Modern technologies have made our lives much more comfortable, but even with them, we are constantly striving to simplify everything possible. Each of us wants to surf the Internet as conveniently as possible, manage smart devices at home, send messages in instant messengers, and the like. But more often than not, “simplification” and “comfort” are synonymous with insecurity, which cybercriminals will definitely want to take advantage of. Hackers have at least 5 directions (collected by British programmer Alicia Sykes) in which they can try to hack ordinary Internet users. But each can be quite simply protected, while not greatly complicating your life.
💡 This article was created for ordinary people, but some points can be useful even for experienced users – these are marked with white markers. The main thing is not only to know the rules, but not to be lazy to put them into practice.
Authorization
In 2021, about 61% of organizational breaches were due to stolen or weak passwords. [источник]. In the segment of ordinary people, the share of such hacking is clearly no less, so authorization is the first and main vulnerability of any ordinary user that needs to be protected.
- Create long and complex passwords
Short combinations of letters and numbers are easy to crack with a simple guess – you can check how quickly a powerful computer will declassify your password. You need to use a long combination with special characters and letters of different case – this one cannot be hacked or guessed.
- Don’t use the same password for different services
In practice, this is unrealistic, but at least do this with important accounts – if there is a leak in one of the sites (and they happen every 39 seconds[источник]), hackers will not be able to use the stolen data to access other resources. You can also subscribe to popular services that investigate major leaks and let you know if your Email is one of them: Firefox Monitor, Have I Been Pwned, and Breach Alarm.
- Set up two-factor authentication
This is when, after entering your login and password, you need to specify a one-time code sent by SMS, mail or in another way – even if an attacker finds out your account information, they will not be enough.
- Don’t use SMS for two-factor authentication
In theory, a SIM card can be replaced or intercepted, but this cannot be done with a special application (like Google Authenticator) or a hardware key. In addition, the SMS code depends on the signal – the message may be sent with a delay or not arrive at all if there is no connection.
- Do not save logins and passwords in the browser
They are not always encrypted, which means they can be stolen. It is better to use a separate password manager: BitWarden, KeePass or LessPass.
Internet surfing
In order to show the most relevant ads (in order to increase their click-through rate and therefore increase their income), most sites use various forms of tracking visitors, the most popular are cookies and the user’s digital fingerprint. The information collected is pretty accurate: developers see display resolution, monitor size, system language, time zone, fonts, and more—all of which can be not only frustrating, but also dangerous if it falls into the wrong hands (then the identity of the visitor will be quite easy to reveal).
- Do not install the first available extensions
Browser add-ons can see everything you do online. Therefore, it is extremely important to install extensions only from the official browser directory, and first look for information about it – if there are any complaints about it.
- Respond to browser warnings
All kinds of protection systems are built into popular browsers. If you see a warning about a danger when you open a web page or download a file, think twice about your decision. You can double check the site’s trustworthiness in Virus Total URL Scanner, IsLegitSite and Google Safe Browsing Status.
- Turn on incognito mode on someone else’s device
Private mode does not save history and authorization on sites – this is very useful, for example, on a work computer that someone else can use. But remember that this does not make you completely anonymous.
- Do not activate the translator built into the browser
When visiting a foreign site, popular browsers offer to automatically translate the page (for example, Google Translate is used in Chrome). It is not safe[источник]: When translating, Google collects all data (including login / password input fields) and information about the user.
- Include containers for different sessions
If you are both using a particular browser and using it for personal purposes, advertising platforms will be able to build your digital profile in more detail. It is better to separate this: for example, using Firefox containers, trite different browsers for work and personal purposes, as well as using profiles in Chromium browsers.
This is one of the tidbits for hackers, because with it you can reset passwords on other sites (that is, access them), send spam and steal personal data.
- Have important and secondary email addresses
The more places you put your email in, the more likely it is to be spammed, phished, and generally hacked. Create a separate mail for important services, which you will not specify anywhere else.
- Do not connect email to other services
By doing this, you personally provide incomprehensible to whom full access to your letters and their contents. Also, do not use various extensions to “simplify the work with mail.”
- Disable automatic download of remote content
Invisible beacons (pixel tags) are often built into email newsletters, with the help of which it is tracked whether the letter was opened, how long it was read, what system and browser the user has, IP address, and so on. You can get rid of this surveillance by disabling automatic downloading of content from remote sources.
- Switch to secure mail
Many popular services have a bad reputation: Gmail was caught giving third parties full access to users’ mail[источник] and tracking all their purchases[источник]and Yahoo scanned emails in real time for US intelligence agencies[источник]. Take a closer look at privacy-focused services: ProtonMail and Tutanota.
Computer and smartphone
Most of us constantly use a PC, laptop, tablet or smartphone – of course, attackers can bet on this and try to hack us through gadgets. Therefore, it is worth taking care of digital hygiene and interacting with devices in such a way as not to expose your back to cybercriminals.
- Trust only official app stores
This is a basic rule of the entire Internet, which should be followed at least with important applications for work and personal life – there can be viruses in the installation files from the Internet.
- Install system updates
In security patches and regular updates, developers are constantly patching up security holes that can be exploited by hackers. If you do not install them or use an unsupported device, you are at high risk of becoming an easy victim of cybercriminals.
- Avoid using third-party keyboards on smartphones
The keyboard can capture everything you type with it, so trusting a third-party app is not a good idea. It is best to use the built-in keyboard (or another, but from eminent IT corporations). And block her access to the Internet, unnecessary permissions and collection of statistics.
- Deactivate unused connections
If you do not use Wi-Fi, Bluetooth, NFC and other communication technologies for a specific period of time, it is better to turn them off. Several common threats are known to attack these particular protocols.
- Reboot your device regularly
For many years, there have been vulnerabilities related to memory security holes. Restarting the gadget (at least once a week) will clear the state of the applications cached in it.
Human factor
As you know, the biggest threat to a computer and any system is its user. It is a person who most often downloads malicious applications, falls for the tricks of scammers, and personally weakens security. Therefore, you need to remember the often banal, but still important rules.
- Check your incoming emails
It is not very difficult for attackers to spoof emails and impersonate someone else. If an Email arrives with a request to do something related to confidentiality, you need to double-check it for authenticity – at least carefully look at the sender’s address and the link inside.
- Don’t trust pop-up notifications
Fake banners are a popular hook for users among cybercriminals. You should pay close attention to suspicious notifications, especially if they mention a virus or the need to update your password.
- Pay attention to app permissions
When launching a new game or program, do not immediately agree to all requests – often applications may require access to things that do not concern them at all (for example, a camera or GPS).
- Use virtual cards to pay online
With each entry of your bank card details on websites, the likelihood of theft of funds from it increases. This can be easily avoided if you issue a separate virtual card and transfer exactly as much money to it as you need to place an order right before buying.
- Encrypt your backups
Recovery files can serve not you, but attackers – if hackers get access to them, all your saved data will be at the disposal of cybercriminals. Encryptors come to the rescue, which can be applied to flash drives, the devices themselves, and even to the cloud.
Source: Trash Box
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
