Keeping Your Facebook Account Secure

Thief with laptop

In today’s world, bad actors are constantly trying to hack all of our accounts, and Facebook is no exception. In case you missed it, check Tech-Talk.com’s article suggesting ways to keep your account secure.

Would you like to get tips like this delivered straight to your inbox? Head to https://bit.ly/egtechtalk and sign up to receive the weekly Tech-Talk newsletter.

Tips for Staying Safe Online

Man dressed as a thief with a laptop

It seems everywhere you look there is a new story about how criminals are using technology to steal your money or identity. Here are some tips to help guard yourself from the most common methods of attack.

Keep Your Hardware and Software Updated

Let’s face it, updates are a pain. Whether it’s Windows bullying you into stopping work for a restart or your iPhone begging for your iCloud credentials, updates always seem to initiate at the worst times. However, keeping up with updates is a crucial step in staying safe. Often, those updates contain code that fixes vulnerabilities that bad actors are already exploiting in addition to any new features.

Privacy Settings

Each platform (Windows, MacOS, iOS, Android, etc.) has its own series of tasks that can increase your privacy, and therefore security, on that device. Please note that increasing privacy may break some functionality. For example, if you turn off location access, you will be unable to use the GPS to get guided driving directions.

Wi-Fi Networks

Wi-Fi undoubtedly makes staying connected easy and convenient. Unfortunately, it is another avenue that can be used for attack. Here are some suggestions for staying safe when connecting to Wi-Fi networks.

  • Pick the right network. People with bad intentions have been known to create networks with names similar to those that people expect to connect to in an attempt to make you vulnerable. For instance, you could be in the waiting room at a medical office and see an open network called “Dr. Jones guest wi-fi” that seems legit. After all, you are here to see Dr. Jones. But maybe the official guest network is “Jones Medical Associates guest wi-fi”, which is also on the network list, but not the first one you saw. Connecting to the wrong network can give a thief full access to your device. When in doubt, double-check the network name.
  • If possible, only connect to networks with a password. While this does not guarantee security, it does limit who can connect.
  • Some devices have a feature that will allow you to auto-join open networks. Unless you have entered a password and saved a network, it is not a good idea to allow it to connect automatically. See this article for more information about how to disable auto-connection on different devices.
  • If you are on a public network, do not conduct any personal or financial business without using a virtual private network (VPN). A VPN encrypts all of your device’s traffic, not just internet browsing. Your workplace may already offer a VPN. There are free VPNs out there, but beware – many are worth what you pay for them. You can find many review sites online claiming they know the best VPNs to use, but two industry leaders for general use are ExpressVPN and NordVPN.

Multi-Factor Authentication

Have you ever been doing business online and the site sent a code to your phone or email to confirm your identity? That is multi-factor authentication. The first factor is your password. Some sites just want to make sure you are human, so they have you check a box or identify which pictures have an object in them. Other sites need to be sure the correct person is logging in to the account and use a more secure second factor. Common second factors include a code sent to a phone or email account, a fingerprint on the phone’s sensor, or a third-party program like Google Authenticator.

If you use a service that offers multi-factor authentication, turning it on will go a long way to securing your accounts. Privacy breaches can reveal your usernames and passwords, but it is exponentially harder, if not impossible, for identity thieves to fake the second factor. Yes, it is inconvenient to add a step to every single login, but it isn’t nearly as inconvenient as having your identity stolen or your bank account emptied.

Internet Browser Tips

My number one tip for browser security (besides keeping it updated) is to use the Duck Duck Go search engine instead of Google, Bing, or other searches. Duck Duck Go doesn’t gather your info like the other players. They provide a private, encrypted search and block trackers. Search is available on their website or via browser extension. You can even download Duck Duck Go as an app on your phone. Brave is a browser alternative to Firefox and Chrome that promises secure and fast browsing.

If you use Chrome or Mozilla Firefox to browse the web, you can add extensions to your browser. Extensions are like little apps that add functions and tools. Duck Duck Go has an extension for Firefox, but not for Chrome. Here are some extensions, most available for both Chrome and Firefox, that can help keep you safe on the web.

  • Privacy Badger blocks trackers, even if they are “invisible.”
  • HTTPS Everywhere encrypts your web traffic, making it tougher for bad actors to see it.
  • uBlock Origin blocks ads and other content that slows down your browsing.
  • AdBlock Plus is another well-reviewed ad blocking extension.
  • Multi-Account Containers (Firefox only) allows the user to separate traffic into containers, preventing cross-tracking. Not only is this useful to keep Facebook from seeing what you are shopping for on Amazon, but it allows a user to use different containers to login to different accounts on the same service. For instance, one could have three different Gmail accounts open in the same browser at the same time.

Other Browser Strategies

One safety strategy is to use one (secure) browser for banking, internet, and other work, while using a separate browser for shopping and visiting other “snoopy” sites. This keeps the services from “seeing” each other. No matter which browser(s) you use, you should clear your cookies regularly.

Got Questions?

If so, let us know in the chat or contact us at the library: 518-477-7476 or eglibraryinfo@eglibrary.org.

Have You Been Pwned? Find Out with This Tool

pwned

Data breaches and internet security are a big concern for many individuals, and with good reason. Large companies that have had their users’ information (such as email addresses, passwords and password hints) compromised include Adobe and Snapchat.

Luckily, there is a website, Have I Been Pwned?, which searches across various domains and known breaches to see if a particular email address or username has been compromised.  The site’s name comes from the gaming term “Pwned”, which is a twist on the word “owned” (defeated).  The exact origin of this term is disputed.

The website also can inform you if your information has been “pasted,” which the site describes as:

A “paste” is information that has been “pasted” to a publicly facing website designed to share content such as Pastebin. These services are favored by hackers due to the ease of anonymously sharing information and they’re frequently the first place a breach appears.

This website is a valuable tool to find out if your personal information has been compromised.  Check out this post for suggestions on strengthening the security of your accounts.

Pop Away from Popups and Other Unwanted Ads

securitykey

It’s happened to most people:  you’re browsing the internet, and suddenly a window pops up informing you that you need to update your software or maybe that you have a virus or perhaps one saying you’ve won a free iPad. Even to advanced computer users, some of these popup advertisements can look legitimate. How can the average computer user avoid bothersome popups?

Luckily, makeuseof has written a helpful article with some helpful tips on how to avoid malicious popups and how to tell if they are legitimate.

The author advises computer users to always check the URL in the address bar. Most software websites have URLs that are pretty straightforward. For example, if you are attempting to download Adobe Reader, the URL will be www.adobe.com. Try to avoid websites with super long web addresses. If you want to view the URL for a website, move your mouse over the link before clicking on it and the full URL will be displayed in the status bar near the bottom of the screen. Google will display the full URL of the search result in green below the link name. In the example below, the mouse cursor is on the link for the East Greenbush Library’s Wikipedia entry. Note the highlighted area near the bottom of the screen that displays the full link.

linkhighlight

 

Try to avoid pages that are full of text and advertisements. If you are still unsure if a download link is safe, check out a site like File Hippo, which is an aggregate site that contains mirror downloads of many popular programs like Adobe Reader and Java. On a related note, try to avoid the Google-ad results, which are usually the first few results that appear in a Google search and are marked with a little yellow ad banner.

If you are mindful about looking at a link before you click on it, you may notice a common trend of link shortening, for example, tiny.url or bit.ly links. How are you supposed to know if those links are legit? There is a great tool called Unshorten.It. You can copy and paste the shortened link and the site will display the full link as well as a small screenshot of the site. There are also various other sites that preform a similar function.

Some other helpful tips mentioned in the article:

  • Install a good anti-virus program. Many have an internet security feature that will highlight suspicious links and block popups.
  • Avoid searching for things like free video games and free screensavers. These are a common source of malware and shady links.
  • There are various browser-specific tips, such as changing your homepage to one you recognize and blocking popups directly with your browser (these options are found in the browser settings).
  • If you are a more advanced computer user, you may want to use a browser extension such as AdBlock Plus that will block ads from appearing on a webpage.
  • The article gives you instructions on what do if you accidentally click on a popup or ad and seem to be stuck.

If you are still getting unwanted popups after trying the tips discussed in the article, you may have malware installed on your computer. If this happens, there are steps you can take to remove it. Check out makeuseof’s malware removal guide for more information.

 

MakeUseOf Has the Answers to Questions You Didn’t Know You Had

makeuseofStaying current with IT news, trends, and tips is a fundamental part of my job in the library.  While I get this information from a variety of resources, there is one website that keeps surprising me with helpful information on a variety of subjects of interest to me and the patrons I assist.  I’d like to take this opportunity to give a shout out to MakeUseOf, a free online resource with timely articles, reviews, and help guides for all things tech.  What really makes this resource shine is its ability to speak to both new and veteran users at the same time without confusing or boring either!

The home page at MakeUseOf displays headlines and teaser text for their most recent articles.  I find this layout somewhat chaotic, so I prefer to sort the articles by category before browsing.  Selecting “Topics” in the header menu will display the articles by category.  The “Answers” section leads to a user forum where registered members can ask and answer questions from the MakeUseOf community.  Check out the “Top List” section for “best of” lists for a variety of software and services on multiple platforms.  For in-depth technology guides, have a look at their “E-books” area.

As a registered user of MakeUseOf, you can earn points for sharing their content on social media, as well as participating in the forum, polls, and other activities.  Those points can be redeemed for rewards, such as entries in drawings for free hardware and software.  My favorite benefit of membership has been receiving the newsletter.  Each email has a few headlines with teaser text that can be easily scanned, with more information just a click away.  I have happened upon lots of very useful information in these newsletters that I didn’t even know I needed!  You can opt-in to the newsletter by selecting the social media icons at the top of any MakeUseOf page, and then selecting the blue “Email” button.

subscribeWhat do you think of MakeUseOf?  If you have another tech info source you love, please share it in the comments.