In today’s (striped) world dominated by social networks and online shopping apps, we are constantly at risk of falling victim to personal data leaks. And now it’s time to think about cyber hygiene, that is, the formation of good habits about cybersecurity. Yes, it turns out that many people on the Web are trying to be more careful while we awkwardly leave our emails, debit card details, and address all over the place.
Leaked stories no longer resonate with society, a serious problem that any user can solve on their own. It’s time to understand that we are responsible for the security of our own data.
An information security expert said in a special The Fashion Vibes article what everyone can do to stay as safe as possible from such leaks.
Oleg Sedov, information security specialist at Rostelecom-Solar
Tip 1: Evaluate whether you really need to drop your data
Marketers try to lure us into their networks by promising spectacular (and sometimes not) discounts and promotions, the best (and sometimes not the best) terms of service, free options (sometimes irrelevant).
Each time you sign up for a loyalty program or a resource, objectively evaluate whether you are truly ready to exchange your data for company benefits.
Tip 2: Leave the minimum required information
What does the company really need to serve you? If your sports club identifies your apartment number, ask: How will they use this information? You have the right not to provide unnecessary personal data and to request sufficient explanation. After a direct question or request to call management, company employees do not insist on completing all fields in the questionnaire.
Tip 3: Get an alternate mailbox
We recommend creating a separate box to sign up for loyalty programs or resources that are not critical to you. Hackers hacking Horns and Hooves LLC, where you once bought horns or hooves, function from more critical sources (Utilities, social networks, etc.) and thus log into your account.
Tip 4: Avoid primitive passwords
One of the common causes of data leakage is weak user passwords, not a bad security system within the operator company. Hackers break into personal accounts, take information and use it for their own purposes.
A simple mantra: at least 8 characters and each resource has its own password.
We don’t get tired of talking about it, and users are already tired of reading it. However, the password “123456”, which took the first place in the list of the 100 most insecure passwords of the year for several years in a row, is used by approximately 17% of users. In second place is the word “password”, and other popular passwords are not much more difficult: qwerty, qwerty12345, etc.
Tip 5: Protect your smartphone
How much important information is stored in smartphones! However, by setting a pin code to protect the phone, users again turn to primitive options. The most popular combinations:
1234 1111 0000 1212 7777 1004 2000 4444 2222 6969 9999 3333 5555 6666 1122 1313 8888 4321 2001 1010.
You can hack 26% of all smartphones with a simple search from this list.
Be creative, find a more interesting combination. It is easy for you, and if you lose your smartphone, it will be more difficult for attackers to hack the device.
Tip 6: Draw keys permanently
Now, remember your graphic key (some kind of password to lock the screen. note. ed.). And now some statistics:
• 44% start from the top left node;
• 77% starts in one of the four corners of the screen;
• in most cases, a graphic password consists of 4 nodes with less than 1624 combinations;
• most of the time the key is entered from left to right and from top to bottom, which greatly simplifies selection.
How many matches? It looks like this is an opportunity to reconsider your approach to generating a key.
Tip 7: Use Dual Authentication
One of the best ways to protect yourself from theft is to install a second lock. Also on computer systems: We strongly recommend using dual authentication on all services whenever possible. Especially when it comes to online banking, utilities, mail, on which critical accounts depend.
It is especially effective if the second authentication channel is fundamentally different.
For example, a push-button phone with no network access, where you only get access codes.
Cybersecurity has an unwritten rule: Appropriate is insecure.
Therefore, we’ll add one more tip here: Your new push-button phone should not be kept in the same bag as a laptop, tablet or smartphone. Attackers who get hold of the bag will instantly get all the keys to your digital life.
Tip 8: Don’t Trust Your Browser
All modern browsers, such as Google Chrome, very carefully and persistently offer to save your data. In this way, the next time you will not have to smear your fingers in blood, you will again have to fill in the card number or passwords to the resources. Save your data and don’t waste your fingers. Browsers have vulnerabilities, hackers can use them and access stored information.
Tip 9: Clear your cache
Everyone has heard of cache. And about the fact that it needs to be cleaned like karma.
Just in case, a little theory: the browser cache is where temporary files are stored. In other words, the next time you visit the same page, the images will not be downloaded again and the page will load faster.
As long as you use the internet from personal devices, you don’t have to worry about browser cache. However, this needs to be remembered when you need to use public computers.
If you opened the letter, the attached documents (passport scans) went into the cache. Don’t forget to clear your browser history and delete saved data when you’re done.
This is done simply: in the settings of any browser you will find the item “Clear cache”.
Tip 10: Use incognito mode
If you don’t want to leave traces on the browser, you can use the mode with the tracking function turned off. This mode does not save cookies, site data and browsing history, as well as information you enter in forms. This can be necessary when you need to quickly look at something from someone else’s computer or phone.
Don’t get too excited about privacy in this mode. Your actions in a private window are visible to the system administrator and Internet service provider, and can also be used by the websites you visit. Using incognito mode is more of a digital etiquette than a security measure. A good person leaves no trash behind, including digital.
Tip 11: Do not download free software from dubious sources
By questionable sources, we mean official software sites (software) or sites that are not associated with stores, such as the Apple Store and Play Market.
Any software is developed for the purpose of making money. It’s not always clear exactly how the free software you install on your phone is monetized.
You can then collect information that is sold to marketers and suddenly you see ads that are very relevant to you. Or worse, malware spying on you, collecting all the information you type, including passwords that you type on the keyboard or with which your device can be controlled.
Tip 12: Be suspicious of all incoming information
Phishing and phishing are the two most popular ways to cheat users, they differ only in channels. Phishing is letters and messages, vishing is calls. The content of the message always forces you to take a step: follow the link, give the access code, transfer money to a friend, watch a video from the category “wow, look what I found”, etc.
Do not immediately click on links or take actions you were persuaded to take.
Using a phishing link, you can “catch” malware that will collect all the data on the device and send it to the “command center”, then hackers use it, for example, to break into your accounts.
Attackers often try to steal your money, though, by creating fake payment forms, cloning well-known brands’ websites.
Attention, conscience and responsibility are our trusty whales in the global ocean of the internet. Be careful and take care of your data.
Source: People Talk
