Secrets to Steal From People Who Never Get Hacked

Learn the best practices that stop cybercriminals in their tracks.

Cybercriminal - hacker compromising online security

The rising problem of cybercrime

Cybercrime is a massive problem that doesn’t look like it’s going to get better anytime soon. Cybersecurity Ventures reports that cybercrime will cost the world $10.5 trillion annually by 2025. That staggering figure takes into account a multitude of factors, including stolen money, lost productivity, restoration, and the deletion of hacked data and systems.

And cybercriminals don’t only go after big organizations. “The victims of cybercrime involve individuals, organizations, and businesses alike—virtually everyone from all walks of life,” according to the experts at SSLStore. In its 2020 Internet Crime Report, the FBI’s Internet Crime Complaint Center said it receives an average of 2,000 cybercrime complaints per day.

“We all know that having a proactive approach to online security is important. Whether you use your computer or smartphone for business or personal use, you need to stay up-to-date on the latest security tips for staying safe online,” says Anurag Gurtu, chief product officer at cybersecurity firm StrikeReady. To help you do just that, we’ve asked cybersecurity experts to share their top tips for better online security.

Http vs https

They never shop on a website with an “http” URL

“Only transmit personal data on websites that are https. The ‘s’ indicates a higher level of security. Nowadays, all the reputable e-commerce sites are https—including Amazon, Walmart and Google, plus the major airlines, banks, car rentals, hospitals, social services, and hotel chains. Most scam sites, however, are http (no ‘s’ at the end), because http sites are cheaper than https sites. So, if you receive an email solicitation to use at a website that’s http, be extra careful. It could be a fraud attempt.” —Monica Eaton-Cardone, COO of Chargebacks911

Check out more tips for safe online shopping.

Woman texting on phone

They only use trusted apps

“Cellphone users can risk exposure to viruses, malware, and other online threats in many ways. Always use trusted app providers from trusted sources such as the App Store or Google Play. Jailbreaking your phone is one of the biggest risks to malware and other potentially dangerous viruses.” —Braden Perry, a litigation, regulatory, and government investigations attorney with Kennyhertz Perry, LLC

Here’s how to tell if your phone has been hacked.

Man on laptop using public wifi at airport

They use a VPN

“VPN to the rescue! A VPN (Virtual Private Network) encrypts your Internet connection to secure it and protect your privacy. You can select the no-sharing option to further protect info from nefarious hackers. There are heaps of VPNs to choose from.” —Ethan Taub, CEO of Goalry and Loanry

Make sure you never do this when using public Wi-Fi.

Online shopping - Woman on laptop with credit card
Photo: Shutterstock

They don’t use debit cards for online purchases

“If you’re the victim of fraud, a debit card offers scant protection. Credit cards protect you far more comprehensively and provide you with an extra layer of security. So use a credit card as a precautionary measure. This way, if you are victimized, your recovery will be faster.” —Eaton-Cardone

Two factor verification for online security

They use two-step verification

“Use Multi-Factor Authentication (MFA)—aka two-factor (2FA), aka two-step verification—whenever and wherever possible. Both Microsoft and Google have recently stated that MFA will stop 99 per cent of all automated attacks.” —Dave Hatter, a software engineer and cybersecurity consultant

Find out the password mistakes hackers want you to make.

Woman shopping online

They protect their credit card info

“Don’t save credit card information on sites where you purchase something. And open a separate credit card specifically for online transactions.” —Dave Hatter

Check out the latest online scams everyone’s falling for.

Lost phone left behind on restaurant table

They lock out lost devices

“If a mobile device is lost—laptop, USB drive, smartphone, etc.—and it has company data on it, report to your IT department immediately so user accounts can be disabled and/or monitored for suspicious activity and devices can be locked out of the network.” —Michael Bisso, Director of IT at Edelstein & Co.

Here’s what a hacker can do with just your phone number.

Protect password - online security

They protect their passwords

“Protect passwords and change default passwords when applicable. Use password-protected Excel documents to track usernames and passwords. The current version of Excel has strong encryption that’s almost impossible to break. Make sure access to the file is protected by a strong password.” —Peter Purcell, cofounder of EVAN360 and a cybersecurity expert.

If you’re using any of these weak passwords, you should change your settings immediately.

Cybersecurity secrets - password manager

They use password managers

“A password manager is the most amazing thing in our password-cursed world. We have passwords for everything. Most folks fall back to using the same password everywhere. This makes hackers’ lives very easy. They can compromise a website account set over here, and use those credentials at multiple other sites. It’s like carrying the key to a locked door. Password managers will help manage your passwords. They will create complex passwords, they will enter them at the various websites for you, and they will securely store them between use. Win, win, win! You have no excuse not to be using one.” —Nathan Maxwell, a cybersecurity expert at CCI

Make sure you never store this on your smartphone.

Cybersecurity secrets - woman opening email

They don’t click unknown links

“Never click on links in unexpected emails. Phishing emails are incredibly successful at impersonating sites you trust, and they appear much more legitimate than in the past. Visit the source website of the email before proceeding with the requested action.” —Peter Purcell

Here are three times you shouldn’t accept cookies on a site.

Two men accessing coffee shop wi-fi

They avoid connecting to public Wi-Fi

“Hackers are able to exploit users of public Wi-Fi through intercepting the traffic as it passes over the network, or hackers will set up fake ‘honeypot’ Wi-Fi access points in order to trick users into connecting. The goal of the attacker is to be able to obtain authentication credentials for things such as social networks or bank accounts, among other nefarious motives.” —Alex Heid, Chief R&D Officer at SecurityScorecard

Learn to spot the signs someone has hacked your Wi-Fi at home.

Cybersecurity secrets - baby cam

They take precautions when using connected devices

“Think of IoT (connected) devices just like any computer—they have an IP address. But when people deploy smart TVs, baby cameras, and devices like that in their homes, they, unfortunately, don’t usually take the same safety precautions as they do when setting up a computer. My advice to consumers is the following:

  • Read the manual: This is crucial to know what it takes to secure the IoT device.
  • Make sure you have a firewall on your router. It will protect your devices in many cases.
  • Create new and secure passwords for each of your devices.
  • Always install updates. A ‘smart’ device can easily fall out of date, leaving the device vulnerable to hackers.” —Aleksandr Yampolskiy, CEO and cofounder of SecurityScorecard

Here’s what you need to know about Canada’s 3G network shutdown.

Cybercriminal data breach

They are aware of data breaches

“A lot of folks will check sites like to see if any of their accounts have been compromised via a data breach. By simply entering their email address, people will be provided with a list of all breached accounts associated with that email account. It’s a great way to stay up to date and manage risk.” —Adam Dodge, founder of EndTAB

Here are 20 cybersecurity secrets hackers don’t want you to know.

Concerned man looking at phone

They are wary of random outreach

“I would advise you to be especially vigilant during events that may arouse our emotions. These may be sports tournaments or shopping opportunities, but also changes in law or taxes. Such events can be used by hackers to conduct phishing attacks. Criminals can manipulate our emotions or information and rely on an ignorance of the issue and their negative emotions, such as stress, time pressure, or fear of financial losses. What should we watch out for? Contests and promotions that offer tickets for matches, impersonating a tax office or bank and sending infected ‘instructions,’ or urging you to pay for items that are essentially free.” —Ole Brockhuus, CEO of SpotTheSpy

Here’s how one man fell for an email scam (and you could too).

Public phone charging station

They don’t use public chargers

“In our busy, on-the-go lives, sometimes there is no option for charging a phone other than a USB plug at a nearby public charging station, but unsuspecting users may find their data and device at risk. Hackers can modify these stations to download information without user consent or install malware onto a phone. In such cases, the best thing to do is to bring along a portable charger or connect a charging wire to a trusted personal computer that will refresh the device’s battery but not endanger the smartphone or its data. For example, Apple has recently added a feature that asks the user to either grant or deny trust to the computer when charging with a USB. If the user denies trust to the charging computer, the USB will only allow for the battery of the smartphone to be charged and not for any data to be transferred.” —Hagay Katz, VP of Cyber Security at Allot

Here’s why you should never charge your phone in a rental car.

Online security dial set to max

They update their security software regularly

“You should have antivirus software on your phone, laptop, and other devices to keep them safe. However, these programs can only protect you from the threats they know about. Companies will add new protections to their software as emerging cyber threats are identified. If you don’t keep your software up-to-date, you won’t be protected from the latest threats.” —Colton Devos, a marketing and communications specialist at Resolute Technology Solutions

Find out how to prevent identity theft in five simple steps.

Online security - woman typing on laptop

They come up with creative answers to security questions

“Set up difficult security questions to avoid having someone find the answers online. Get a little more creative with the answers, and never share this data with anyone.” —Rachel Wilson, Investigative Coordinator, Client Relations, at The Smith Investigation Agency and The Smith Training Centre

Find out how to clear cookies from your phone (and why you should).

Online security - using tablet

They keep things manual

“Turn off any sharing or auto-downloads activated on your mobile device to limit access to Cloud-based applications or stored information on your device.” —Heather Paunet, VP of product management at Untangle

Next, find out why you need to stop commenting on those viral Facebook memes.

Reader's Digest
Originally Published on Reader's Digest

Newsletter Unit