It would be nice to celebrate Cybersecurity Awareness Month with a run-through of our triumphs as an industry this year. Instead, we’ve got a growing roster of truly malicious attacks that slipped through the cracks. From COVID-19 scams and Google Play app hacks, to mobile data breaches that compromised millions of Americans’ Social Security numbers — it’s been a year of catch-up, at best.
So what can we do to keep ourselves and our families safe from fraudsters heading into 2022? Fortunately, a lot. Here’s a 7-point checklist we’ve put together to make your household cybersecurity simple, effective, and affordable.
How do you feel when you find $50 on the sidewalk? Cybercriminals feel the same way every time they find a weak password, which is, collectively, over one million times per week. Don’t give them that satisfaction; instead, create hack-proof passwords. It’s easy if you keep in mind the following.
One, never reuse passwords. If you do, a thief can take one and use it to break into multiple accounts, grifting their way up the ladder to your bank account.
Two, create strong passwords. You don’t need to make it complicated. Just a random grouping of words like “pistolpuddingfarmdonut” would take 10 trillion years to hack. (Compare that to “123456”, the most common password of 2020,1 believe or not, which would take a mere second to bust.)
Three, never write your unique passwords down on paper or keep them in a file on your computer. They could end up in the wrong hands. Instead, use a browser-based vault. Firefox’s Lockwise is a good one. Investing in a password manager like 1Password or Dashlane is also a smart option. Subscriptions start as low as $2.99 per month and include unlimited encrypted passwords synced and autofilled across your devices.
Bad links in emails and on websites are the most common traps fraudsters lay to scam us. The good news is that today all computer OSs come equipped with a firewall to help weed out rotten sites before we have the chance to click on them. So, if you haven’t already, toggle that on now.
But firewalls usually aren’t enough.
If you don’t already have malware software running on your devices, 2021 is the time to do it. Fortunately, you don’t need to shell out for an expensive subscription to put the kibosh on bad code. Basic malware protection is totally free with Avast, which offers virus scans and malware alerts.
If you’re looking for something stronger, you’ll want to consider a provider like Norton. Norton360 LifeLock packages give you the works: malware protection, identity theft monitoring, and even a VPN (read on for more on that).
Two-factor authentication, or 2FA, is one of my favorite cybersecurity tools. It’s easy, costs nothing, and cuts down on the risk of identity theft dramatically.
Simply enable 2FA on your go-to apps (most big ones have it), and those apps will send you a one-time password (OTP) via SMS or email whenever you try to log in. That extra layer of security means that only someone who has your phone or the keys to your inbox — you — can log in to your apps.
One caveat here: Getting your OTPs by SMS or email will be safe most of the time, but if you want to take your digital hygiene to the next level, use an authentication app, like Authy or Google Authenticator. SIM-jacking — when a criminal takes over your SIM — is a real thing, so under the worst circumstances grifters could intercept your SMS OTPs.
Bottom line? SMS OTPs are better than nothing, but app-based OTPs are the gold standard.
How many apps do you have on your smartphone? The person standing next to you at the supermarket has 80. The companies that produce those apps aren’t impregnable. Determined hackers can bust into just about any network or system, as we’ve seen repeatedly this year with some of the worst ransomware attacks on record.
The more apps and accounts you own, the further your digital footprint extends. The wider your footprint, the higher the chances that your credentials will end up in a hack. To reduce those odds, go through your apps, accounts, and subscriptions at least once a year, and delete or cancel any you’re no longer using.
Install security updates as they roll in. Microsoft, Apple, and Google work around the clock to stay one step ahead of cybercrime. Willingly refusing the patches they send you is needlessly exposing your devices to dangerous malware that already has the upper hand.
This might sound like a no-brainer, but it’s easy to fall into the trap of thinking: “If it isn’t broken, don’t fix it.” In this case, fix it anyway because there’s a good chance that something deep inside your device or software is actually broken, some microscopic hole that needs filling right away.
Every time we make a connection over the open web, we’re potentially exposing ourselves to hackers, who can swoop in and take over our phones or laptops in a flash. VPNs seal off our internet connections from snoopers and thieves with infallible encryption and secure servers so we can surf in peace.
As you might have guessed, this is one area of digital hygiene most of us can’t handle by ourselves. Get a leg up on the best ways to protect your devices by reading through our Complete 2022 VPN Buyer’s Guide. If you want some ideas on the best household VPN services on the market, we’ve got your covered there, too.
ID theft is hands-down one of the worst things that can happen to you. It’s both financially and psychologically devastating, not to mention tricky to extricate yourself once you’ve fallen into a grifter’s web. And it’s on the rise.2 The silver lining in this massive gray cloud? There are steps you can take to greatly reduce your chances of falling victim.
First, enable two-factor authentication (see above) on your banking app and set up SMS transaction alerts on your phone. The minute you see something suspicious (a login or charge you didn’t make), call your bank.
Two, monitor your credit report. Technically, you can handle this by yourself. The downside to self-monitoring is that you can only request free reports from the big three bureaus (Equifax, Experian, and TransUnion) once a year. Which might be too little too late if a criminal gets hold of your sensitive details.
If this already sounds too complicated, consider signing up for an ID theft protection service. Most providers offer flexible subscriptions, starting with basic protections for around $10 per month. Some offer special plans for families, like Identity Guard, our top-rated service.
No app or service provider will keep you safe all by itself. You need to be alert and proactive, too. So, as we head into what’s left of malware-plagued 2021, that would be the final check I’d add to this list.
The connected world is a wonderful thing. But always keep your eyes open, be reasonably suspicious, and never err on the side of not doing anything.
NordPass. (2021). Top 200 most common passwords of the year 2020.
FTC. (2021, Feb 4). New Data Shows FTC Received 2.2 Million Fraud Reports from Consumers in 2020.