In 2021 we’ve discovered how important cybersecurity is. Last year, online scams and frauds have increased substantially. You cannot operate a business or have a job without an online presence. New technology has unlocked amazing potential for the human race to achieve new things, but it has also introduced unparalleled problems and new risks. I’m going to break down the way to avoid these online risks and go over the many ways to keep your data safe. I’ll be breaking down security for passwords, personal information, and online activity.
Every day you log on to your computer or use your phone, you are allowing a company, a government, and potentially a hacker to track your information. This is not meant to scare you, this is just meant to share the reality of online activity. Online activity by nature will open you up to online threats, the key is being responsible with your digital footprint.
How Real is the Risk?
If you are someone who just has a Facebook account and email, then you’re usually fine as long as you have good passwords. The security of Facebook and most email clients has been free of any data breaches and will be that way for years to come. That’s not most people though, most people have over 50 online accounts that all use the same password. This is obviously a huge risk because if someone gains one password, they could at the very least log in to your account and at worst steal financial information. Luckily, you don’t have to be afraid. There are so many easy things you can do to protect yourself online that don’t require all that much work. First, check if your email has been compromised on haveibeenpwnd.com
Risk 1: Stolen Passwords
This is the most common online security threat. Every week you’ll hear about a new data breach. Up until recently, you would never know that your information is available on the dark web. Nowadays there are dark web scanners that let you know if your information has been stolen. If your password and username is just sitting there on a dark website, it may take some time for hackers to get to your account and try logging in. This gives you time to react.
Even if a hacker has the password to your yahoo.com account, it’s not like yahoo is going to sit there and do nothing. They immediately get all of their users to change their passwords. The hackers can do other things with your email and password though. Usually they’ll try amazon or Facebook and see if they can get into these common platforms. This is the most common way passwords are stolen and used. I have a friend who keeps having to create a new Facebook account password, because they kept using the password that was available on the dark web to hack the account. Now what can the hacker do with their Facebook account? Pretty much nothing. Also, since they hacked the account from Argentina, Facebook realized something was up and shut it down immediately.
If you remember though, about 5 to 10 years ago it was incredibly common for your uncle to send some weird link to everyone on his page. This would be a spam attack meant to hack as many accounts as possible. These types of attacks don’t happen as much anymore. There are also fake accounts that are pretty common, but even those are getting weeded out since you need a phone number to sign up to Facebook most of the time.
How to Protect all of your Passwords
Let’s go over the best way to protect your passwords. As with anything, you can go as deep into the security as you want and it will increasingly get less convenient. This method strikes a balance between convenience and security.
You’re going to have to use a password manager. There are three password managers that I’ll recommend: Dashlane, 1Password and LastPass. They will all work the similarly.
The advantage to these password managers is that they rely upon a technology called digital encryption. For those who don’t know how encryption works, it basically scrambles the data that gets stored so that no random person can interpret it if they get it. Your password “password123” would instead be stored as “zJYjkaxSMPnyY2qQRJ”. The only way to decipher that password is with the encryption key. In this case it would be your master password. Apple also provides a free password management system for their users. So if you mainly use Apple products you can use this service. You’ll have to decide how much you trust apple’s security. Up until this point it has been pretty good. They even refused to create a backdoor in their device to assist in a domestic terrorism case. However, putting all of your eggs in one basket is never a good idea. Apple also uses end to end encryption that only you can unlock with your password.
The ideal situation for using a password manager like Dashlane or Apple’s is to use it to make a separate password for each service you use. Their password generator can also manually make an unguessable password. The only way these passwords can be used is by accessing your master password. Ideally you should create a strong master password you have never used before that you can remember. You could also write it down somewhere if you have trouble remembering it. Just be aware that someone could potentially gain access to it if it is written down. Now the other alternative is to just make each password you use slightly different. The problem with this is that it can be very hard for a normal human to remember all of those passwords. The main point is: you want all of your passwords to be different so that no person can get access to everything at once.
The only downside to these password manager apps is that they do have a potential weak point if someone gains your master password, but it is up to you to keep that safe. Apple products now also include regular scans of password leaks to inform you of a compromised password. Dashlane does the same thing if you are on a PC. Google has also started offering this in their saved passwords section. You really don’t have to go out and change your password on everything unless the site contains information that could be used to harm you or someone else.
While you’re going through your passwords and changing them. You might as well start deleting accounts you don’t use. Why leave random traces of information on a server and forget about them? Once you’ve done this you’ll be extremely safe from hackers. But what about government entities and private companies that want your data?
Risk 2: Your Data Privacy
Your data is valuable. Many “free” services are simply in the business of selling your data. On the surface it might sound sinister, but the purpose of it is usually for advertising dollars to be spent well. If you sold something like high end stereos, wouldn’t it be great to be able to only spend your ad dollars on people who liked stereo equipment? This is what most companies do with your data. The problem is that it has gotten a little bit out of hand. There is even speculation that Facebook is listening in on your phone’s microphone. This hasn’t been proven. However We can definitely tell that they want as much data as possible.
If you’re like me, you value your privacy. You shouldn’t have to worry about your every action being tracked online, so there are a few ways to fix this.
Disable Tracking Cookies
The most common way to be tracked online by Facebook or other companies are tracking cookies. In fact there has recently been much controversy surrounding third party cookies. A third party cookie allows a company to track what actions you take on other websites. If you have ever seen a GDPR cookie consent popup, this is the EU’s new privacy requirement. They are telling you that your data will be shared with other companies (most notably Facebook). However Apple is now attempting to stop the use of third party cookies with their browsers. This has created a major backlash from Facebook. There are also extensions from the chrome web store that allow you to do the same thing. Should you worry about cookies? Probably not. It can be spooky to see suggestions from advertisers based on your past web activity, but this isn’t usually compromising information.
You probably don’t need a VPN
One of the most common selling points of VPN companies is protecting your data from companies who are spying on you. However, there is a simple technology on the web known as HTTPS. You’ll notice we use it on our website. 99% of all websites use it. HTTPS is a simple encryption service that makes it impossible for anyone to spy on your online activity. Hackers and ISPs can only see the website name, but cannot see the content of your activity online. This means they can’t see what you search, your passwords, your info or anything else. Sure, there are reasons for hiding what websites you visit from ISPs, but that’s not usually a concern for most people. Even if you get a VPN, you’re still just choosing to share your website visits and IP address with the VPN instead of a regular ISP. If you are in a country that doesn’t allow certain websites or want to watch region locked content, that could be a legitimate reason to use a VPN.
Decrease your Digital Footprint Online
Unfortunately any human who uses the internet at anytime risks their data being stored in a million different places. This can be bad especially if something like your home address is available online. Why on earth would anyone want their home address accessible online? Yet most people don’t even know that the white pages lists their home address for all to see. To prevent this you’ll have to go through and manually remove those listings. A great list of services that could potentially list your home address and phone number together isHere.
If you’d like to stay safe and anonymous online, there is no one size fits all solution. It greatly depends on what kind of information of yours is available online. If you mostly just use social media and email, check to see if your data has been compromised and use a password manager to create new passwords for each service. Everyone should also google themselves to make sure there is no compromising information that comes up on the search. If you’re concerned that Facebook is selling your information, then you’ll just have to avoid using them as a platform. There are privacy friendly search engines like DuckDuckGo that make it easy to be anonymous online.