Discover more from Heuristic Security
Tis the Season (To Not Get Hacked!) — 2022 Edition
Tips and tricks to protect your digital life in the new year
With this year’s addition to my annual tips and tricks for keeping your identity and information safe over the holidays, I am going to be focusing more on recent events and what they mean to your security and privacy. For my full list of tips and tricks, please read my post from last year for more detailed suggestions on how to protect yourself.
Here are my top 3 recommendations on how to keep yourself safe from the latest cyber threats in 2023:
Thanks for reading Heuristic Security! Subscribe for free to receive new posts and support my work.
Use a Password Manager
Passwords are dying as a way of authenticating yourself to the hundreds of websites you probably visit on a regular basis. However, they are not dead yet by any stretch of the imagination.
What this means is that using a password manager is indispensable to not making that biggest mistake that is exploited by hackers, reusing your password across multiple sites. Once you do this, if your credentials are stolen from one website that has been breached, the hackers will attempt to use the same credentials across other sites to see if they work there, and unfortunately for most they usually do.
To prevent this, use a password manager to generate and use a unique, complex password for every site you visit on a regular basis. While I used to be agnostic in prior years about what commercial password manager you used, there is now one that I specifically do not recommend and that is LastPass, for reasons I recently wrote about.
What do I recommend these days? If you are purely an Apple user, then I recommend taking a strong look at the improvements Apple has made in its built-in password manager, Keychain. While the interface is not the slickest, for most people who are all Apple, “It just works”. For those who still have to put up with a mixed environment of Apple and Windows (or God forbid, Android), I recommend taking a look at 1Password.
Limit Social Media
I recommend taking a look at limiting your social media use, and especially that of your children, for two reasons.
One, as has been recently illustrated by the bans that are springing up across the government on the installation of TikTok on government devices, is that it is Chinese spyware. Even if you are not using a social media app that has been directly implicated in supporting espionage, social media companies are notorious for vacuuming up all of your personal data in order to use it to deliver target marketing.
Second, the use of social media apps, especially by children and young adults, has been directly linked to a myriad of mental health issues. When not being directly manipulated into feeling inferior compared to others, just the pressure of being constantly compared to others is harmful to the mental health and self-image of impressionable children.
Beware the Phish
Phishing has continued to explode over the past year as the main way in which companies and individuals are being scammed. Phishing emails (fake emails that impersonate legitimate emails from friends and companies such as your bank) continue to be the primary way that businesses and consumers are defrauded or get infected with malicious software, for the simple reason that they work.
Knowing the signs of a fake email is just as important for consumers as it is for businesses. If you are not aware of what they are, take a look at this free training from Wizer. In addition, having an up-to-date anti-malware package on your PC and utilizing phishing-protecting DNS for your network (such as cleanbrowsing.org), will help protect you from some potential phishing scams if you still click the bad link in an email (by accident of course).
In addition to traditional email phishing, phishing has expanded into SMS phishing (smishing) and voice phishing (vishing), again, all designed to trick you into doing something or providing something to your attacker so that they can exploit you or your company.
How to protect yourself? First, understand all the ways that attackers are attempting to scam you by reading the linked articles above if you are unfamiliar with these attacks. Second, you must constantly be on guard and suspicious of all SMS messages, emails, and voice messages from those you do not know, and ask yourself, “Could this be a scam?”. I hate that we have to be constantly on guard to such an extent, however, this is unfortunately the world we live in today.
That’s it! If you like this article, feel free to share it with your network, friends, and family. Be safe, be happy and I hope everyone has a wonderful holiday season!