Reams of information are available concerning cybersecurity. On this page, I’m offering high level tips and pointers to further reading.
Tip 1: Never ever use the same credentials for logons to web sites and applications. True story – I once started receiving several odd phone calls. Sometimes when I answered the call was already dropped. Other times the caller would hang up. These were not robocalls. After several weeks, a voicemail was left reminding the intended recipient of an appointment. After some investigation I found a number and spoke with the person. Their Facebook account, bank accounts, credit cards, were all hacked, and yes, the same username and password were used for all, including their cell carrier account. The hack added a call forwarding number to her phone to be able to get the two-factor authentication codes for many of the accounts. Our guess was the hack wanted to change the call forwarding number and entered mine by mistake. Solution: Use a password manager to create unique credentials and store passwords. Also, make up answers to security questions. Social media accounts, search engines, and public records make it easy to know what city you were born in, your mother’s maiden name, even what your first car was. If you were born in Boston, answer Miami. These answers can be stored in good password managers in the notes or comments sections. Once again, Wired website has a nice review of password managers.
Tip 2: Keep your systems updated. Whether using Windows, MAC, Linux, Android, iPhone….doesn’t matter, your system needs to stay updated and patched. Simplifying this for brevity, just google “how to keep xxxx updated.”
Tip 3: Always use an anti-virus program. There are many out there and all of them have their share of lovers and haters. Also, arguments can be made for using an AV program that comes with a computer (who knows best how to protect Windows than Microsoft’s Defender) versus an add-on installation of an AV (nothing like having a second set of eyes). Bottom line, a little homework is due; ask friends and read reviews. I’m not passing the buck here, only recognizing everyone has different needs and price points.
Tip 4: Pop-ups are evil. Block them, never click on one no matter how convincing, never believe them when they attempt to convince you to call a number or the world will come to an end. There are several ways to do so. One that is gathering a lot of followers is Duck-Duck-Go. Chrome has extensions, Firefox has add-ons, and other browsers have additional components to add privacy features such as pop-up blockers.
Tip 5: Artificial Intelligence (AI) scams. Understatement: AI brings more to the table. There are methods to simulate and carry on a conversation that sounds like a relative’s voice asking for money and e-mails so well written that poor grammar is not an indicator of a scam. Included in the Further Reading section below is a link to helpful information at IDX, a security and privacy company.
Tip 6: Credit Reports Freezing your credit reports will prevent access to them. Create accounts at the three major agencies, Equifax, Experian, and TransUnion. Be sure to document (preferably in a password manager) the credentials, as you will need to perform a temporary lift if opening a line of credit, be it a new credit card, auto loan, or a new appliance. Instructions and tips are in the further reading link Credit Report Info. Also, don’t forget that spouses reports need frozen as well.
Tip 7: Do you know where your information has been leaked? Ever wonder what sites and information of yours has been pwned*? Surf to HaveIBeenPwned.com, enter your email address, and view sites that have compromised your information and the type of information leaked, such as date of birth, phone number, social security number, etc.
def: The term “pwned” is a nerd/hacker term used when successful collection of your information has occurred, often leading to taking over accounts or a system.
Tip 8: Review and delete unused accounts. Periodically review your browser’s bookmarks/favorites to uncover old and forgotten accounts. If you are as vigilant as you should be by using a password manager, review entries and take action on those not needed. Visit the sites – do they still exist? Can you still log in? If you don’t use the account or service browse around and find how to have the account deleted. There might be a link to delete your account and profile or you might have to create a support ticket stating you no longer want the account. I recently sent registered letters to my two senators and district representative asking for non-partisan legislation mandating companies delete citizens’ data once accounts are closed and mandated retention requirements have been met (i.e. financial information for the company’s tax records). I only heard from one of the senators, and it was obvious the author of the response did not fully understand as it bragged how the senator already was responsible for passing child protection bills.
Click here to email information about this page to someone that will find it beneficial.
| Further Reading | Description |
| Password Review Article | A nice review of password managers on Wired’s web site, includes suggested features. |
| Password Safe | An open-source (free) password manager. |
| Cyber Security Best Practices | Many links in this CISA (a federal homeland security agency) including safe online shopping, protecting children, anti-virus, and more |
| Duck-Duck-Go | Mentioned in Tip 4. DDG has a standalone browser, can be used as a default search engine in other browsers, and secures your browsing. |
| Deepfake/AI Article | An article at IDX.US, a security and privacy company, about Artificial Intelligence and Deepfake threats |
| Credit Report Info | Information on how to access and freeze credit reports |