As seen in River Vale Neighbors Magazine, December 2018 issue.
Everyday we turn on the TV, radio or computers and hear about companies like Marriott or Dunkin’ Donuts that came out with the news they have been breached. Unfortunately for many users, this could mean potential issues with their credit and good name, company security or other potential financial issues.
How do you avoid being a victim when a company you have no control over gets breached or hacked? The following are steps you should take and consider to minimize the impact to your credit and good name, should another breach take place.
The question is not about whether or not another breach will occur, it will happen. The real question is what did you do to protect yourself when the next breach is reported.
Step One: Patches
Always make sure that your computer is patched and up to date with the most currently available operating system and application software. This one step alone reduces the risks from your system being vulnerable to getting malicious software installed on it which could capture your keyboard strokes to be used to gain access to all of your local and online accounts.
Step Two: Antivirus and Anti-Malware
Make sure that you have an updated antivirus application and anti-malware as well. It is very important to keep these programs as up to date as possible. These two programs monitor the files that are on your computer or trying to get on to your computer. Not having these in place allows for malicious files and programs to get onto your system via the web, email, file transfers or just being on a wireless network that is not properly secured. Be careful of the free versions that you choose or that may pop up on your screen, these may be malicious. Trust the big name companies such as Symantec, McAfee, Trend Micro, Webroot, Bit Defender, Avast, Malwarebytes.
Step Three: Good Password Practice
Many users have issues with remembering their passwords, so they either write them down, or re-use them on many different sites. The problem here is that if you write them down, they are potentially available to anyone that sees them. If you re-use them on many different sites, if that site is breached and remember it will be, not if, when, then that account user name and password is now available to the bad guys for other sites. That means you may be in trouble. It is better to have a unique password, that is long in nature and to be different for every site you use that requires one. I suggest you consider a phrase instead of a mixture of upper case, lower case, symbol and numbers. An example would be something that would be easier for you to remember, like a favorite song or the first letter of a poem or some other phrase that you can use. The longer the better and use the spaces, mixed with capital letters. This makes it very difficult for someone to figure out your password. If you have so many sites you use where this will still be difficult, then consider a password manager program like LastPass or KeePass. These will allow you to protect yourself online with different passwords and autofill them for you. You will only need to remember one master password. Make sure that one, is secure, long and not used anywhere else.
Step Four: WiFi Habits
Just because you get on a wireless network with no password does not mean it is a good idea. Sometimes, malicious users setup wireless for free in areas that try to trick you to get on it. Once you are on it, where you go is being captured. All the keystrokes you type are now being seen. To avoid this type of situation happening to you, don’t use wireless access (wifi) that you are not familiar with. If you have to, such as at a coffee shop, airport or hotel, avoid, logging into banking or credit card sites to be sure. It is best to consider using a VPN client when you have to connect to an unknown of open wifi network. Such software is available to be used on the system and is a good way to protect where you go online and what you are doing. This VPN client encrypts your information while on the wireless network. Check out NordVPN, TunnelBear VPN, KeepSolid VPN.
Step Five: Careful With Your Information
Sometimes we do not realize when a website or link has been taken over by a bad player. The site may not look different to you when you are on there, but the questions and forms you may be asked to fill out should raise flags for you if they are asking private questions for the wrong reasons. An example is, a form may ask for your social security number when all you want is to register for an account to purchase a product online. NEVER enter your social security or other private identifying information about yourself if you can avoid it. If you cannot, make sure that the site is secure. The way you can tell is at the top of the page in your web browser just before the website name, you will see a small icon of a lock and the website address begins with HTTPS. The S is very important as it means you are on a secure site where the data being transmitted from your computer and the site is secure. It is better to be vigilant and suspicious when this type of information is being asked. Once the bad guys have your sensitive information it could spell trouble for you and may be very difficult to undo.
Step Six: Don’t Use Your Debit Card Online
For online purchases, its better to consider using a credit card instead of your debit card. While they function the same, there are less protections with debit cards as there are with credit cards. Check with your bank for specifics, but typically, a credit card is more suited for online purchases and should you become a victim, the credit card companies will be more flexible with the fraudulent purchases and the assistance they offer.
Step Seven: Research the Online Site
Be careful of where you buy from online. Sometimes a too good to be true offer may be just that. Before paying with credit card information online for items that are well priced, research the site. Read the reviews, search the company if you have never purchased from them. Be suspicious and follow the above recommendations in case you get to a malicious site.
Step Eight: Monitor your Credit
A great way to stay vigilant about your credit status is to subscribe to a credit monitoring service. These are typically offered by one of the three credit monitoring companies, Experian, TransUnion, Equifax or others like LifeLock. If your information was stolen or part of a breach, the bad guys may try to open new accounts on them. Being able to monitor your credit will allow you to know right away when someone is trying to steal your information and you can do something about it quickly. Many of these services also offer fraud protection to help restore your good name.
Step Nine: Check the DarkWeb
The DarkWeb is the part of the internet that stolen information is transacted. To see if your email address is being sold on the dark web check out this website. https://haveibeenpwned.com . If you type in your email address it will show you all the breaches that your email was a part of. If you find your name, consider updating all your passwords immediately to avoid falling victim to cybercrime. Use different passwords for the different sites you are registered for.
Online shopping has never been easier, more convenient and better priced. All that being true, it is easy to miss ways that the bad guys want to take advantage of vulnerable users and their computers. Don’t fall victim to them, update your systems, be cautious of where you give your private information and vigilant with potentially malicious sites.