Protect Your Digital Life

Protect Your Digital Life: a reader asks…

I’ve been reading your articles about scams, hacks and what to do afterwards. Can you give me some tips on what to do before, so I don’t get scammed or hacked?

Yes! Let’s be proactive about this, it’s much easier to protect yourself from internet crime than it is to recover from being a victim. Here are some strategies you can do to harden your digital identity and keep from being scammed or hacked:

First, you need to secure your credentials. Your login usernames and passwords are the physical keys to your house, car, and safety deposit box. The first thing is to make sure that each of those keys is unique, and that means using a long and unique password for each online place you use. Like a physical keyring, a good password manager will keep them safe for your use without you having to memorize many unique passwords. Get yourself a good password manager (1Password, BitWarden, LastPass, etc.), learn how to use it, and start changing online passwords.

A good password is long – 13 characters or more. Even better are 21+ character passwords. Each online entity will have their own requirements for password complexity, but the key is longer is better. I like to use the four random words method, but your password manager has a password generator you can use. Let it remember those passwords for you, the only password you need to memorize is the one to your password manager.

Secure every single online account with a long and unique passwords. Start with your email account(s), online banking and other financial institutions, then move on to online shopping destinations, and then everything else.

As more and more internet entities implement passwordless technology, you should upgrade your access credentials to use this versus the standard username/password credentials. Short of that, 2-factor authentication should be used on all accounts that offer it.

Second, train yourself to not respond to scam and hack attempts, whether through email, text, phone, physical letter, or any other way. Do not engage with scammers as they use psychology to bypass all your defenses. It doesn’t matter how smart, savvy or educated you are, we are all vulnerable to psychological tricks. So avoid engaging. Treat all unsolicited communications with a high degree of suspicion.

Email is such a popular scam attempt method because it costs the scammer almost nothing, and they send scam emails out by the millions. No reasonable legitimate entity is going to email you a warning that includes a phone number to call to dispute a transaction.

Third, keep an eye on your financial and credit by checking your credit report regularly. I think it’s worth it to use a service to monitor your financial situation. Each of the big three credit reporting agencies has credit monitoring subscription services. Equifax, Experian and TransUnion all offer relatively low-cost services to keep your online identity safe and a measure of fraud protection (some with insurance). They all also offer credit freezes, and other free services to help protect you from fraud. There are also 3rd party services like Norton LifeLock you can use.

Fourth, practice safe computing. This includes not visiting websites indiscriminately, and shopping only at well-known internet businesses. We’re all looking for the best deal when shopping, and scammers capitalize on this. Beware of the website offering huge savings and fantastic deals. Safe computing also entails a lot more practices you need to use and hone:

For Windows computers, I suggest a secondary protection service like Malwarebytes Premium to run alongside the built-in Windows Defender. Add a browser protection extension like the Malwarebytes Browser Guard. For Macs, the built-in protection is generally adequate, but you can use the Malwarebytes Browser Guard to help keep you away from bad websites.

For both Windows and Mac computers, keep the operating system and installed software up-to-date. Don’t put off updates, and restart your computer at least once a week. My standard routine for computer maintenance is in my articles Computer Maintenance (for Windows) and for Macs, see my Mac Maintenance article. For either, if you do nothing else, please keep your system up-to-date.

Lastly, seek help if you’re not sure about something, before you take any action. For my readers, feel free to use my Contact form to ask me a question and/or send me a screenshot. You can do a google search on the subject of an email you received. Add in the word “scam” to your search query which might focus the search results on the email you received as to whether it’s more likely a scam. If you know me, or someone who’s really tech savvy, text them a screenshot of the item in question. My friends all know that they can take a snapshot of their computer screen (or of their smartphone screen) and quickly text that to me, and I’ll answer back quickly. I’ve found that in general, if you’re unsure about whether something is legit or not, it almost invariably isn’t.