It’s a new year, the time when many of us pledge to make big changes in our lives. Maybe 2023 is the year you’ll finally get into shape, find the love of your life, or quit your job. Or, if you’re like me, and concerns about the ongoing pandemic, inflation, and political turmoil are leaving you less inclined to make resolutions, you may be looking to make smaller and more immediate changes to your life. If that’s what you need, I have you covered.
A small pledge that can impact your life is deciding to take your online privacy and security seriously. Experts have already told us that we will see increasingly sophisticated criminal activity online in 2023. Also, last month the US Federal Trade Commission (FTC) released a report showing that people of all ages have been falling for scams online(Opens in a new window). It’s time to protect yourself and stay vigilant on the internet.
Recently, I spoke to Adam Levin, host of the podcast What the Hack with Adam Levin(Opens in a new window) and founder of CyberScout, a data protection organization. Levin joined me via a video call to discuss how SecurityWatch readers can prepare themselves and their online devices to fight criminals determined to steal their data and their money.
Know Your Worth
You don’t need to be financially wealthy to have worth; scammers know that, too! Levin told me, “When we look in the mirror, we see us. And oftentimes, we say, ‘Why would anybody be interested in us? We’re just regular people.’”
But as Levin explained, “to a hacker, scammer, or identity thief, we are Jay-Z and Beyoncé. Why? Because we have what they want. We have data. We have financial information.”
Your social capital can also have a lot of value to a thief. For example, you may not be acquainted with a famous or wealthy person, but you may work for an organization targeted by hackers. If your email account login credentials show up in a data breach, and you use the same credentials to log in at work, you’ve just given criminals access to your workplace. That’s why it’s so important to have unique credentials for every login and to store that information in a password manager.
Update Your Apps
It’s also the right time to take stock of the apps you install. Apps that haven’t been updated in a while may have been sold to another company that could use them for nefarious purposes.
“Popular apps are almost universally updated to fix known security vulnerabilities, but it’s not a bad idea to do a little research if an app isn’t regularly updated,” Levin explained. “An unpatched app is like a gateway into your life. If it’s an app that you trust, and it’s gotten good reviews, and it comes from a legitimate app store, then set it to update automatically.”
After I chatted with Levin, I went through the list of apps on my phone and found several that hadn’t been updated in months. My phone had been overheating and losing battery power rapidly with minimal use for a few days, which may be a sign that one of those apps was used for a malicious purpose.
I did a factory reset on my phone just to be safe. Still, I could have avoided the situation by updating or deleting apps I don’t use frequently.
Minimize, Monitor, and Manage
Levin told me that identity theft is a goal for online scammers, so it’s essential to know how to protect yourself. In his book Swiped: How to Protect Yourself In a World Full of Scammers, Phishers, and Identity Thieves(Opens in a new window), he breaks down a concept that he calls “the three Ms”: minimizing, monitoring, and managing your risks online.
Below, I’ll illustrate his concept, as he explained it to me, by using identity theft as the example problem. You can also remember the three Ms in other areas of your online life, such as managing financial accounts or maintaining password security.
Minimize risk by keeping identity thieves from controlling your credit lines. Go online and freeze your credit. It’s easy and free. I did it in less than 10 minutes. Credit freezes do not affect your credit score. Freezing your credit prevents someone else from accessing your credit reports or opening new lines of credit in your name. You can unfreeze your credit whenever you need to apply for credit again.
Monitor your financial situation. Order your free credit report from all credit agencies and look for any surprises. Some personal finance apps, such as WalletHub, keep an eye on your credit report and notify you of changes. You should also sign up for transaction alerts from your financial institution.
Millions of credit and debit card numbers are sold on the dark web. Levin told me those numbers are often categorized by ZIP code. Scammers purchase financial card numbers originating from the ZIPcode where they plan to use the card, so the bank’s built-in fraud detection won’t always automatically detect criminal activity. If you sign up to get alerts for every transaction you make and receive an alert from a transaction you didn’t make, even if it’s nearby, you can act faster and minimize the damage.
Manage the damage by getting help from professionals. Levin does not recommend trying to fix identity theft damage on your own because it can be expensive and time-consuming.
Instead, he recommends talking to your insurance company to determine if you are eligible for an identity recovery program. Ask for help at work, too.
“Some employee benefits programs have identity theft protection services,” Levin said, “so that in the event you suffer an identity incident, you’ll either call the HR department, or they will have a designated phone number for you to call an identity services provider.” You can also invest in identity theft protection software, most of which offer identity monitoring and insurance-backed identity theft remediation.
Recommended by Our Editors
Adopt Healthy Online Habits
To online criminals, you aren’t a nobody; you’re an opportunity. Take this message to heart and consider changing your online habits in 2023.
Here are five habits you can adopt right now:
-
Avoid publicly sharing news about your family, life, and work on social media since scammers comb social posts looking for personal information.
-
Use a password manager or passkeys to log into your online accounts.
-
Add another layer of protection to your accounts with multi-factor authentication.
-
Hover over emailed links before clicking them on your computer, and avoid tapping on links from suspicious or unknown senders on your mobile devices to curb phishing attempts.
-
Check out PCMag’s online safety checklist throughout the year to keep up with the little security-related tasks you may forget.
Like what you’re reading? Get an extra story delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.
What Else Is Happening in the Security World This Week?
Hackers Behind Ransomware Attack on Rackspace Accessed Customer Data. Hackers accessed data from 27 Hosted Exchange customers, though there’s no evidence they “viewed, obtained, misused, or disseminated” the exposed email data, Rackspace says.
LastPass Faces Class-Action Lawsuit Over Password Vault Breach. The plaintiff blames LastPass for losing $53,000 in cryptocurrency and risking his security and privacy.
How to Switch to a New Password Manager. Leaving LastPass? Modern password managers make it very easy to switch between services. Just follow these simple steps.
Google Agrees to More Location-Tracking Settlements, This Time in D.C., Indiana. The company will pay $9.5 million to D.C. and $20 million to Indiana to settle suits over deceptive location-tracking practices. It also agreed to pay $392 million to 40 other states.
Louisiana Law Requires ID to View Porn. Websites containing 33.3% or more pornographic content are responsible for checking users’ age.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.