14 Essentials Steps to Protect Yourself From Cybercrime
Protect yourself from cybercrime
The threat of cybercrime is always on the rise. Whether its risk to your privacy, finances or reputation, you should take steps to protect yourself from cybercrime. Each section focuses on a specific set of controls that you can implement to protect your data at different points in its life-cycle. Learn how to protect your
This information in this guide has been adapted from international guidance for organisations and my own experience. By following these 14 simple steps, you will drastically reduce the likelihood that you will fall victim to cybercrime.
For advice and guidance on how to protect your personal data from being collected, please see my separate guide Take Back Control of Your Privacy.
Protect your Accounts and Identity
The vast majority of those with online accounts put themselves at risk of identity theft and fraud.
As we continue to move more and more of our lives online, an increasing amount of information about us presides online in the public domain. This information can be used by criminals to steal your identity and impact you and your family financially. Here’s what you can do to protect yourself from cybercrime.
Use a unique password for every account
When a company you use experiences a data breach, your username and password for that site become public knowledge. Having a unique password for every account means that one compromised account doesn’t mean all your accounts can be compromised.
Make sure your passwords are at least 12 characters in length and try to use numbers and symbols in addition to letters. If you find your passwords hard to remember, then consider using a password manager like Dashlane (6 months free premium then free forever) or KeePass (free forever).
Limit the personal information you put online
The more information a hacker knows about you, the more successful they are at stealing your identity and accounts. Making it harder for hackers to find your full name, address, phone number, email address, and school limits the possibility your information is used against you
The first step you should take is adjusting the privacy and security settings of your social media accounts, and in particular, making them only accessible to your friends and followers.
Monitor your bank statements and credit report
At some point, your protections may fall short. The earlier you notice problems with your transactions and credit, the higher the likelihood that your bank can reverse them.
Monitoring your transactions and credit seem like a daunting task, but there are many companies set up to provide free monthly credit reports that are updated every month. Some credit agencies even offer an identity protection service where they take on the burden of monitoring and reversing fraudulent transactions for you. Experian or obliged to provide you with a free credit report, and apps like Yolt allow you to see all transactions from all accounts in one place.
Device Protection
Hundreds of vulnerabilities in applications, operating systems and firmware and discovered every day. These are the first steps in protecting your devices from being exploited.
Install updates when they become available
It may seem like your software company is just out to inconvenience you when you see the “new update available” popup; however, the majority of updates contain patches to security holes that hackers have been exploiting. Updating your operating system and software can automatically provide you with protection against the newest attacks.
Use anti-malware tools
For the everyday user that is just visiting Google, Facebook and Amazon, the built-in anti-malware in Windows 10 is more than sufficient. On the other hand, if you’re browsing off the beaten track and opening any file attachments in your email, then its time to move to a top-performing anti-malware tool that can spot abnormal software behaviour and take action.
Encrypt and secure
If someone stole your bag containing your phone and laptop, what would stop them from removing the hard drive and copying all of your data, only to access all of your online accounts? Encryption. Make sure to turn on encryption on your devices and use a complex, strong password that is not written down anywhere.
Secure Browsing
The Internet has given generations of people unparalleled access to information. It has also given organizations unparalleled access to your information. Here’s what you can do to stop them.
Bulk up your browsers defences
Use a popular supported browser such as Firefox or Chrome. Install HTTPS Everywhere add-on to ensure that you are using the best encryption offered by a website when connecting to it. Use an Ad-blocker like uBlock Origin to stop malicious ads and popups. The NoScript add-on will block unwanted code from running on untrusted websites. These three add-ons will considerably increase the security of your browsing.
Don’t store passwords in your browser
Browsers are not designed to be impenetrable as they have to interact with other devices and run a vast array of different code. Password managers, however, are solely designed to be impenetrable. Use a password manager instead of storing your passwords in the browser.
Maintain safe browsing habits
The most important thing anyone can do is be aware of the dangers they may face on the web. Know how to look for a phishing email, always check the URL of a link before you click it. Know how to stop the difference between https://www.linkedin.com and http://www.Iinkedin.com. There are two differences in there that could lead to the compromise of your data and devices.
There is a lack of encryption for a popular website (No HTTPS), and the L at the start of LinkedIn has been replaced with a capital I, this link actually leads to https://www.inkedin.com. Phishing attempts are usually a lot poorer than this, so you should be able to notice them if you are vigilant.
Network Security
Your devices and data reside on your network. Discover what you can do to bolster the protection your network has from malicious intrusions.
Protect access to your network
Change your SSID to something other than the default name. Having a default name can let an attacker know the make and model of your device. Make sure you have a complex password for accessing your wireless. Wireless passwords can be brute-forced if weak. Disable remote access to your router from the internet. This removes the risk of your wireless router from being attacked from the internet.
Encrypt wireless traffic
Make sure you’re using WPA2 + TKIP encryption and password exchange. There should be a simple option under security settings to enable this in your wireless router. If this option is not present, it’s time to upgrade. It may be possible to ask your ISP for an up-to-date replacement.
Keep your network devices secure
Just like your phone and computer, you should update your router as often as possible. The most common network attacks stem from unpatched network devices.
Destruction and Disposal
Your personal and financial information still resides on devices and storage peripherals whether or not it has been deleted. To protect yourself from cybercrime, you need to know how to irretrievably destroy your data before it is used against you.
Whether you’re trashing, selling or giving away a device that has had your information on it, you must securely erase your data first. This may seem as easy as just deleting the files but deleting files only deletes the reference to the 0’s and 1’s that make up your data. The data can still be retrieved and used. In fact, media sanitisation company Blancco found that 48% of used hard-drives purchased still had personal data residing on them.
Erase your phone
iPhone Go to Settings > General > Reset. Confirm your erase and wait.
Android Enable encryption by going to Security > Encrypt phone. Wait for the phone to finish encryption. Next, perform a factory reset by going to Backup and Reset > Factory data reset.
Erase your laptop
Windows doesn’t have a foolproof data erasure tool, so you’re going to need to use a third-party tool. Darik’s Boot and Nuke (DBAN) has long been the favourite tool of many a systems administrator for its military-grade erasure and open source development.
macOS Apple has included a standardized erase feature in their macOS operating systems.
Following these steps will protect you from the vast majority of cyber-attacks, but remember to stay vigilant when downloading emails and attachments. For advice and guidance on how to protect your personal data from being collected, please see my separate guide Take Back Control of Your Privacy.