Helping people to become more safe and secure online is the reason why mappd was born. Here are 10 top tips to reduce the chance of you being hacked that you can start using right away..
1. Up your password game
We realize you’ve heard it previously, and we’ve recently released a 101 blog giving you some top tips when it comes to password selection. Covering how they can end up with you being hacked , giving hackers access to your sensitive information.
The most important parts are;
- Don’t reuse passwords as if one account is hacked, any others using the same password are also vulnerable
- use a strong password, our 101 post gives tips on how to pick a memorable, strong password
- Use a tool like mappd to alert you if your password has been hacked before or appears online
2. Use a VPN
Once you’ve upped your password game, it’s a good idea ensure that your connections are also secure. This is the case for when you are at home and also, and especially when you are using public WiFi. But a VPN doesn’t just make you more secure, but also is a massive privacy boost as it will hide your browsing history and information.
When on the go you may be forced to free use free Wi-Fi. Many free WI-FI’s are unsecured, this means its very easy for hackers to steal your information. They can do this by ‘sniffing’ your connection when connected to the network.
For more information on VPNs have a read of our blog that goes into more detail
3. Use antivirus products
Antivirus products are great for identifying malware and helping protect your device from malicious software. This software may take over your machine or install unwanted applications. The great thing about antivirus is that in most cases, you can use it for free. For microsoft products, windows defender is built in and in recent times has become a very good product. There are a number of other free products that you can use too.
Once you’ve got your antivirus product there are a couple of thing you should check, however these are usually enabled by default
- Ensure that ‘signatures’ are updated automatically, essentially this means that the list of known malware is always kept up to date, which is essential due to the frequency of malicious software releases
- enable ‘on access’ scanning, this allows your antivirus product to scan files at the point of access and gives real-time protection
- enable web protect if available which will give you alerts to malicious websites before you visit them
- have a regular ‘full scan’ schedules, at least weekly. This ensures that your entire device is scanned on a regular basis
4. Take 5 and think before you click
One of the most common ways of being hacked at the moment is by ‘phishing’. Phishing is a technique that will bait you into clicking on a link or download that looks legitimate. When clicked, You are taken to a malicious website to attempt to steal credentials in most cases.
there are lots of examples of this and a lot will get caught up in your spam filter, however criminals are getting smarter and not all phishing emails are poor quality. Modern attacks may bypass your spam filter and give you a realistic email and malicious link, for example, HMRC emails, amazon emails and many more.
So remember, always take a minute to think before you click;
- Are you expecting the email?
- Are there spelling mistakes, old logos or other content that looks suspicious
- have you checked the email header to see if the senders email address is legitimate? Usually it will look valid in the header but when exposed you may see something unexpected like [email protected] which is not from the amazon.co.uk domain.
5. Be careful with what you share online
Nowadays, there are a ton of chances to share our own data on the web. Be wary about what you share, especially with regards to your personal data. This can possibly be used to imitate you, or copy your passwords and logins.
A hacker can quite easily go on social media and get all the information needed to begin stealing your identity. Setting your accounts to private and connecting with people you know or trust is a good way to help combat this
6. Always check the site is secure when entering sensitive information
When shopping on the web, or visiting other sensitive sites, check that the website’s location begins with “https”, rather than just “http”, and has a padlock symbol in the URL field. This shows the site is secure and uses encryptions to scramble your information so it can’t be captured by others.
This also helps make sure the site is legitimate as most malicious sites won’t have a security certificate. If you’d like to find out more about security certificates and secure connects, head over to our earlier blog post
7. Keep your software and operating systems up to date
Keep all your software refreshed so you have the most recent security patches. Turn on automatic updates will really help with this and is something of importance. It’s impossible to keep up with new vulnerabilities and issues yourself as new hacks are released so often, so most vendors do a great job of keeping their products up to date.
If you are using windows, you will have windows updates to take care of this alongside your other applications running their own updates. For Mac / iOS apple release regular automated updates too. For Linux users, unless you specifically set up automated updates, you may need to run an update command
8. Think before you give permission
This is particularly relevant for mobile devices as we tend to download apps in volume. Not only this but our mobile phones and tablets tend to hold some of our most sensitive information.
Unfortunately in a lot of cases you are stuck between privacy and using the latest products, but think before you grant permission. If you are giving an app permission to access your pictures, are you sure they are legitimate and do you trust them to potentially have access to sensitive images?
There have been numerous cases of apps misusing information and it’s mainstream news. Facebook, most notably, have had massive issues with data being used for alternate purposes. More recently FaceApp, the Russian backed AI photo editor which has raised security and privacy concerns.
We are looking at implementing a feature to give you advise on the trust and security rating of an organisation before you sign up or give permissions. If this is something you’d like to see them get in touch through the comments section or fire us an email at [email protected]
9. Use 2 factor authentication
This is such an important tip and one that is not used as much as it should. Most companies that require you to log into something now offer two factor authentication as standard.
You may have been used to 2fa without even knowing it as banks have been using it for some time when logging into your online banking or making payments. It adds an additional verification step referred to in the security industry as ‘something you have’ which is one off the three main factors.
This means that even if someone had hacked your account or got hold of your password and could log into your account, they wouldn’t be able to get in as they would require your one time code. Usually by text or with an authentication app like google’s Authenticator
You may hear this also being referred to ‘multi-factor authentication’ too – if your interested, the main ‘factors’ for authentication are;
- Something you know – typically your password
- Something you have – usually a code sent to your phone, or your card reader etc.
- Something you are – not used as much as the above two, but this is typically biometric data, like a fingerprint, face or retina scan
The key part about two factor or multi-factor authentication is that it must be two different factors and not two of the same.
10. Get involved with mappd
If you follow these top tips, you will be in a much better place when it comes to security. You will greatly reduce the risk of being hacked and feel a lot better about your general online safety.
Unfortunately, even the most secure person could be hacked and although unlikely, it’s absolutely possible. Usually because of another persons fault, more often than not, a company.
This is another core reason why mappd exists. It’s important than we all have a way of knowing if any companies that hold our information are involved in a hack. This allows us to take the preventative steps to protect ourselves before any malicious activities are carried out.
Remember, mappd has the ability to show you old hacks that you may have been involved in so even if you haven’t experienced it yourself yet, mappd gives you the tools to reduce your risk of getting hacked immediately.