Credit: Cale Guthrie Weissman
Technically, everything that connects to the Internet can get hacked. But there are several things you can do to protect yourself and your data from an attack.
Here are a few tips that will mitigate the risk of getting your personal data stolen.
1. Be suspicious of emails
A lot of cyberattacks are launched through simple malicious email campaigns. Email is a wonderful communication platform because you can sending anything to anyone, but that means it can be a huge security risk. Phishing, for example, sends victims seemingly innocuous emails that will lead victims to fake websites asking to update their personal information.
The best way to avoid being scammed by phony emails is to just make sure the sender is who you think it is. Check their email address to see if they match with the website you think it’s from. To be extra cautious you can check the IP address of the sender.
You can do this by finding the source information from the email and looking for the IP address that follows the line “Received: from.” You can then Google the IP address to learn the email’s source. (Here is a good primer on finding email IP addresses.)
2. Check link locations
Unknown messages contain links to unknown sites. Surfing to a mysterious website can bring about unintended consequences. For one, it could mimic a site you know and trust and help you fall prey to a phishing scam. Or, it may be unsecure or infected with malware.
If you are tempted to click on one of these links, you better know exactly where it’s taking you. The best way is to copy and paste the link location into a new browser to see what site is on the other side. If it’s a shortened link, you can use tools like URL X-ray that figure out the real destination before you click it.
Also, encrypted sites are the safest ones to visit. You know they are safe when you see HTTPS in the URL and the lock icon on your browser.
3. Never open attachments (unless you’re really sure)
A good rule to follow is never open attachments unless you are 120% sure of where they came from. One of the easiest ways for hackers to download malicious code onto victim computers is by sending emails with virus-laden files.
A frequent way companies get hacked is by one unsuspecting employee downloading malicious software that infiltrates the entire network. The most dangerous file types are Word, PDFs, and .EXEs.
4. Use two-factor authentication
As bigger companies get hacked, the likelihood that your password is leaked increases. Once hackers get passwords, they try to figure out which personal accounts they can access with the data they stole.
Two-factor authentication — which requires users to not only enter a password but to also confirm entry with another item like a code texted to a phone — is a good way to stop attackers who have stolen passwords. More companies are making it standard for logging in.
Slack, for example, instituted two-step authentication once it owned up to a recent data breach. This meant that if hackers did steal Slack user data, the hackers would still most likely not be able to get into a user’s account unless they had another personal item that belonged to the user, like a phone. If two-factor authentication is an option for your accounts, it’s wise to choose it.
5. Use advanced passwords
This may be the most obvious yet overlooked tip. A strong password includes uppercase, lowercase, numbers, punctuation, and gibberish. Don’t make the password a personal reference, and don’t store a list in a saved file.