little as possible about your life. Remember that social networking posts are accessible to all Internet users. There is a risk, even if you have a closed profile. People you used to know, or people you’ve stopped talking to, but haven’t deleted from your followers, may well take a screenshot and pass the information on to third parties.
Also think about the data you share unknowingly. For example, your approximate address can be guessed from the routes of your runs noted on a running app, or from geotags on Twitter. Other information can then be found using such information. The more data an attacker has, the more likely they are to try to access your accounts.
Be careful when opening attachments
Anti-viruses don’t always detect a threat in them, so don’t forget about common sense. Ignore documents and links you receive from people you don’t know. And if you really want to see what’s there, remember to take precautions: open files in a browser, or save them to “Google Drive”. The main thing is to keep the file from getting on your computer.
Another option is to install a second operating system in a virtual machine that will not have access to your primary operating system, and open suspicious files there.
Install Linux
Linux is much more secure than Windows or macOS. It’s free of telemetry and doesn’t try to spy on the user. Linux is open-source, which means that there will be no “bookmarks” there from the developers. Finally, there are far fewer viruses and other malware in this family of operating systems – due to the low popularity of the systems.
So, if you want even more privacy, install Linux. Popular distributions like Ubuntu or Linux Mint give the developers much less information about the user than Windows, but they still have telemetry. So it is better to prefer Debian or, ideally, some specialized version like Tails OS or Whonix.
And you can leave Windows on an adjacent disk partition, cutting off its access to the Internet, and use it only to run programs that Linux doesn’t have.
