It’s the new year and I’m determined to start it off right by becoming more savvy and attentive to my online security. Last year my email was hijacked and my Walmart account was hacked by someone who bought a $700 tablet device using my stored credit card – thankfully they weren’t smart enough to change the purchase notification email so I knew right away – incidentally I thought it interesting that they chose to save a few dimes by going with the free shipping option rather than next or same day delivery. Although I consider myself pretty vigilant about privacy, despite lacking a degree in information security, I’ve found that there’s still a lot to be learned about protecting myself and my data online. I’ve been doing a lot of research on this topic, hopefully you’ll find these tips helpful:
1.) Change Your Passwords and Make them Secure
According to CNN Tech an 8 digit password can be hacked in 2 hours but a 12 character password would take 17 years, so the longer and more complex the better. (via Daring Librarian). I’ve taken this advice and have changed all of my passwords. The leading tip for passwords is to make each one different, however for those of us like me who can’t remember a million different passwords, I’ve come up with some middle ground. For websites that need to be uber secure like my online banking, email, commercial sites, etc. I’ve come up with all different passwords, but for the rest I use a shared password for different genres of sites, e.g. social networking sites, wikis, personal websites, etc. The Daring Librarian has created the awesome above infographic with more password creation tips.
2.) Password-Protect Your Devices
I’m not in the habit of password-protecting my devices, mainly because I don’t want to be bothered having to unlock them each time I want to make a call or read an eBook. But I’ve come to realize that if any of my devices were to get stolen, there’s a lot of information, photos, and files that I wouldn’t want a stranger to get their hands on. Additionally I tend to leave my tablet unattended at a lot at events and other places where I’m not worried about it being stolen, but that doesn’t mean that someone might not pick it up to use the browser or an app when I’m not around, etc. So I’ve taken steps to add passcodes to these as well.
3.) Beware of Free Public WiFi
I found it chilling to discover all of the ways that people could access your information when you’re using free public wifi. Using free programs such as the Firefox extension Firesheep, people with absolutely no hacking skill at all can see which unsecure sites (some of which include Facebook, Twitter, Tumblr, Flickr) you’re logging into and simply click to access your account by hijacking the login information you’ve entered. (For more read: How to Hijack Facebook Using Firesheep). And unfortunately this isn’t the only program out there. From now on I will be more careful about what I access via public wifi and I certainly won’t be logging into anything.
4.) Delete Old Messages on Social Networks
As a result of learning just how easy it is to hijack Facebook and other social networking websites, I’m deleting old and archived messages – especially personal exchanges with family and close friends. I’ve noticed that Facebook has saved my messages dating all the way back to 2006 – that’s a lot of history!!
5.) Edit Your Privacy Settings
Facebook and other social networks are constantly changing the way they handle their privacy settings. I’m making sure that I’m well-informed about all of my settings and what’s visible through all of my accounts. I’ve noticed that while doing this I wasn’t aware of some new features that were introduced to accounts I only use occasionally. Luckily this didn’t effect me very much but I’m going to be checking these regularly as well as closing some of my under-used accounts.
6.) Check What You’re Sharing
There are so many websites where I share content, but the ones that I realized I need to keep better track of are hosted storage accounts like box.net and dropbox. I realized that I have been sharing folders with some people that I’m no longer working with which is probably not the best idea. This has prompted me to double-check my accounts that allow sharing and make sure I know who I’m sharing content with and who’s sharing with me.
7.) Reevaluate Your Friends Lists
I accept nearly anyone who friends me on social networking accounts, mainly because I use them to network and socialize. But there are some acquaintances with which I’d rather not share personal information and I’m making sure to reevaluate whether I want to remain “friends” with them on sites like Facebook. I’m also using this opportunity to cull my list of friends that I actually know, but have fallen out of touch with over the years. It doesn’t make sense to share personal information, photos, news about my life, etc. with many of these people.
8.) Close Old Accounts
This personal audit of my social media profiles has made me realize that I have a LOT of accounts, many of which I don’t actually use. Since each account has the potential to be hacked and let someone have access to even more information about me, I’ve decided to close and delete my unused and under-used accounts.
9.) Invest in Virus Protection
The bottom line is that there are a lot of “griefers” out there writing malicious code such as viruses, worms, spyware, and Trojan horses, making virus protection an absolute necessity. This is something that I absolutely can’t live without because I do a lot of Web surfing and I download a lot of files and programs so I need something monitoring my system for attacks. Viruses and malware can not only wreak havoc on your computer but some will allow access to your sensitive data. If you don’t want to invest the funds, at least invest the time and get a free virus protection program like AVG.
10.) Don’t Respond to Spammers at All
We’ve all been trained to spot those emails that try and tempt us into clicking on a corrupted link or download an attachment, but the more subtle option to UNSUBSCRIBE often falls under the radar. By clicking and responding to a spammer’s UNSUBSCRIBE option, you’re letting them know that the emails they’re sending are actually going to a real person who’s reading them. This will most often result in you receiving even more spam going forward. Your best bet is to ignore spammers completely and invest in a good spam filter.
Bonus Tip: Remove Credit Card Info from Online Retailers
After being hacked and having my credit card used to order a very expensive tablet device, I’m making it my policy to check out as a guest for future online purchases and not store my credit cards online. I place orders from a lot of different sites and I think that it was only a matter of time before this happened so I am going to lower the risk of this happening in the future by not keeping my card numbers stored at online shops. I’ve also decided to use one card in particular for online ordering so that I’m not putting all of my credit cards at risk.
Does anyone have any other tips? I’d love to hear them if you do!!