Hackers are a scary bunch—whether working as part of a criminal syndicate or an idealist with a political agenda, they’ve got the knowledge and the power to access your most precious data. If hackers want to target a particular company, for example, they can find vast amounts of information on that company just by searching the web. They can then use that info to exploit weaknesses in the company’s security, which in turn puts the data you’ve entrusted to that company in jeopardy.
Think of your home computer as a company. What can you do to protect it against hackers? Instead of sitting back and waiting to get infected, why not arm yourself and fight back?
Bad guys, beware. We’ve got 10 ways to beat you.
Update your OS and other software frequently, if not automatically. This keeps hackers from accessing your computer through vulnerabilities in outdated programs. For extra protection, enable Microsoft product updates so that the Office Suite will be updated at the same time. Consider retiring particularly susceptible software such as Java or Flash.
Download up-to-date security programs, including antivirus and anti-malware software, anti-spyware, and a firewall (if your OS didn’t come pre-packaged with it). To trick even the most villainous hackers, consider investing in anti-exploit technology, such as Malwarebytes Anti-Exploit, so you can stop attacks before they happen.
Destroy all traces of your personal info on hardware you plan on selling. Consider using d-ban to erase your hard drive. For those looking to pillage your recycled devices, this makes information much more difficult to recover. If the information you’d like to protect is critical enough, the best tool for the job is a chainsaw.
Do not use open wifi; it makes it too easy for hackers to steal your connection and download illegal files. Protect your wifi with an encrypted password, and consider refreshing your equipment every few years. Some routers have vulnerabilities that are never patched. Newer routers allow you to provide guests with segregated wireless access. Plus, they make frequent password changes easier.
Speaking of passwords: password protect all of your devices, including your desktop, laptop, phone, smartwatch, tablet, camera, lawnmower…you get the idea. The ubiquity of mobile devices makes them especially vulnerable. Lock your phone and make the timeout fairly short. Use fingerprint lock for the iPhone and passkey or swipe for Android. “It’s easy to forget that mobile devices are essentially small computers that just happen to fit in your pocket and can be used as a phone,” says Jean-Philippe Taggart, Senior Security Researcher at Malwarebytes. “Your mobile device contains a veritable treasure trove of personal information and, once unlocked, can lead to devastating consequences.”
Sensing a pattern here? Create difficult passwords and change them frequently. In addition, never use the same passwords across multiple services. If that’s as painful as a stake to a vampire’s heart, use a password manager like LastPass. For extra hacker protectant, ask about two-step authentication. Several services have only recently started to offer two-factor authentication, and they require the user to initiate the process. Trust us, the extra friction is worth it. Two-factor authentication makes taking over an account that much more difficult, and on the flip side, much easier to reclaim should the worst happen.
Come up with creative answers for your security questions. People can now figure out your mother’s maiden name or where you graduated from high school with a simple Google search. Consider answering like a crazy person. If Bank of America asks, “What was the name of your first boyfriend/girlfriend?” reply “your mom.” Just don’t forget that’s how you answered when they ask you again.
Practice smart surfing and emailing. Phishing campaigns still exist, but hackers have become much cleverer than that Nigerian prince who needs your money. Hover over links to see the actual email address from which the email was sent. Is it really from the person or company claiming to send them? If you’re not sure, pay attention to awkward sentence construction and formatting. If something still seems fishy, do a quick search on the Internet for the subject line. Others may have been scammed and posted about it online.
Don’t link accounts. If you want to comment on an article and you’re prompted to sign in with Twitter or Facebook, do not go behind the door. “Convenience always lessens your security posture,” says Taggart. “Linking accounts allows services to acquire a staggering amount of personal information.”
Keep sensitive data off the cloud. “No matter which way you cut it, data stored on the cloud doesn’t belong to you,” says Taggart. “There are very few cloud storage solutions that offer encryption for ‘data at rest.’ Use the cloud accordingly. If it’s important, don’t.”
Honorable mention: Alarmist webpages announcing that there are “critical errors” on your computer are lies. Microsoft will never contact you in person to remove threats. These messages come from scammers, and if you allow them to remotely connect to your computer, they could try to steal your information and your money. If that’s not a Nightmare on Elm Street, then we don’t know what is.