We all have computers and laptops, but are we doing all we can to stop our personal information from being stolen? In the US alone in 2013, internet-enabled scams mounted up to $574 million (£468m), and online payment card fraud reached $1.56 billion (£1.27bn) in 2012. We spoke to a professional ethical hacker who gives us his top tips to make sure you don’t fall victim to theft.
We got all our info from an ethical hacker who’s been in the industry for a few years in London, protecting software and information on a day-to-day basis. The job entails hacking into clients’ websites, networks, and phone applications to see where the weak points lie and recommending the best course of action to fix the holes. This is why we think you’ll find the following insider information useful.
Most modern-day breaches contain an element of what’s known as social engineering. An attacker plays on human emotions to perform an act. For example, clicking on a malicious email because it sounds like someone needs help, or opening the door to a secure building for a pregnant lady.
The most important advice is to never, ever use the same password twice. If one account is compromised, then all your accounts are compromised.
Do not click on any links in any emails, and always visit a website direct.
“Where were you born?” or “what’s your mother’s maiden name?” are two of the most common questions on websites to ensure your account will be safe from intruders in the future. These answers aren’t going to be the walls that will keep out any online attackers. This is because, if you’ve already divulged this information online, anyone could do some digging and find the answers they need. Don’t be afraid to make up some of your information if you can.
Don’t share personal information with any network or site unless they need to know for a very important reason. For example, if you’re signing up to a public Wi-Fi hotspot it will ask for your name, date of birth and address. There’s no legal requirement to be honest, so make it up – keep your real details safe.
The more personal information you share online the more your details are accessible to someone wanting to get their hands on it. Next time you’re on your social media account, make sure the information you share is minimal. Your family and friends will already know your phone number, birth date and email address, so there is no need to divulge this information. If your privacy is important to you, don’t give out your information freely. And, most importantly, don’t tell people when you go away.
On your Facebook account, head to the settings cog in the top right corner of the screen, click on Privacy Settings, then who can see my stuff, then click friends. This way only your near and dear ones should have access. With Twitter, go to the settings cog, then Settings. In this window, you’re able to change all kinds of privacy settings, including making tweets private so only people you allow to view your tweets can see them.
It can be possible for hackers to download spyware onto your device through apps. Before installing, be sure to check the permissions on the apps to ensure they won’t store any unnecessary personal information. For example, an app for a game doesn’t need access to your network info or contacts list. It’s better to be safe than sorry, and regularly update apps because they will check for security problems.
This is quite an important tip to use if you’re going to be using the same device as someone else i.e. your home computer, friend’s iPad etc. Chrome and Firefox keep a record of what you’ve searched for online, where you’ve been and the sites you may have visited. This information could be kept for a matter of days or weeks, and so without clearing the browsing history, it’s easier for anyone in contact with the desktop to steal your online activity record. Be safe, and clear it!
The most important anti-hacker products to use are: anti-virus software, which scans regularly; and an ad blocker, as this stops unnecessary items making their way onto your desktop. Some of the best antivirus software applications include: Norton Security, McAfee Total Protection, and Kaspersky Total Secure. It’s worth having a shop around to see which software program will suit your desktop best.
By using a password manager, all you need to do is remember one password (alongside a personal hint) which will allow you to keep loads of more complex passwords in a safe environment. An expert in the field says it can take a hacker up to two years to crack a complex eight-character password. So use those numbers and capital letters and it’ll help!
Worried you can’t remember your fake answers? You can create ‘accounts’ in your password manager apps just for this. Great, aren’t they?
It’s wise to set up two factor authentication (or 2FA) on all your important accounts. This is an extra layer of security that requires not only a password and username, but something else – something that you, and only you, have.
This second layer could be: a further piece of information only you know; a key chain or card reader; or biometrics security such as your fingerprint, voice or iris. By using a username and password along with a piece of information only you know will make it harder for hackers to get access into your personal information and steal it. Your bank may provide this for your online account, through hardware tokens alongside your card and PIN. Make the most of these!
To ensure you keep your devices safe, it’s best to install an anti-virus software, but be sure to constantly update when possible. Make sure you use the latest version of your web browser and be sure to install security patches and software updates once they’re available to you. Technology moves forward so quickly, so the more recent an update the better online protection you’ll have.
We’ve all heard at some point not to do online banking or other sensitive activities on a public Wi-Fi network. But why? Well, there are a few issues that could surround a public Wi-Fi network. The openness of the network can allow snooping, the network may have already been hit and be full of compromised machines, or the hotspot itself could be malicious.
Take a look at your bank and credit card accounts frequently; daily is best, as this will ensure you keep on top of any untoward transactions. You can sign up to alerts to be sent to your email or mobile phone for any unusual transactions. And it’s also recommended that you keep a look out for any public or credit information of yours online to spot unauthorized activity.
Make sure you familiarize yourself with your banks’ guarantee for fraud protection. Some large providers offer zero liability for credit and debit cards, while others offer free protection for online banking transactions. By checking with your bank before you use online banking, or before you even sign up with a bank, you’ll be covering all of your bases.