Are your online passwords unique for each account or website? Are they long, complex and random?
Do you use a Virtual Private Network (VPN) when you’re at home and on the internet?
Is your computer firewall solid? Is your anti-virus program scanning your computer regularly?
While on the web have you ever gotten a pop-up message from law enforcement saying you’ve done something illegal when you haven’t?
Do you ever click on anonymous emails or text messages?
Depending on your answers to the above questions, you may be exposing your computer (and mobile devices) and your accounts—including financial, shopping and social media accounts—to relentless hackers who are always trying to invade and take over computers, hijack accounts and take money from innocent consumers.
So, what actions could help protect against your personal computer being hacked? Here’s a summary of actions that could assist with online protection.
Smack the hack—11 tips to help prevent getting hacked at home
- Use long passwords. Your passwords should be at least 12 to 16 characters long.
- Use unique passwords. Each account or site needs to be protected with its own unique password that isn’t used somewhere else—never reuse passwords or large parts of them. With unique passwords, if one of your accounts is compromised, your other accounts are more protected from hacking.
- Use complex passwords. Each unique password should be a combination of uppercase letters, lowercase letters, numbers and special characters such as >, !, ?, ^ and others.
- Use a password manager. A password manager is software that generates, autofills, encrypts and stores passwords. Usually it is a browser extension—an add-on piece of software that installs and integrates into your browser—but there are password managers that are also separate programs. Some password managers are completely free, while others require payment. Many software companies offer both free and paid versions with different features. Here are some benefits of using a password manager: it can save you time by remembering and autofilling your passwords, then help protect your identity by generating random passwords for you and then encrypting them so they cannot be seen by anyone who doesn’t have your access information.
- Utilize multi-factor authentication (MFA) for any account and site that offers it. MFA is a cybersecurity measure for any account that requires logging in to further help verify identity in multiple ways. It usually operates by someone entering their username and password into a website or app, and then authenticating their identity through a separate action, such as with a facial or fingerprint scan. Alternatively, MFA may require the user to respond to a one-time use code sent in a text message or to an email sent to the account’s registered email address, either option usually has an allotted time that you’ll need to respond by to successfully complete the log in process. Some accounts will require the user to approve access with a standalone authenticator app on their mobile phone, such as either Microsoft® or Google®’s Authenticator. MFA has proven to be effective at making it hard for hackers to access your online accounts, even if they know your passwords. While no cybersecurity method is perfectly secure, MFA has shown that, overall, it is a useful method for improving security and preventing illegal access to personal financial, social media, gaming and other types of accounts.
- Virtualization is a virtue; use a Virtual Private Network. Use a Virtual Private Network , which is a combination of installed computer or mobile phone software and a service from a VPN provider that can encrypt and protect your internet traffic—audio, video, email, chat and gaming—from being intercepted and spied on. There are a variety of free and paid VPN services to research that you can try out. But a VPN doesn’t stop a user from being able to visit a suspicious site that could be run by hacker and infected with malware, which is why you should…
- Consider installing a comprehensive anti-virus-firewall security suite from a reputable software company. Using third-party security software can help prevent some attacks by determined hackers. A user should not assume that a patched and up-to-date operating system and web browser can provide complete protection against cyberattacks. Hackers are always developing new methods of attacks and exploitation of system vulnerabilities. A robust security suite can provide a wide range of protection, from finding and eliminating malware, adware on infected websites, spyware and other threats to generating a strong digital “firewall” to block hacker intrusions. Some of the top security suite providers offer feature-limited free program versions that can still provide a level of useful protection beyond having no dedicated protection for a personal computer.
- Don’t click on anything that looks suspicious. If you don’t know it, don’t click on it. Don't get hooked by phishing from fake messages and websites designed to scam and steal from you. Read, consider thoughtfully—and don’t click on any link if it looks sketchy. Phishing attempts from fake emails, text messages, online advertisements and even entire websites trying to lure potential victims into clicking links or downloading damaging, illegal files infected with malware are some of the most common, efficient and successful hacking attempts. Examine any unexpected message or unfamiliar website carefully and hover your cursor over any embedded links to see if the addresses match the purported sender of the email message or the organization or individual behind the website. Also, never respond or click on anything coming from an anonymous sender; if you don’t know who sent the message then you shouldn’t respond in any way to them.
- Don't fall for fake panic pop-up messages on the internet from hackers, known as “scareware.” On the internet, innocent users may encounter suspicious pop-up message windows that urgently expresses your computer is infected and you must download a software update or claim that that the user has done something illegal and is violating federal laws. The message may even say that the computer is locked and under the control of the Federal Bureau of Investigation. The message will either have a link to click on or a phone number where someone would be able to fix the problem. Panic messages are especially common on sketchy websites or if there is malware already infecting your machine. These bogus threats are always fake and are attempts at phishing to quickly take your sensitive information, money, credit card or other financial account details, often by sending you to a false website operated by a scammer. Don’t click any buttons on these pop-ups, instead you should immediately close your browser. Many web browsers will warn users if they are attempting to visit an unsecure web address or one that is infected with malware. It is an extremely good idea to read any browser warnings thoroughly and do not proceed to any site you are warned to stay away from.
- Be less social on social media—all social media. Social media can expose someone to dozens, hundreds or possibly thousands of people, and some of those people are scammers patrolling social media for potential victims. Cybercrooks can get access to and read profiles and postings on social media sites, which means they can read a post and know if you have purchased something expensive or if you are going on—or are already on—a vacation away from home and your home may be uninhabited and unprotected. You could also be targeted by fake neighbors selling false merchandise at much too attractive prices and by imposters trying to pass themselves off as old friends. There is also the risk of being contacted by a romance scammer interested in tricking someone looking for a relationship, but the scammer wants their money, not their time or attention. Look into the settings for all of your social media accounts to limit the exposure of some personal information that should not be shared publicly.
- Update all your software regularly to improve the quality of the programs. Keep operating systems, security software and internet browsers (and other software) current with the latest version updates from computer software manufacturers. Software updates often incorporate improved and new features of the software, along with patches to fix errors and vulnerabilities that could be exploited by hackers. Consider turning on automatic updates in each program to keep up with the latest fixed and improved versions of these programs.
Would you like to know more about improving your online security?
More information on protecting yourself, your network and your personal computing and communications devices is available from free, monthly Delta Community Financial Education Center webinars on many different money and security-related topics. Please visit the Financial Education Center's Events & Seminars page to register for its no-cost, on-demand webinars.
Delta Community’s blog and security posts have more detailed recommendations on handling online personal security: