How to Defend Your Devices From Hackers as a Consumer
Some quick tips on how to take your PC and smartphone off the “easy prey” category.
Computers, laptops, tablets, and smartphones. They’re everywhere. And although smartphones have become the de facto standard for which so many people access the internet, the PC and laptop market is still a juggernaut. Businesses depend on workstations while homes require laptops and desktops for productivity, homework, and entertainment. So there’s a never-ending supply of PCs and mobile devices online at any given moment.
That is a good thing for both consumers and for manufacturers. It’s also a good thing for hackers who target those devices in order to gain access to information such as bank account details, Social Security numbers, and contacts. It’s no secret that hackers are constantly finding new and improved ways to steal data. And they succeed with regularity.
But what can you, the consumer, do? Let’s take a look at some of the possible ways you can protect yourselves from what many deem as the inevitable.
Demand more from companies
I want to start off with the big picture. Most often hackers have bigger targets in mind — businesses. Instead of going after individuals, they’re looking at larger companies, those that have troves of data. After all, one big score (from a retail company, a bank, or any number of offshore software outsourcing companies) is far more profitable than numerous smaller scores.
To that end, you should demand more from the companies you regularly use. Unfortunately, some of those companies don’t have the necessary in-house talent to keep their data safe. Because of that, they might need to hire an offshore development company to evaluate the security of their software and systems of delivery.
As a consumer, you have the power to demand those companies do everything possible to ensure your data is safe.
Demand more from yourself
Now that you’ve placed a certain level of onus on the companies you frequent, it’s time to look inward and realize that you hold as much responsibility as those companies. In general, people don’t exercise much caution when using their PCs or mobile devices. The average consumer will:
- Use weak passwords.
- Connect to insecure networks.
- Click links without first checking them.
- Open email attachments without care.
- Install software from suspicious sources.
- Neglect software and operating system updates.
- Give away information to unvetted sources.
Let’s break these down.
Use weak passwords
If any of your passwords contain the word password or use your birthday, the birthday of one of your children, your anniversary date, your favorite color, your pet’s name, or your favorite celebrity name, then you are vulnerable.
Why? Because these can be easily guessed. The last thing you want is to have any of your passwords be easily guessable. In fact, you should be using passwords that you can’t memorize. Why? Because that means those passwords are harder to crack.
For example, a password of password can be instantly cracked. However, password#123 is more challenging. Change that to p@$$w0rd#123 and the length of time it would take to crack is exponentially higher.
Every password you use should be challenging, so much so that you should depend on a password manager (such as Bitwarden) to keep them safe.
Connect to insecure networks
You’re constantly on the go, which means you probably connect to numerous Wi-Fi networks with your mobile devices. The problem is, some of those mobile networks (such as those from coffee shops) aren’t secure. They offer guest networks without passwords. That means anyone can hop onto them. There’s nothing stopping a hacker from accessing an insecure network and sniffing traffic. By doing this, they could easily grab data packets you send out — packets that could contain sensitive information.
If you must connect to an insecure network, make sure you do so while using a VPN. When you employ a VPN your traffic gets encrypted and re-routed, so the chances of your data being stolen are much lower.
Click links without first checking them
How often do you get an email with links that beg you to click them? Probably daily (maybe hourly). Sometimes those links are legitimate and sometimes they’re not. How can you tell? Say for example you get an email from Paypal saying there’s a problem with your account and you need to log back in. Within that email, you’ll probably find a link. Before you click that link, do one of two things:
- Hover your cursor over the link to see if your email client will reveal the link.
- Copy the link and paste it into a notepad or other document.
If the link isn’t actually from Paypal, you just saved yourself from a possible hack, by not clicking it.
Open email attachments without care
If you get an email with an attachment, the first thing you should do is have your antivirus software check it. That might mean you’ll have to save it to a directory and then have your security tool scan it.
If this is the first time you’ve ever received an email from the sender (or you simply don’t recognize the sender’s name or email address), chances are pretty good the attachment is malicious. Either way, your best bet is to simply not open it. In fact, as a rule of thumb, you should always be suspicious of email attachments — even from contacts you know.
Treat every email attachment as if it were a potential danger to your security.
Install software from suspicious sources
This can be a bit tricky for some users. Why? What’s a suspicious source? How do you know if an application came from a trusted location? It’s actually pretty simple.
- If a piece of software was downloaded from a large, trusted company’s official site, chances are pretty good it’s safe.
- If a piece of software was installed by an operating system’s built-in app store, chances are pretty good it’s safe.
- If a piece of software came packaged with a hardware device, chances are pretty good it’s safe.
The opposite is also true:
- If a piece of software was downloaded from a small, unknown company (or website), chances are good you should be suspicious.
- If a piece of software was installed from anyone but the operating system’s built-in app store, you should be suspicious.
- If a hardware requires software that is either not included in the packaging or must be installed from a third-party site, you should be suspicious.
These are only guidelines, not hard and fast rules. In the end, exercise great caution when installing software.
Neglect software and operating system updates
Software and operating system updates should never be neglected. Why? Because developers not only add new features, they patch security holes. Those patches need to be applied as soon as they are available. When you leave the software and operating systems without updates, they are even more vulnerable to attacks.
You don’t want that.
So every time you see an update, install it. Don’t let your platform and tools get behind, otherwise, you risk exposure.
Give away information to unvetted sources
There’s a thing called “social engineering.” This is when someone uses you to get the information they need. There’s a great scene in the 90s film “Hackers,” where a character calls a company and tricks an employee into giving them information that allows them access to the company network. That’s social engineering.
If someone calls, saying they are a representative of Company X and they need information from you that is confidential, your first reaction should be: “I’ll need to speak with my supervisor and get back with you.” You then call the company the person said to have been representing and ask to speak with that person. If you are informed there is no person with that name, pat yourself on the back for avoiding potential disaster.
Whenever anyone asks you to give away sensitive information (your username, your password, your bank account number, your Social Security number), don’t do it. Period. Unless you placed the call and know, for certain, you are speaking to someone with the proper authority, do not give out that information.
Conclusion
It’s hard. In today’s world, there is always some new threat, a new challenge, and new danger. But if you follow these simple tips, you will be far safer than you would be had you ignored the advice. And if you make use of all of these tips, you can feel confident that your sensitive information is, for the time being, safe.
