Technology is always changing, and so is the way we use it. That means we’re always finding new ways to stay off guard against bad guys stalking our data.
Remember when you shared your address book with that trendy new app? Or when you post photos on social networks? All of these actions can have consequences that impair security for ourselves and those we care about.
Vijay Balasubramaniyan, the chief executive of Pindrop, a security company that develops technology to detect fraudulent phone calls, says we should remember that any identifiable information we post online late they can all be used by fraudsters to hijack our online accounts.
“Your digital identity, which includes all of your images, videos, and audio, will essentially allow hackers to create a complete character exactly like you without your presence in the photo, “He said.
So here are some of the most important principles – like strengthening passwords and minimizing data shared by your phone’s camera – to keep you and your loved ones safe for the foreseeable future. . I call these the five technical commandments in the hope that you will remember them as if they were the gospel.
You must not use weak passwords
Let’s talk about poor password hygiene. About 45% of Americans use weak passwords of 8 characters or less, according to a survey by Security.org, a research firm. (Fourteen percent used “Covid” in their passwords last year.) The majority of Americans also admit to using passwords on different websites as well.
This opens up many security problems. Weak passwords can be easily guessed by intruders trying to gain access to your account. And if you use the same password for multiple websites, such as a bank account, a Target shopping account, and Facebook, all you need to do is one of those sites get hacked. even those accounts are vulnerable to attacks.
For most people, the simplest solution is a password manager, the software that automatically generates long and complex passwords for accounts. All passwords are stored in a vault accessible with one master password. My favorite tool is 1Password, which costs $ 36 a year, but there are also free password managers like Bitwarden.
Another option is to write down the password on a piece of paper stored in a safe place. Just make sure the password is long and complex, with some letters, numbers, and special characters.
Use multi-factor authentication
No matter how strong a password you create, a hacker can get it if they compromise the company’s servers that contain your information. That’s why security experts recommend multi-factor authentication, also known as two-step verification.
Here’s how two-factor authentication usually works: For example, let’s say you enter a username and password for your online banking account. That’s Step 1. The bank will then send a text message to your phone with a temporary code that must be entered before the website allows you to sign in. That is Step 2. In this way, you prove your identity by accessing your phone and that code.
Most mainstream websites and apps, including Facebook and major banks, offer two-step verification methods involving text messages or so-called temporary code generation authentication apps. Just do a web search for setup instructions.
If a company doesn’t offer multi-factor authentication, you might want to look for another one, says Mr Balasubramaniyan.
“If a provider says, ‘All I’m doing is the password,’ they’re not good enough,” he said.
You won’t share too much
Many of us rely on our smartphones for everyday cameras. But our smartphones collect a lot of data about us, and the camera software can automatically note our location when we take a photo. This is often a potential safety risk rather than a benefit.
Let’s start with the positives. When you allow your camera to tag your location, photo management apps like Apple Photos and Google Photos can automatically organize photos into albums based on location. That comes in handy when you’re on vacation and want to remember where you were when taking snapshots.
But when you’re not traveling, tagging your location on photos isn’t that great. Let’s say you just connected with someone on your dog photo dating and messaging app. If you turned on location when taking a photo, that person can analyze the data to see where you live.
To be safe, make sure that photo positioning is disabled by default:
On your iPhone, open the Settings app, choose Privacy, then choose Location Services and finally Camera. Under “Allow location access”, select “Never”.
On Android, inside the Camera app, tap the Settings icon that looks like a cog. Scroll to “tag location” and switch the switch to the off position.
You can choose to temporarily turn on location to record your vacation, but remember to turn it off when your trip is over.
Jeremiah Grossman, chief executive of Bit Discovery, says we should be cautious about the photos we take and send to others. The final offensive photos can be exposed to the public.
“People broke up, and people were fools,” he said. “Even if it’s not like that, you give some pictures to someone and they get hacked, suddenly it’s there.”
You may not share data about your friends
Here’s a lesson we have to learn over and over again: It’s generally not a good idea to provide information about your friends when using websites and apps, especially with brands. Unknown.
For example, when you share your address book with an application, you have the ability to provide the names, phone numbers, home addresses, and email information of all your contacts to the company. there. When you share your address book with an application that invites others to join, you are providing someone else’s information even if they choose not to accept the invitation.
Usually, when you share your address book with an application, it is aimed at finding other friends who are also using the service. But Clubhouse, the social networking app that gained popularity during the pandemic, has recently been criticized for its active address book collection.
When signing up for Clubhouse, users may refuse to share their address book. But even if they do, others on the app who have uploaded their address book may see that those new users have joined the service. This is not ideal for people trying to avoid contact with ex or abusive stalkers.
More than 10,000 users signed a petition complaining about the vulnerability, according to a French data regulator, which said last week it had opened an investigation into Clubhouse.
Clubhouse updated the app this month, addressing some privacy concerns. It did not immediately respond to a request for comment.
There are more decent ways than sharing your address book to find out if your friends are on a new service – like asking them directly.
Remember to always be skeptical
All security experts agree on a common principle: Don’t trust anyone.
When you receive an email from someone asking for your personal information, don’t click any of the links and contact the sender to ask if the message is legitimate. “ Scammers can easily embed email with malware and impersonate your bank, ” said Adam Kujawa, director of security firm Malwarebytes.
When in doubt, choose not to share data. Businesses and banks have been testing fraud detection technologies that listen to your voice to verify your identity. At some point, you can even interact with customer service representatives on video calls. Mr. Balasubramaniyan said the most sophisticated scammers could eventually use the media you post online to create a deepfake, or a computer generated video or audio clip to impersonate you.
While this may seem alarming because deepfakes are not an immediate concern, a healthy dose of skepticism will help us survive in the future.
“Think of all the different ways you are leaving your biometric identity in your online world,” he said.