If you’re reading this column, I’d say it’s a pretty safe bet that you’re at least a casual news viewer. Which means I know you didn’t miss the recent deluge of pictures of Americans stockpiling gas.
Americans up and down the East Coast rushed to fill whatever they could find—gas cans, giant barrels, even plastic shopping bags—with gas out of fear that gas would soon become as hard to come by as TP and hand sanitizer in a Target in April 2020.
When this story first crossed my feed, my first thought was that this gas crisis must be related to foreign oil policy, and I was only slightly surprised to find out that this gas shortage was caused by a ransomware cyber attack that targeted the Colonial Pipeline.
Cybersecurity has been front of mind across many industries over the past few years, but has become especially relevant in the past year with the challenges of the pandemic and the rise of remote work. In fact, data shows that cyberattacks have risen 600% as a result of the pandemic!
These figures are certainly striking, but there is a temptation to think that it’s just big corporations that need to worry about their cybersecurity. Think again.
We are all vulnerable to cyberattacks. After all, our bank accounts may not resemble corporate holdings or a philanthropy’s endowment, but our financial information and data can still be very valuable. Even the most basic data such as birth dates, phone numbers, addresses and email addresses can be used to steal your identity.
With many of us continuing to work remotely, we will likely be spending a lot more time online these days. So how can we protect ourselves and our information from cybervulnerability? Here are some tips for making sure that your personal and professional data stay secure and protected.
Know your data security status
The first step to taking charge of your privacy and security online is to know whether or not any of your data has been compromised.
Start with searching your email or phone number on a data breach search engine. Have I Been Pwned? is a good place to start. Despite the silly name, this site isn’t just for gamers, and it can be a great starting point to find out how secure your data may or may not be.
Don’t be too alarmed if you find out your data has been compromised. When I first logged on and searched my email, I discovered that it had been included in five data breaches! And here’s the kicker, they all were for sites and services I haven’t used in years. It just goes to show how vulnerable we are, considering how often we have to submit our email addresses to utilize certain services online, and the fact that so many sites and apps have our information saved.
Have I Been Pwned? also has a feature that allows you to search your unique passwords and determine if they have been compromised in any data breaches.
A Pew Research study found that 64% of Americans had personally experienced their information being involved in a data breach, or been notified that their personal data had been compromised. With the increasing prevalence and sophistication of cyberattacks, we can only expect this number to increase.
Given everything we’ve discussed up to this point, I could understand why you might feel reluctant to put your number, email and especially your password into a search engine that quite honestly looks like it was made by a hacker, but you can put those fears to rest.
The website was created with the intention of spreading awareness about privacy online, and as such takes great care with your data and has very robust privacy policies. Your information is only searched against a database and never stored, and only the first five characters of your passwords would be utilized to cross check data breaches.
Be familiar with your privacy policies
This brings me to privacy policies. Yeah, you know those long blocks of text that you have to scroll through and “accept” before you can access that new app that turns your photo into a grandma or tells you what dog breed you should adopt?
Well, news flash, you should probably be reading those. I know, we’ve all become quite desensitized to the point of clicking through as fast as we can. A study found that only 9% of Americans make a point to read privacy policies.
But in order to make informed decisions about how we protect ourselves online, we really have to know how and why our data might be utilized. Remember that the five data breaches that my email address was implicated in were for sites and services I no longer utilized.
Let this be a lesson that every app we download so that we can keep up with the Joneses and post a hilarious selfie to the ‘gram gets something out of the deal as well: our data. We should be mindful of how we share our information. Reading privacy policies may just remind you that many companies are using our data in ways that we might not willingly consent to, if we took the time to do our due diligence.
Consider a password manager
For a long time, I used a version of the same password for every account. And if that sounds like you, don’t worry, I’m not passing judgement… In fact, you’re definitely in the majority. A 2019 study found that two thirds of users have the same password for every account.
But, let’s be honest, most of us are probably tech-literate enough to know this is not a great idea. Another study found that 91% of internet users know that reusing a password is a bad idea, yet 61% do it anyway!
A password manager is a software program that creates unique, secure passwords for all of your accounts and stores them in one place, so you don’t have to keep track of many complicated passwords. Investing in a password manager is one of the best things you can do for your online security.
Using encryption, password managers can help keep your credentials locked down, so much so that they are considered to be 0% vulnerable to a “brute-force attack,” a common hacking tactic.
While there are free options for password managers, as is usually the case, you get what you pay for. Premium password managers are significantly safer than their free counterparts.
Here are some quick links to a few of the top password managers for 2021:
- Keeper
- LastPass
- Dashlane
Know the hallmarks of a phishing scam
All your digital preparedness will only get you so far if you are unable to identify the red flags associated with potential online threats.
Phishing scams are the most common ways in which we can be targeted and have our digital privacy violated and our information stolen. The frequency of these cyberattacks has risen significantly, more than doubling from 2019 to 2020 with 214,324 reported attacks.
But what is phishing? Put simply, a phishing scam uses an email or a text message that is meant to seem as if it came from a legitimate party, such as a bank or phone company, with the goal of soliciting sensitive personal information.
Here’s what to look out for:
- The message claims to be from a business, however, uses a public email address. (Verizon will never send you a message from a @gmail account.)
- A message informing you that your account has been locked, or that you have to click a link in order to change security or account information
- Typos: correspondence from legitimate organizations will rarely have obvious misspellings or grammatical errors.
- Offers that are too good to be true. Remember what Grandma said, if it sounds too good to be true, it is.
- Messages meant to create a sense of urgency. If your bank tells you that you must “act quickly or your account will be permanently frozen,” or that you will “miss out on a one time offer” these should definitely be red flags.
- Any message that seems to have the explicit goal of getting your phone number.
Honestly, these scams can be pretty sophisticated, so it’s important to always have your guard up, and approach any correspondence with a healthy degree of skepticism.
Beware of public Wi-Fi
I know, but what about your favorite cafe? The baristas are so nice, it must be safe there, right?
Well, in truth, it’s best practice to try to avoid using public Wi-Fi if possible. Why? Public Wi-Fi makes it easy for hackers to access your information and devices.
So next time you have to send a quick email from your laptop, you might be better off creating a hotspot with your phone than linking up to whatever nearby Wi-Fi network isn’t password protected.
Forbes writer and cybersecurity expert Danny Pehar published some great advice on the pitfalls of public Wi-Fi. It’s a must-read to be up to date on protecting your sensitive date while working out in the world.
Here are awesome great takeaways:
- Be wary of public networks, even if they seem to be associated with legitimate businesses. Anyone can call their network “Starbucks Public Wifi #12”
- If you have to use public Wi-Fi, avoid logging onto any site or app that contains your sensitive information, such as banking or medical records
- Turn off Wi-Fi when you’re not using it. This way your phone won’t accidentally connect to a sketchy hacker Wi-Fi network.
- Use a VPN. A VPN is an excellent way to protect your privacy online, both at home and if you are using a public network. A Virtual Private Network will create just that, a private work connection that masks your IP address and cannot be traced. If this sounds a little bit “spy movie,” just trust me, it spells privacy for you and your data.
Don’t share your phone number if you don’t have to
Lastly, you should treat online solicitations of your phone number like you would a creepy guy at the bar. Just don’t give it out.
Many scams are rooted in the simple attempt to get your phone number. It may seem innocuous, but your phone number can be used to access a ton of your personal information.
This is especially prevalent on online marketplaces such as Craigslist and OfferUp, where spammers will contact you with the express purpose of getting you to give up your phone number.
New York Times columnist Brian X. Chen consulted a cybersecurity researcher, who was able to use Chen’s phone number to access a ton of personal information.
Here are some of the information that your phone number could lead to:
- Home address, and past addresses
- Property ownership or history of property ownership
- Full names of family members
- Criminal records
So, it’s best practice whenever possible not to share your phone number online if you can avoid it.
With the many benefits of instantaneous connectivity come the inevitable pitfalls and trade-offs with our privacy and data security. But don’t resign yourself to the inevitability that your information is unprotected on the internet.
There are many steps you can take to keep your data and personal information safe and out of the hands of cybercriminals. It takes a little proactive maintenance, but trust me, the peace of mind of knowing that your information is secure is well worth the effort.
This article has been published from the source link without modifications to the text. Only the headline has been changed.