How to protect yourself online

Published in

be braver.

5 min readMar 12, 2017

In a recent Mozilla survey, 90% of respondents said they don’t know how to protect themselves online, a third said they feel they don’t have control over their information and most appear to be either worried about getting hacked or tracked by advertisers.

Let’s change this!

Let’s start by dispelling a myth that you have to be like Mr Robot from the Netflix show or an Übergeek from the IT Crowd.

You don’t have to be a geek to stay safe online.

TL; TD (too long, didn’t read)

Choose unique, strong passwords using a password safe for each site you need an account with.
Provide actual home addresses only to trusted sellers — if in any doubt: don’t buy!
Select collection boxes instead of home delivery if you are worried.
Use a special credit card for online shopping, one with additional ecommerce protection.
Use fake home address details when registering with sites that insist on you providing any despite not shipping anything or validating payment methods.
Setup a special email address or use tags (emailaddress+tag@provider.com, where emailaddress@provider.com is your normal address) for registering with sites online.
Use secure email providers like Protonmail or Tutanota instead of Gmail, Yahoo! or Outlook/Hotmail.
Understand that social media networks build profiles of you even when you think they don’t / can’t to be able to sell it to advertisers and shape your behaviour. They track you beyond their own sites.

Security through opacity

You can increase your safety easily by providing as little about yourself as possible, however this will mean you also get little benefit from being online.

Adding an effective privacy shield isn’t as easy as just not supplying the information in the first place and I’d be skeptical about entrusting mine to any privacy shield providing services or softwares.

What you can do is be mindful who you visit online and share details with. Then have a fake profile to use with those sites where you want or have to have an account.

Don’t track me bro!

Be careful when choosing an adblocker for your browser, as some — like the popular AdBlock — effectively act as an advertising platform themselves!

I find the Electronic Frontier Foundation’s (EFF) Privacy Badger ad and tracking blocker a save choice and can rely on uBlock Origin across all my browsers.

On iPhone I use Firefox Focus and Indie’s Better. On my Mac I can also use Glimmerblocker which acts as a proxy and can extend to any other device on your home network also!

On Android? I suggest you stop using it — seriously.

If you are on Windows, especially 10, I suggest you read up on the many privacy guides to stop Microsoft spying on you and select a proven anti virus and malware tool.

Be vary of tools like Symantec’s or McAffee’s anti virus and especially all in one suites. They could make your system more vulnerable in the name of convenience.

If this sounds awfully like I just contradicted myself, then yes and no. While good antivirus tools can help they also make things more difficult and if you select a less than optimal tool, you can make matters a lot worse.

The recent CIA leaks can provide a little indication by showing us which ones make an attackers life more challenging, but if you want peace of mind, make sure to keep all apps and system software up to date and read up (or pay a trusted IT person) to harden your devices and network.

Passwords are critical

Don’t share or reuse passwords.

Use a password safe instead, protected by a very long and memorable phrase. This makes is somewhat convenient and easier to automatically create strong passwords for each site that needs it and makes it much harder for attackers to hack you.

If you don’t do anything else from my guide — take care of your passwords!

Enable two factor (2FA) options where available to add a vital extra layer of protection. Yes, it can feel a little odd and cumbersome and trust me: doing this will dramatically increase your account security. Most sites now offer codes that are send to you by text message, making it as easy and quick as possible.

Fun fact: in cases where sites where hacked and users accounts details stolen, those who had two factor authentication were less likely to be fully compromised.

Trust nobody

There are no real ways to prove anything in this digital world. Even things you thought were save can be hacked and top notch security circumvented by a simple human error.

Use encryption and watch out for padlock signs in your browsers address bar (read up on SSL) and generally be vary about sites or emails offering things that sound too good to be true. That attachment or link is likely designed to mimic and trick you into providing passwords and other sensitive info.

If in doubt, bail out.

Cloud services are fabulous and make life easy and even fun. However, be mindful not to make it your primary location for critical things in your life and keep offline backup copies.

Google’s free photo and video storage service sounds super amazing value considering what it can do for free. But ask yourself why it is free and why a big global megacrop like Google might want to offer it like it does.

Your behaviour is watched, your private files read and lessons learned shared for profit. Not just with cloud services of course but for some reason we feel it easier to give away access to stuff we wouldn’t want our neighbours to know all the time.

Pick providers carefully and make sure to pay attention to how you allow them to use your data.

Then lock down your accounts with strong, unique passwords and two factor authentication. Your account is likely subject to attack and as we have learned from a behemoth like Yahoo!, your stuff can easily end up on some hacker marketplace for a few cents of crypto currency.

And with it the photos of your kids, the copy of the deed to your home and your grandma’s secret recipe for summer pie.

Originally published at be braver (digital services agency).