Another year has passed in a blink and its time again for my annual (and updated) advice on what most people can do to keep their information and identity safe before everyone rushes out to buy the latest gadgets on Black Friday.
With the holidays here, now is a good time to think about the simple things you can do to protect yourself from having your financial information or identity stolen by the new toy you just received or purchased. So let me provide you with the suggestions I give friends and family when asked what they can do to protect themselves from hackers when the topic comes up at the dinner table or around the fire pit (and believe me, it does).
- Beware of phishing scams!
Phishing emails (fake emails that impersonate legitimate
emails from friends and companies such as your bank) are now
the primary way that
and consumers are defrauded or get infected with malicious
software. Knowing the signs of a fake email is just as important
for consumers as it is for businesses. If you are not aware of
what they are, check out
training. In addition, having an endpoint protection package
on your PC and utilizing phishing protecting DNS for your
network (both described below), will help warn you of potential
phishing scams if you click the bad link anyway in an email.
- Pick and use a password manager.
As the endless data breaches in the news have shown; somewhere,
somehow, your account information has likely already been
you are reusing passwords across different websites, as it
appears most people do, then your account information being
stolen on one site will expose you across countless others where
you have reused the same credentials. A password manager allows
you to easily create and use complex, random passwords across
the websites you access, all protected by a single complex
password or passphrase that you know and only use for the
password manager itself (my suggestion, use an online passphrase
generator to create your master password. I’ve tested several
password managers including Dashlane and Lastpass, but in the
end, I decided on 1Password.
This is my top recommendation, especially if you are primarily
using Apple devices (as I recommend below).
- Update your computers!
If your PC or Mac is not capable of running the latest operating
systems for Windows (Windows 10) or Mac (Catalina), then its
time to buy yourself or your family a new computer for
is a constantly evolving field, and operating systems are
constantly being updated to address the latest vulnerabilities
and threats. If you are not current, you are not protected, and
if you are current, make sure that the automatic updating
features are enabled so that your computers keep themselves up
to date. My recommendation if you are shopping for a new
computer – get a Mac, or better yet an iPad if your needs are
primarily browsing and email.
your network! Personal computers are not the only
pieces of equipment that need updating, your routers and
whatever else you have on your network does as well. For network
equipment (WiFi routers for example), take advantage of the
latest mesh wifi technology which will not only give you greater
coverage and speed but will also automatically keep themselves
up to date with security patches.
Eero’s wifi products
are worth a look if you need to upgrade your network.
- Update your mobile devices!
Keeping your mobile devices up to date is just as important as
keeping your PCs up to date. If you have an iPhone or Android,
make sure it is running the latest version of the operating
if it can’t be updated to it (a particular problem for Android
phones), buy a new one or even better, switch to an iPhone. Here
again, I am updating my advice to say that unless you have a
specific reason that you must use Android or Windows devices due
to particular software needs or you are an extreme gamer, then I
suggest you buy Apple products. Your information will be much
safer by default (there is a reason that Apple is the only
company you hear about the FBI battling for access to devices –
for Windows and Android, they already have it). In addition, the
premium you pay for Apple products pays for itself with higher
quality and a much longer useful lifetime compared to non-Apple
- Turn on 2-factor authentication
wherever it is available (LinkedIn, Twitter, Google,
Apple, etc.). Two factor systems (which generate a confirmation
code that you need to enter along with your user id and password
to logon) are a
additional layer of protection against your accounts getting
hacked, and can provide a warning that someone may be trying to
get into your account without your knowledge. My preferred
password manager, 1Password, also features it as an additional
security measure for access to 1Password itself on new devices.
If you have a choice between receiving an SMS text on your phone
or using a local authenticator app on your phone, go with the
authenticator app – its the more secure choice as there have
been major hacks which have occurred where 2 factor SMS message
systems have been compromised.
- Whatever new device you get under the tree this year, make
sure that you read the manual to
understand what security features are available.
too often even when security controls are available in a
product, they are not enabled by default. Enable them and
whatever you do, please make sure to change the default password
for the device (using the fancy new password manager you
installed to generate a complex, random password). Don’t forget
to use your password manager to generate a secure and random
password for your home WiFi network as well. One other simple
step that can go a long way to protecting your information is to
make sure that you do not use an account with administrator
rights as your day to day PC account. Details on how to set this
up for Windows are available here, and for Mac’s here.
- If you are traveling over the holidays, be sure to
access the internet safely
by buying a VPN (Virtual Private Network) subscription for the
laptops or smart devices you are taking with you.
free wifi hotspots that you may access when traveling are
veritable dark alleys of potential criminal activity where your
account information can be spied on or stolen if you are not
using a VPN. Also when you travel, save the posts on social
media about where you are for when you get back. More than a few
homes have been broken into while the owners were out of town on
the vacation they broadcast to the world on social media in
real-time. Finally, be aware that there are people around you on
the bus, train or plane who see and hear whatever you are doing
on your phone, pad or laptop – be discrete. A new point here as
well – never use a free VPN app or service. Many of these have
been discovered to be nothing more than a channel for reading,
stealing and monetizing your information as it passes through
their servers. NordVPN
is a highly rated service that I can recommend (they recently
reported a security incident but how they handled it gives me
confidence that they are still the best choice).
- Now more than ever, a
protection package for your PCs is a must-have, even if you are
using Macs. The old antivirus products of the past
are no match for today’s sophisticated malware. Phish,
ransomware and other sophisticated malware are all now designed
to bypass detection by simple signature-based antivirus products
– what you need is software that can keep up with these threats.
I recommend Sophos,
which is available either free or in a package for 10 devices
for $50/year (or less on sale) with additional features. Their
products are highly rated and not only detect and stop malware
but can also protect you against phishing attacks (clicking that
bad link) as well as ransomware.
those who are a bit more interested in twiddling with
technology, take a look at the free
products available that can protect your entire home network
from malicious websites and phishing emails. While not a
guarantee, they go a long way toward ensuring that the computers
and devices on your home network can’t communicate with known
websites that serve malicious software or support phishing
attacks. In addition, depending on the product you use, they can
protect your family against web content you do not want them to
see such as porn or tasteless websites. My recommendation is the
free family filter available from
- Speaking of protecting your family, Apple has now
the family features in their mobile devices to Mac
desktops and laptops as well. Restricting the amount of time you
use (or allow your children to use their) devices for social
reasons is one of the best things you can do for their
mental health (or yours). In addition, to give a child any
device without restrictions on what apps they can download or
what sites they can browse to borders on child abuse and
neglect, considering how much harmful information is targeted at
children or easily available to them. Apple’s
is a good first step toward putting restrictions in place.
- Two is one, and one is none. This simple motto is a reminder
that when it comes to
your data, there is no such thing as too many backups. As more
and more of our memories and records transition to digital,
making sure that you have backups of
that data becomes ever more vital.
you are infected with ransomware, or simply have a hard drive
crash on your main PC, at some point when you least expect it
and most need it, you will lose your data. And without a backup
(or multiple backups), it will be gone forever. My
recommendation, make use of whatever backup features are
available in your PC’s operating system (such as Apple’s Time
Machine), and then supplement that with a commercial cloud
backup product (such as Backblaze or Carbonite) that securely
backs up your information to the cloud.
- Be vigilant.
that your online or financial accounts have been compromised is
the most important step in being able to rectify the situation
before it gets worse. If you don’t have
credit monitoring already you can obtain it for free
from CreditKarma.Com. To monitor your online accounts, signup at
receive alerts when your userid shows up in a report of breached
accounts from a hacked website or company, or most password
managers also provide this feature if the compromised account is
one they maintain. 1Password includes a monitoring service that
will alert you that you need to change the password for a
company whose data has been stolen.
- For financial information at least,
prevent the problems before they occur by
a credit freeze on your accounts at the credit bureaus.
Following the Equifax debacle, Congress finally did something to
help consumers and mandated that you can place and remove credit
freezes at the credit bureaus for free.
These freezes will help stop new accounts from being opened in
your name until you remove the freeze. With this ability now
being free and something that can be easily done through the
bureau’s website or mobile apps they provide, there is no reason
not to keep your credit profile frozen and unfreeze when needed.
Updated details on how to freeze your credit are
- Finally, if you don’t already have
an alarm system in your home or apartment,
has now made it cheap enough that I recommend everyone consider
adding it for your personal safety. Ring’s video monitoring
doorbells and cameras are a great first step, not only providing
real-time access wherever you are to who is outside, but also
providing a mini-neighborhood watch function built into the
service. With Ring’s purchase by Amazon, they have now extended
their product suite to include a monitored alarm service and
sensors as well at an incredibly low price point that
practically everyone can afford. Another great purchase for
peace of mind regarding your personal or family’s safety, though
for privacy reasons I do not recommend any cameras inside your
home that you cannot totally control.
- Finally, be careful of scams. With the holidays the scammers come out in force. Whenever you see, hear or get an email about a deal that is too good to be true, it probably is. Shop safe and stay safe this holiday season.
That’s it! If you like this article, feel free to share it with your network, friends, and family. Be safe, be happy and I hope everyone has a wonderful holiday season this year!