It seems everywhere you look there is a new story about how criminals are using technology to steal your money or identity. Here are some tips to help guard yourself from the most common methods of attack.
Keep Your Hardware and Software Updated
Let’s face it, updates are a pain. Whether it’s Windows bullying you into stopping work for a restart or your iPhone begging for your iCloud credentials, updates always seem to initiate at the worst times. However, keeping up with updates is a crucial step in staying safe. Often, those updates contain code that fixes vulnerabilities that bad actors are already exploiting in addition to any new features.
- Instructions for Windows and Mac operating system updates
- Instructions for updated your web browser (Chrome, Safari, Edge, etc.)
- Update Android apps
- Update iOS apps
Each platform (Windows, MacOS, iOS, Android, etc.) has its own series of tasks that can increase your privacy, and therefore security, on that device. Please note that increasing privacy may break some functionality. For example, if you turn off location access, you will be unable to use the GPS to get guided driving directions.
- Privacy settings in Windows
- Privacy settings on a Mac
- Privacy recommendations for iOS
- Privacy recommendations for Android
Wi-Fi undoubtedly makes staying connected easy and convenient. Unfortunately, it is another avenue that can be used for attack. Here are some suggestions for staying safe when connecting to Wi-Fi networks.
- Pick the right network. People with bad intentions have been known to create networks with names similar to those that people expect to connect to in an attempt to make you vulnerable. For instance, you could be in the waiting room at a medical office and see an open network called “Dr. Jones guest wi-fi” that seems legit. After all, you are here to see Dr. Jones. But maybe the official guest network is “Jones Medical Associates guest wi-fi”, which is also on the network list, but not the first one you saw. Connecting to the wrong network can give a thief full access to your device. When in doubt, double-check the network name.
- If possible, only connect to networks with a password. While this does not guarantee security, it does limit who can connect.
- Some devices have a feature that will allow you to auto-join open networks. Unless you have entered a password and saved a network, it is not a good idea to allow it to connect automatically. See this article for more information about how to disable auto-connection on different devices.
- If you are on a public network, do not conduct any personal or financial business without using a virtual private network (VPN). A VPN encrypts all of your device’s traffic, not just internet browsing. Your workplace may already offer a VPN. There are free VPNs out there, but beware – many are worth what you pay for them. You can find many review sites online claiming they know the best VPNs to use, but two industry leaders for general use are ExpressVPN and NordVPN.
Have you ever been doing business online and the site sent a code to your phone or email to confirm your identity? That is multi-factor authentication. The first factor is your password. Some sites just want to make sure you are human, so they have you check a box or identify which pictures have an object in them. Other sites need to be sure the correct person is logging in to the account and use a more secure second factor. Common second factors include a code sent to a phone or email account, a fingerprint on the phone’s sensor, or a third-party program like Google Authenticator.
If you use a service that offers multi-factor authentication, turning it on will go a long way to securing your accounts. Privacy breaches can reveal your usernames and passwords, but it is exponentially harder, if not impossible, for identity thieves to fake the second factor. Yes, it is inconvenient to add a step to every single login, but it isn’t nearly as inconvenient as having your identity stolen or your bank account emptied.
Internet Browser Tips
My number one tip for browser security (besides keeping it updated) is to use the Duck Duck Go search engine instead of Google, Bing, or other searches. Duck Duck Go doesn’t gather your info like the other players. They provide a private, encrypted search and block trackers. Search is available on their website or via browser extension. You can even download Duck Duck Go as an app on your phone. Brave is a browser alternative to Firefox and Chrome that promises secure and fast browsing.
If you use Chrome or Mozilla Firefox to browse the web, you can add extensions to your browser. Extensions are like little apps that add functions and tools. Duck Duck Go has an extension for Firefox, but not for Chrome. Here are some extensions, most available for both Chrome and Firefox, that can help keep you safe on the web.
- Privacy Badger blocks trackers, even if they are “invisible.”
- HTTPS Everywhere encrypts your web traffic, making it tougher for bad actors to see it.
- uBlock Origin blocks ads and other content that slows down your browsing.
- AdBlock Plus is another well-reviewed ad blocking extension.
- Multi-Account Containers (Firefox only) allows the user to separate traffic into containers, preventing cross-tracking. Not only is this useful to keep Facebook from seeing what you are shopping for on Amazon, but it allows a user to use different containers to login to different accounts on the same service. For instance, one could have three different Gmail accounts open in the same browser at the same time.
Other Browser Strategies
One safety strategy is to use one (secure) browser for banking, internet, and other work, while using a separate browser for shopping and visiting other “snoopy” sites. This keeps the services from “seeing” each other. No matter which browser(s) you use, you should clear your cookies regularly.
If so, let us know in the chat or contact us at the library: 518-477-7476 or firstname.lastname@example.org.