What should you do so that later you do not have to urgently block all accounts and bank accounts? Together with an expert from the Anti-Hacking team, we have compiled a detailed practical guide on how to protect your data.
What should you do so that later you do not have to urgently block all accounts and bank accounts? Together with an expert from the Anti-Hacking team , we have compiled a detailed practical guide on how to protect your data.
Wi-Fi
Wi-Fi is a common way for everyone to access the Internet. You can almost always find an open Wi-Fi hotspot nearby. At the same time, public Wi-Fi is often vulnerable, because through it an attacker can easily gain access to users’ traffic.
Try not to use public Wi-Fi, it is much safer to access the Internet via a SIM card: distribute the network from a smartphone or connect a USB modem.
Having a password on a public Wi-Fi network also does not mean that the network is secure. Attackers can easily recognize it, create a fake network of the same name, and intercept traffic from unsuspecting users. If there are no alternatives, the following rules must be observed when working with public Wi-Fi:
- Install VPN and connect to public Wi-Fi only through it. Usually, reliable VPNs with strong encryption come with a fee. Internet ratings and reviews will help you choose a VPN. So, according to PCMag magazine, the best VPNs on the market are NordVPN and Private Internet Access VPN . There are also VPNs with a freemium model where a small amount of traffic is free – TunnelBear VPN , for example.
- When connecting via public networks, do not transmit your card details. If you need to buy something in an online store, do it using Apple Pay or Google Pay, or pay with the courier upon receipt of the order.
- Minimize authorization on social networks and corporate resources, as there is a high risk that logins, passwords and personal data can be intercepted by intruders.
A home Wi-Fi network is safer, but there are a few guidelines here to help you minimize the risk of being hacked.
- Change the standard username / password combination when setting up a home Wi-Fi network, through which you access the settings menu of your router – usually by default it is admin / admin.
- Change the default name of your home Wi-Fi network out of the box so that attackers cannot find out the router manufacturer and pick up the appropriate exploit. Also, regularly update the firmware of the router, since the manufacturer fixes the vulnerabilities found in them.
- Pay attention to the type of security used by the Wi-Fi point: WEP – insecure, WPA2 – the required level, better – WPA2 Enterprise. You can view this information in the properties of the connection to the Wi-Fi network.
- Disable the WPS function in the router settings , otherwise it greatly simplifies hacking your home Wi-Fi network.
- For friends and acquaintances, create a guest access to your Wi-Fi network to reduce the risk of connecting already infected devices. If you have IoT devices – smart kettle, smart bulbs, smart TV, etc. – they should also be connected to Wi-Fi via guest access.
Attackers can use hacked email accounts to steal information, gain access to corporate resources, and supply chain attacks .
One hacked email of an employee may be enough for a company to incur multimillion-dollar losses.
How can you protect yourself?
- Set up two-factor authentication. Check your active sessions regularly in your account settings. This will allow early detection of a hacking attempt and prevent it.
- Services that care about the safety of their customers can send one-time codes not only via SMS, but also through special applications – for example, Google Authenticator or Yandex.Key . Use the latter option whenever possible. Even if attackers are able to intercept your SMS messages, they will not be able to gain access to your accounts.
- Resources with a large number of users are regularly attacked to gain access to data. Therefore, check your email accounts for leaks. This can be done using the site ‘; – have i been pwned? …
Points for geeks:
- Create multiple email accounts.
- Garbage: for subscriptions, mailings, registrations on websites and event pages.
- Public: for business correspondence and communication.
- Main external : mail, which is indicated in social networks and when registering on “non-trash” sites.
- Primary Internal : Mail to which all messages from the primary external email address are forwarded.
- If your email client allows it, set up delete forwarding for primary external mail. So, when registering on sites, you will be able to specify mail1@megafon.ru , and all messages will go to the internal mail mail2@megafon.ru , the address of which no one but you knows. If the external mail mail1 is hacked , the attackers will see an empty mailbox.
Passwords
Password is the main way to protect data. The more complex it is, the more secure you are. Therefore, special requirements are put forward for the compilation of a password:
- Each account has its own password. It is desirable not less than twelve characters, using letters of different register, numbers and special characters. It is best to use a generator to generate passwords .
- Use a password manager. Ratings, reviews and reviews will help you choose a password manager. The PCMag rating recommends password managers such as Keeper , LastPass, and 1Password .
- If you don’t trust password managers, there are several ways you can come up with a strong password so that you can easily remember it. For example, compose it from the first letters of words from a fragment of a poem or compose passwords-phrases in which words are combined according to the principle of “Character-Place-Object-Action”.
- In addition to the password, configure two-factor authentication for all services that support this feature.
Phishing
Phishing is a type of fraud, the purpose of which is to gain access to confidential data (logins and passwords) and, as a result, steal money, information, and infect company systems. Most cyber attacks start with phishing. Below are a few rules on how not to fall for the bait of intruders.
- Be careful. Before clicking on a link in an email or downloading an attached file, hover over to make sure the URL or file extension is correct. Do not download files with unknown extension or extensions like .exe .com .pif .scr . Do not enter your data in the forms offered in the letter. It is better to copy a suspicious letter and send it as an attachment to the security service of the postal service or the company on whose behalf it came. Attackers’ websites can look almost the same as the official websites of banks or service providers. Therefore, at the slightest suspicion, close such a site and report it to the security service of the company that the attackers were disguised as.
- Pay attention to the content of the letter. Phishing emails often use phrases that require you to take immediate action – follow a link or download a file. For example, “You have exactly 15 minutes to pay for services under the agreement!”, “Urgently follow the link to get access to the file!” etc.
- Voice phishing is also common. Remember that company employees will never ask you for a password, username or code – as a rule, any entry or confirmation of a transaction occurs through a website, application or SMS. Get in the habit of calling back a bank employee when making any transactions over the phone.
Bank cards
Cybercriminals can successfully withdraw money from other people’s accounts, despite the systems for confirming transactions and recognizing suspicious transfers. The main problem is that people often give their data themselves or send money to scammers.
- Remember that when transferring money between individuals, a phone number or bank card number is sufficient. In no case can the full card details be transferred. In most cases, people lose money because they themselves transfer card data to scammers .
- ATMs are one of the most vulnerable places in terms of security. Always be careful when using these devices: visually check the keyboard and card capture reader for damage or additional devices. If possible, use ATMs located inside bank branches. You can read more about skimming in the Meduza article .
- When paying via terminals, use PayPass. In cafes and restaurants, give the card to the waiters only if the payment is made in front of you and the card is not taken to the counter where the terminal is located. If your smartphone supports Apple Pay, Google Pay or Samsung Pay, then it is better to pay through them, and keep the card deep in your wallet so as not to become a victim of skimming.
- Disable Siri or Google Assistant on the locked screen – previously, hackers were able to access user data through voice assistants. Install antivirus software before installing banking applications on your Android smartphone.
- For online purchases, get a separate virtual card – as a rule, it can be issued for free – and transfer money to it immediately before buying. Even if attackers gain access to it, they will not be able to steal your money.
- Try to make purchases only on sites of trusted online stores. For all bank cards, enable SMS or Push notifications.
Computers
When working with laptops and personal computers, there are also a few simple rules to help you secure your data from unauthorized access.
- Even if you leave your workplace for a couple of minutes, do not forget to lock your computer. Make it a habit. On computers with the Windows operating system, blocking is performed by the Win + L key combination, on macOS – Command + Control + Q.
- Use licensed versions of the operating system and update it in time – new versions eliminate vulnerabilities found, and pirated versions of operating systems may contain backdoors. Do not forget to install antivirus and set up regular computer scans.
- Remain vigilant when connecting external devices. Do not connect unfamiliar devices, especially USB drives. Disable the autorun feature for devices.
- When working with data on cloud storage, use a strong password and two-factor authentication.
- Protect data on your computer with disk encryption so that it cannot be read by physically removing the HDD or SSD from the computer and plugging it into another device. The instructions for Windows 10 or the same for macOS will help you with this .