Are You Hackproof? How to Protect Your Identity in 10 Minutes

0
316

January 28, 2015

When it comes to safeguarding your digital privacy, you have options. You can freak out every time you order pad thai on Seamless. Or you can go off the grid and move to a cabin in Montana.

January 28, 2015

When it comes to safeguarding your digital privacy, you have options. You can freak out every time you order pad thai on Seamless. Or you can go off the grid and move to a cabin in Montana.

Given the constant news about hacks—Home Depot, JPMorgan Chase, Sony—neither approach is without its merits. The one thing you can't do is assume you don't need to do anything: More than 13 million Americans had their identities stolen in 2013, according to the 2014 Identity Fraud Report, and even if some syndicate isn't trying to make off with your SkyMiles, there are a lot of Nigerian princes out there. "There's a tendency to say, 'They're not going to go after me,'" says Brian Krebs, a journalist whose expertise is in data breaches. "Cybersecurity is one of those issues people get religion about after they've had a disaster." Avoiding one doesn't require a Ph.D. in comp-sci. It just takes a few minutes and a broad understanding of who might target you and why. Here, how to prevent a healthy, low-grade paranoia from reaching epic proportions.

1. The Perpetrators: Criminals

What They Want: Passwords, Social Security and credit-card numbers, and any personal information that could help them pose as you.

How they get it: Viruses (and other malware) contracted when you visit websites and activate links in e-mails and texts.

What's at stake: Scammers can open new financial accounts, run up charges on existing cards, apply for loans in your name, or file for your tax refund.

What you can do

Lately, hackers have favored e-mail subject lines like "Password reset notification" to lure you into clicking on bogus links. "It doesn't take a lot to cause yourself big problems," says Jenny Shearer, an FBI cyber security expert. Forward suspicious e-mails to a Gmail address and choose "open in Google Drive." Drive is a hurt locker for harmful viruses, making any fallout Google's problem, not yours.

The best way to avoid a virus? Don't use Windows, says David Perry of anti-malware firm F-Secure. Windows isn't less safe, but since 90 percent of computers run it, it's where hackers roam—"Windows is the low-hanging fruit of cybercrime," Perry says. So move to a Mac or be sure to install the updates Windows pushes out and run anti-malware software like BitDefender or F-Secure .

It's just as key to use a virtual private network (VPN) to encrypt your communications when on public Wi-Fi (proXPN.com offers a free version). "Logging into airport Wi-Fi without using a VPN is the unprotected sex of the Internet," says Eva Galperin, global-policy analyst at the Electronic Frontier Foundation.

Finally, secure sensitive online accounts with two-factor authentication: After you type in your password, your phone is sent a unique string of numbers for a second login, so thieves would need physical access to your phone to screw with you.

•••

2. The Perpetrators: Corporations

What they want: A consumer profile—information about your health, sexual preferences, brand affinities, what sites you go to, what you buy, and your actual physical movements.

How they get it: By planting cookies in your browser, which compile a long-term history of your online comings and goings.

What's at stake: Your privacy. And, potentially, your insurance premiums (if, say, you're on WebMD a lot researching one disease) and hireability (if an employer wants to see what political party you give to, how outspoken you are about your dislikes, or your family makeup).

What you can do

Cookies can be used for third-party tracking, which lets sites other than the one you're on see what you're doing. "None of us has a problem going to the deli and the guy behind the counter knowing you like pastrami," says Chris Morran, deputy editor of Consumerist, an advocacy site. "But if you go to a different deli and the guy there says, 'Hey, I hear you like pastrami,' that's where it crosses from convenience to creepiness." Watch the watchers with the Ghostery or Disconnect browser extensions. Then stop them: Privacy Badger analyzes how cookies are being used and neutralizes third-party tracking.

Preventing tech and telecom giants from keeping you enrolled in their default tracking programs is easy if you know where to look. Those ads that mimic what you Googled? Exercise your right to anonymity at google.com/settings/ads and keep AT&T and Verizon from eyeing your Tindering at mobileoptout.att.com and verizonwireless.com/myprivacy .

And by turning off your iPhone's location services, you disable GPS, which reports your whereabouts to your service provider. To stop iBeacon—which lets vendors triangulate your location via devices placed around stores and deliver coupons for green beans when you're in the canned aisle—kill Bluetooth.

•••

3. The Perpetrator: Government

What it wants: To collect your complete Internet history for future potential use in determining whether any associations you may have had with people of interest to the National Security Agency should also make you a person of interest.

How it gets it: By slurping up content traveling to and from your IP address and your cell-phone-service provider and then sharing the information with other countries.

What's at stake: Your Fourth Amendment rights protecting against unreasonable searches and seizures.

•••

False Sense of Security

Sometimes, what you think keeps you safe does not. Here, the most useless tools.

Passwords

Anyone determined to crack your codes—as tricky as you think they are—can. LastPass creates legitimately complex passwords for all your accounts and remembers them for you.

"Do Not Track"

Browsers can send messages to sites asking that they not follow you. Turn it on, but know that the big boys (Google, Facebook) ignore the requests.

"Incognito Mode"

This browser setting prevents someone using your device from knowing how much time you spend on, uh, cnn.com. It doesn't prevent the site you're on, or a third party, from knowing you're there.

Snapchat

Snapchats self-destruct once read. But not if they're screenshot. And, really, if you're relying on Snapchat for privacy, you should ask yourself why you're sending that dick pic, not what the best way to send it is.

•••


Courtesy: Details