Essential Tips to Avoid Getting Hacked
Don't Get Hacked
Everyone worries about having his or her computer infected, identity stolen or online account hacked. The good news is that there are simple steps you can take to greatly reduce the chances of these bad things happening to you. Read on to discover simple ways to avoid being hacked.
Keep all your applications and your operating system patched and updated
This is the single most important tip here. Far too many hacks occur because someone hasn't updated Windows or Internet Explorer. Make sure Windows, macOS and iOS are always up-to-date with the latest patches, and that any applications that face the internet, such as web browsers and email clients, are also updated.
If a product is no longer supported, such as Windows XP or Internet Explorer versions 6 through 10, then upgrade to a newer version. If your device is too old to receive the latest updates, it's time for a new device. (Caveat: Many Android users can't update to the latest version of Android, because their device makers or wireless carriers won't let them.)
Put a PIN, passcode or pattern lock on your phone
Your smartphone logs right into your email and social-media accounts, your home Wi-Fi network, and possibly even your online bank account. It's got the names, numbers and email addresses of all your friends and family. You don't want some random person who picks up your phone to get all that information, do you? Lock your phone's screen — a six-digit PIN is better than a four-digit PIN, and an alphanumeric password is better than either.
Don't install 'off-road' Android apps
There's no quicker way to get your Android device infected than by installing apps from outside the official Google Play app store. Apps available in "off-road" markets are frequently pirated and/or infected. Do yourself a favor: Go into Settings, look for Security and make sure Unknown Sources is toggled off.
Don't jailbreak your iPhone or iPad
It's very rare for an iPhone to be infected with malware, because Apple's closed ecosystem is a fortress. So don't tear down the walls by jailbreaking your iPhone to run unauthorized apps. Otherwise, you'll be opening yourself up to the world of hurt that Android users face every day.
Install antivirus software everywhere you can
You already know that Windows machines need antivirus software, but did you know that Mac, Android devices and Linux boxes do too? Antivirus software may (or may not) slow down your machine a bit, but it will give you a strong line of defense against malware, phishing schemes and other threats from the internet or from USB devices. (We would recommend AV software for iOS devices as well, but Apple doesn't permit it.)
Get an iPhone if you can afford it
We love Android, but it isn't for everyone. Most Android users don't know, for example, that they — not Google, phone makers or cellular carriers — are responsible for keeping Android devices up-to-date and malware-free. They also don't know that Google doesn't do the greatest job in keeping infected apps out of the Google Play Store.
If you don't feel up to policing your own device and learning some technical details, then get an iPhone. Apple takes full ownership of iPhone security, and you won't have to worry. (Just don't jailbreak the iPhone.)
Enable two-factor authentication on every account
Two-factor authentication (2FA) will prevent an online account from being hijacked, even if a hacker knows your password. Without a PIN sent to your smartphone, he or she won't be able to get in. Apple, Microsoft, Google, Facebook, LinkedIn, Twitter, Dropbox and dozens of other services allow 2FA — enable it now. Here's an updated guide on how to turn on 2FA.
Remove apps you don't use
Not only do unused smartphone apps slow down your device, but they can also create unnecessary security risks if one or more of the apps has a hidden flaw. Delete what you're not using — your phone will be safer and run more smoothly.
Create a guest Wi-Fi network
If your Wi-Fi router allows it, set up a guest Wi-Fi network that has a different name and password from your main network. That way, visitors to your home can get online without gaining access to your computers, printers, phones and game consoles. Guest networks are also a great way to segregate Internet of Things or smart-home devices, which often have poor security, from your more valuable devices.
Use limited-user accounts
Windows and macOS each offer two kinds of user accounts. Administrator accounts can install, update or remove software, while regular accounts can't. Make sure your PC or Mac has only one admin account, and don't use it for anything but managing software.
Create regular accounts for all users, including yourself, and use those for all regular computer tasks. If malware hijacks a regular user account, it probably won't be able to do much to the rest of the computer.
Use a password manager
Passwords today need to be so long and complicated that you can't possibly remember them all. Let a password manager do the remembering for you. Some of these programs store your passwords online, while other keep them on your computer or phone, but all protect the password "vault" with strong encryption. All you need to remember is a single master password.
Segregate your online banking
You don't want to access your online bank account with the same browser you use to your check your email and surf the web. Instead, install another browser and use it ONLY for accessing your bank account and, maybe, paying bills online. That way, you'll minimize the risk of having your accounts cleaned out by banking Trojans that silently infect browsers. If you're especially paranoid, create a Linux live CD and boot your PC or Mac from that to do online banking.
Don't give out your Social Security number
Your Social Security number is the last line of defense against identity theft, because your name, address and date of birth are too easy to find online. Don't hand out your Social Security number willy-nilly, even at the doctor's office. The only people who really do need your Social Security number are your employer, your accountant, potential creditors and the IRS.
Check ATMs for skimmers
When you go to the cash machine, take a good look at it. Does it look different than it did last week? Grab the card-input slot — is it loose, or does it wiggle? If you answer "yes" to any of these questions, a card skimmer may have been installed. Tell the bank manager and use a different ATM.
Cover up the ATM keypad
ATM card skimmers are usually paired with hidden cameras that captures the user's PIN entry. The cameras may be hard to spot, so protect yourself by using one hand to cover up the other as you type in your PIN.
Use the chip in your credit card
Many checkout-lane credit-card readers have both chip and swipe options. If you have a chip card, use the chip. It's a lot safer than swiping the card and will prevent your card from being "cloned" by thieves.
Make sure your router's firmware is up to date
This is a bit technical, but very important. Dig out your home Wi-Fi router's instruction manual and learn how to check for and install new firmware.
Firmware is your router's operating system, and needs to be periodically updated to fix security flaws. If a hacker manages to take control of your router, he can control everything you do online, from sending email to posting on Facebook to sending money to other online bank accounts.
Change your router administration credentials
Your Wi-Fi router will come with a default administrative username and password, but far too many people don't change these after setting up the routers. Hackers have lists of default router admin credentials, and use them to remotely access and hijack home networks. Avoid this fate by referring to the instruction manual and creating a unique username and password for your router's admin account.
Change your Wi-Fi network name
Many people don't change their SSID, or Wi-Fi network name, from the defaults. That's too bad, because then a hacker who sees "Linksys" will know exactly what kind of router he's attacking. Call it something else (your router instruction manual should show you how), but don't put your name, address or apartment number in the network name — that's just asking for trouble.
Select WPA2 encryption for Wi-Fi
Go back to the router instruction manual and make sure the router is using the WPA2 protocol to secure its network(s). Other, older protocols aren't quite as safe, and some aren't safe at all.
Disable Flash or make it click-to-run
Adobe Flash Player is the web's worst habit. It's always being hacked, yet everyone continues to run it. Break from the herd: Disable Adobe Flash Player so that it doesn't run at all (Safari's default setting has no Flash), or make it click-to-run so that it only loads when you let it.
Cover up your webcam
It's easy for malware to turn on your laptop's webcam and record you changing your clothes or making whoopee, even without the "on" light lit. You don't want creeps spying on you. Put tape, a sticky note or a Band-Aid over the webcam when you're not using it.
Stick a cut-off headphone plug into your laptop's microphone jack
Malware can also turn on your laptop's built-in microphone and record your private conversations. You can override the built-in microphone by sticking a 1/8-inch plug from a pair of broken headphones into the microphone jack, which will fool the computer into thinking an external microphone is plugged in. Just don't plug in a working pair of headphones, because those can function as microphones.
Don't click on unsolicited or shortened links
Got an email you weren't expecting? Don't open any attachments that came with it, and don't click on any links in the body of the email. That link could take you straight to a malware-laden or phishing site. See something funny on Twitter with a link? Be very careful of what you click, because those Twitter-shortened links can take you bad places too. (If you make Google Chrome your default browser, it does a pretty good job of blocking malicious websites.)
Encrypt your smartphone and computer
Encrypting part or all of your storage drive will protect it from anyone who wants to examine your device without your permission. iOS encrypts a device as soon as a PIN or passcode is set up, and macOS' File Vault and Android's encryption tool are easy to enable.
With Windows, it's more complicated. The Pro, Enterprise and Ultimate editions of Vista through 10 come with the excellent BitLocker encryption tool. Windows 10 has a separate built-in encryption tool for all editions, but it doesn't work on every computer. You might want to try a third-party tool instead, such as TrueCrypt or VeraCrypt.
Avoid public or open Wi-Fi networks
You may be tempted to use that open Wi-Fi network in the cafe, the airport or the hotel. Don't! Even if the network has a password, it may be unsafe, because it lets anyone else on the same network read your web traffic. Instead, stick to cellular data if you can afford it (and it works where you are) or use a virtual-private-network (VPN) service to encrypt all your internet communications, even on an open network.
Create strong, secure, unique passwords for everything
The harm created by data breaches is magnified because too many people use weak passwords and/or use the same password for more than one online account. Because of that, a single breach can lead to break-ins at many more services. Avoid this fate by creating strong, secure passwords for every account, and not reusing those passwords for other accounts.
Scan all email attachments
Infected email attachments can carry spyware, ransomware or all sort of other digital nasties. Even if you're expecting an attachment, it's best to scan it with your antivirus software. Some AV software lets you scan attachments right in the body of the email; in other cases, you'll have to save the attachment to a designated folder and then right-click the file to manually scan it.
Don't download pirated movies or music or 'cracked' software
When you open your favorite torrent client to download music, movies and software for free, you're taking your chances. Such illicit booty is often full of malware, and it's best to avoid it. But if you must, at least save your ill-gotten goods to a designated folder and scan them with antivirus software before opening them.
Check your credit-card balances frequently
You really don't know what that waitress or bartender is doing with your credit card, but unfortunately, you'll have to keep handing it to her until handheld chip-card readers become widespread. Instead, you should check your credit-card balances every week or so to make sure nothing fraudulent is happening. Some cards let you check your balance and recent transactions over the phone; otherwise, use a secure browser.
Turn off wireless services when not needed
Too many people leave their smartphones' or laptops' Wi-Fi or Bluetooth on all the time. An open Bluetooth connection can be used to track individuals walking around a shopping mall or conference area; an open Wi-Fi connection can be used to hack a phone or laptop. The BlueBorne attacks disclosed in September 2017 revealed that leaving Bluetooth on is an active infection risk. Turn off these connections when you're not using them.
Don't buy cheap smart-home devices
Too many "Internet of Things" devices are made without security in mind. Their software is cobbled together from dozens of oft-used or even stolen parts, and many have hard-coded default usernames and passwords that are known to hackers.
Before you buy a smart-home gadget that connects to the internet, such as a cheap security camera, find out how much name-brand companies charge for such devices. If you see a no-name gizmo that costs half as much, don't buy it.
Enable Find My iPhone or Android Device Manager
Both Apple and Google now let you remotely locate, lock or even factory-reset your smartphone if it's lost or stolen. If you can't get it back, at least you'll know your personal information is gone. Both features are easy to set up. On iOS, the feature is called Find My iPhone (or iPad or iPod); on Android, it's called Android Device Manager.