Hackers, Scammers, and Fraudsters are continuously finding new ways to steal your personal data. In today's world, it is rare to go even a week without hearing about another company being breached or foreign nation-states performing cyberattacks on our critical infrastructure. Recently, we have had an increase in people asking us...
How do I keep from getting hacked?
We love it when people ask us this as they are usually surprised to learn that it takes only a little effort to drastically reduce your risk of having your personal data compromised. Below are our top recommendations for steps that everyone can take (even if you are not good with technology!) to improve their online security and feel safe while browsing online.
Are you someone who uses the same password (or slight variation) for every website you go to? Do you frequently password reset your online accounts because you forgot your password? Or, do you store your username and passwords in a notepad on your phone? Well...
All of this can be solved by using a password manager. A good password manager (we recommend 1password - https://1password.com/) will securely store all of your username and password combinations, let you view them on all of your devices, integrate with your browser to autofill your passwords, and most importantly, help you generate strong, unique passwords for each of your accounts.
While the initial setup of a password manager may seem like a daunting task, remember, the benefits far outweigh the annoyance of an afternoon password resetting your accounts. For example, if a hacker breaches an online website and finds your username and password, a confirm common tactic is to then use that same username and password combination across many websites, to see if they are able to gain access to more of your accounts. By using a password manager, you instantly mitigate that threat.
CISA Password Manager Link - https://www.cisa.gov/tips/st04-003#:~:text=Consider%20using%20a%20password%20manager
Using a Password Manager will greatly enhance your online security, however, setting up multi-factor authentication is equally important - especially on critical services (email, banking, etc).
You've probably seen or used Multi-Factor authentication at some point online. This is when you receive a text or email with a "code" that you must enter as you are logging into a website. This verifies that even though you know the correct username and password combination, you are truly who you say you are. We always recommend using app-based multi-factor authentication when possible, but if text is the only option, that is better than nothing.
CISA Multi-Factor Authentication Link - https://www.cisa.gov/tips/st04-003#:~:text=Use%20multi%2Dfactor%20authentication%2C%20if%20available
While we normally caution against installing browser extensions (as most are able to view all of your browsing), we do highly recommend adding the two listed below to your browser because of their long-standing reputations as reputable security extensions.
uBlock Origin is an open-source "wide-spectrum blocker" that efficiently and effectively blocks ads, trackers, malware, and more automatically. This is an extension that you will notice working from day one. Note: There are many "ad blockers" out there, but we only recommend uBlock Origin. Many of the others do not truly block all ads and sell your browsing data to advertisers.
Download uBlock Origin for Chrome - https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
Download uBlock Origin for Firefox - https://addons.mozilla.org/firefox/addon/ublock-origin/
Download uBlock Origin for Edge - https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak
Developed by the Electronic Frontier Foundation, the Privacy Badger extension detects and blocks trackers that are specifically designed to watch which websites you go to. This is a lightweight extension that continuously updates its list of trackers.
Download Privacy Badger for Chrome - https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp
Download Privacy Badger for Firefox - https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/
Download Privacy Badger for Edge - https://microsoftedge.microsoft.com/addons/detail/mkejgcgkdlddbggjhhflekkondicpnop
CISA/NSA Adblocker Advisory Link - https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous
Your computer’s operating system and browser are two critical pieces of software that an attacker may try to exploit. While attacks directly against your computer will likely not happen in your day-to-day life, your browser is another story. Your browser is the connection between you and the websites you visit. If it is not up to date or secured properly, you may be at risk of an attack.
How to Update Windows Operating System Link - https://support.microsoft.com/en-us/windows/get-the-latest-windows-update-7d20e88c-0568-483a-37bc-c3885390d212
How to Update macOS Link - https://support.apple.com/en-us/HT201541
CISA Understanding Patches and Software Updates Link - https://www.cisa.gov/tips/st04-006
Not all web browsers are created equal - for the average user, we recommend using Google Chrome because of its robust and hardened security features. Chrome also has a feature named, "Enhanced Protection" which further secures the browser.
About Enhanced Safe Browsing Link - https://security.googleblog.com/2021/06/new-protections-for-enhanced-safe.html
Social Media is a wonderful thing - in a vacuum. Being able to share life events, memories, and connect with others you know is a great way of keeping up over time. However, cybercriminals often scour social media first when trying to uncover information about an individual or organization.
This is due to people commonly over-sharing details in their posts. CISA puts it perfectly,
The more information malicious people have about you, the easier it is for them to take advantage of you.
At FalconOps, when we perform an engagement on an organization, we always look for information individuals are sharing, more than they should, and we attempt to utilize that to our advantage.
All common social media platforms have a way for you to restrict who is allowed to see your account. We highly recommend you review your security settings on each major social media website.
Guide to Changing Facebook Privacy Settings - https://www.avast.com/c-change-facebook-privacy-settings
Guide to Changing Twitter Privacy Settings - https://defendingdigital.com/twitter-security-privacy-guide/
CISA Guide to Staying Safe on Social Media - https://www.cisa.gov/tips/st06-003
FalconOps is a trusted cybersecurity consulting organization that provides cost-effective managed cybersecurity services to better protect your business. Interested? Contact us (https://falconops.io/contact) to see how we can help and receive a free month of our Managed Cybersecurity service: no strings attached, no sales pitch, and no pressure to continue afterward. Let us show you value before you decide to purchase!