20 Tips on How to not get Hacked
Worried about hackers getting access to your email, social media, or bank accounts? Follow these simple steps to complete online security and peace of mind.
Most of us like to think we’re pretty tech-savvy, but research has shown that almost two-thirds of people use the same password for most websites.
This means a Facebook hacker could also gain access to your smartphone, online file storage, email, Amazon account, smart TV, Google Maps history, social networks… basically your life.
Unfortunately, there’s only one dead cert way to avoid ever getting hacked: never go online. But if you don’t fancy living under a rock for the rest of your life, we’ve got the essential tips for staying one step ahead of cybercriminals right here.
How to prevent getting hacked: The basics
Start with Marc Goodman’s ‘UPDATE‘ acronym – then take it to the next level with our 33 tips below.
- Update regularly – Use auto-updates to get the latest patches for apps, software, and operating systems.
- Passwords: don’t re-use them – Using the same password on a whole raft of logins is a rookie mistake. Once hackers get one password, they’ll try it on everything else they can connect you to.
- Download from authorized sources – Whether you ‘side-load’ apps (self-install them) or go for open source software, make sure you get them from trusted sites. Check for any bundled bits (‘spyware’ or ‘adware’) and remove them – toolbars and add-ons that change your default search engines are the biggest culprits.
- ‘Administrator’ shouldn’t be your default setting – Don’t log in as admin on your computer for day-to-day use (except when you have to, like if you’re installing stuff). If you download something dodgy or have already been compromised, hackers can track, install and change pretty much whatever they like.
- Turn off when you’re done – That includes logging out of sites when you’ve had your fill of memes, switching off the computer when you leave the house, or disconnecting the WiFi when you’re not using it.
- Encrypt to keep your stuff unreadable – Encryption doesn’t stop files, emails, or details you submit through a website from being intercepted – it ‘scrambles’ the content so they can’t be read by unauthorized users. Always check for the little padlock symbol next to the URL (or that the address starts with HTTPS, not just HTTP) when you’re logging in or providing payment details.
20 tips on how to avoid getting hacked
Protecting yourself from getting hacked can take just a few minutes if you follow these quick steps:
- Get yourself decent anti-virus and firewall software – and turn it on! Some insurance companies and banks only cover fraud and theft if you can prove you had security in place.
- Back-up important data on an external hard drive or USB stick. If there’s something that you’d be gutted to lose, keep copies.
- Be picky about which companies you share your personal info with – your data’s only as secure as they are.
- Be very suspicious of emails or messages asking for login or account info, and check that any links are legit (i.e. not so-bank.co.uk) and secure (HTTPS not HTTP). These are known as phishing scams and are one of the easiest ways for passwords to be nicked.
- Most cloud storage is snoopable: encrypt the content you keep in them or check out Dropbox (which claims to encrypt all files stored).
- Only log in to accounts from your own gadgets. If you do have to use a public or shared device, make sure you log out afterward.
- Where possible, buy online using a credit card. If you’re a victim of fraud, you’ll have a better chance of getting your money back. If you can’t get accepted for a credit card, use a prepaid card instead – while this won’t insure your stolen cash, hackers will only have access to what you’ve topped up rather than your entire bank balance.
- If there’s something you really, really don’t want anyone else to know or get hold of, don’t put it online!
- When it comes to passwords, use an unusual but memorable phrase, and replace letters with numbers or punctuation marks (zero instead of o, or 3 for E).
- Never use real answers in security questions – make up memorable answers that will only make sense to you.
- Change passwords at least a couple of times a year: get fresh ones, and don’t just swap around the ones you already use.
- Get LastPass – seriously. It’s all very well (and essential) to have long and unique passwords for each site, but you’ll never remember them without a password manager. LastPass is the most popular free solution for storing them all and integrates easily as a browser extension (and app).
- Use two-step verification if it’s available for logins: if someone signs in from a new or unauthorized device, they’ll have to provide a code that’s only sent to your phone or email address.
- Don’t use an easily-guessed email – like firstname.lastname@example.org – for logging into sites holding sensitive information (like online banking). Use alias emails that you can simply forward to your main account.
- In fact, use alias emails for all aspects of your online life: work, personal stuff, paid surveys, memes, whatever. This will limit what info hackers can access (and how much spam you get).
- Forced to enter an email address but worried you’re going to be inundated with spam afterward? Use the one you can burn when you’re done! You can create a temporary email that will combust after use over on guerrillamail.com.
- If your email account displays the location of the last login (Gmail does – check the bottom of the screen), take a look at it every now and again to spot any rogue usage.
- Check your privacy settings on social media: don’t broadcast every update to the whole world. Log out every now and again to view your profile the way strangers see it.
- Don’t accept friend requests from folk you don’t know.
- Enable login alerts to get beeped when someone signs into your social media accounts. On Facebook, you can turn it on through Security Settings (approve your own devices so you don’t get pointless alerts).
What to do if you think you’ve been hacked
If you’ve been hacked, stay calm and do the following:
- Tell the relevant people: your bank, the police, and any sites involved.
- Change your passwords – including any you think thieves could get to, not just for compromised accounts.
- Warn personal contacts that you’ve been hacked.
- Consider wiping data remotely if your device is stolen: go to iCloud for Apple, for Android