Crash course: Hack attack prevention tips

Your computer doesn't have to die like mine did

Esty Atlas //January 21, 2015//

Crash course: Hack attack prevention tips

Your computer doesn't have to die like mine did

Esty Atlas //January 21, 2015//

There I sat, wide-eyed, the day before Christmas, as my computer died a horrible death from a virus (or hackers). Unable to access any of my files, I stared at the blank screen in horror. No reboots helped nor did re-loading anti-virus software. Two trips to the Geek Squad guys later, my word documents retrieved, I was relieved but still pretty peeved.  The culprit may have been a rogue email from what appeared to legitimately be Fed Ex.  Expecting a holiday package, I opened it.  Big mistake!

I’ve since found valuable tips that should be helpful to the rest of you.  Just when you think it’s only the big stores that need more digital security or companies like Sony Pictures, it turns out that more than 13 million Americans had their identities stolen in 2013, according to the 2014 Identity Fraud Report. 

What to do? Lately, hackers have favored email subject lines like “Password reset notification” or they might lure you into clicking on bogus links. Cybersecurity expert Jenny Shearer recommends forwarding suspicious emails to a Gmail address and choose “open in Google Drive.” Drive is a hurt locker for harmful viruses, making any fallout Google’s problem, not yours.  By the way, since subject lines are visible, make yours more generic, especially for sensitive business communications.

Other folks recommend not using Windows as your platform; 90 percent of computers run on it, so that’s where the hackers roam. Either move to Mac or be sure to install the updates Windows (and make sure it’s actually them) sends out and run anti-malware software like BitDefender (bitdefender.com) or F-Secure (f-secure.com).

As for your all-important and too numerous-to-remember passwords, LastPass (lastpass.com) creates legitimately complex passwords for all your accounts and remembers them for you.

It’s also essential to use a virtual private network (vpn) to encrypt your communications when on public Wi-Fi (proXPN.com offers a free version).  Logging into airport Wi-Fi without using a VPN is today’s unprotected sex of the Internet.  Now they tell us!

More grab & go warnings: You know those ads that mimic something you’ve just Googled? Go to: google.com/settings/ads and keep AT&T and Verizon from spying on your recent inquiries at mobileoptout.att.com and verizonwireless.com/myprivacy.  Also turn off your iPhone’s location services to disable GPS which reports your whereabouts to your service provider.  To stop iBeacon – which lets vendors capture your location via devices placed around stores and send you coupons or other offers, kill Bluetooth. All of these so-called ‘services’ that claim to make our lives easier or more convenient also comes with the growing risk of privacy invasion.

Hackers want consumer profiles from companies, everything from your health, sexual preferences, brand loyalties, what sites you visit, and what you buy, to your actual physical movements.  This is when “cookies” are no longer a good thing to have with a glass of milk.  They implant their cookies (the non- chocolate chip kind) into your browser which records your online comings and goings for third—party tracking.  To help deter these spies, keep an eye on the Ghostery (ghostery.com) or Disconnect (disconnect.me) in your browser extensions. To stop them: Privacy Badger (eff.org/privacybadger) analyzes how these cookies are being used and neutralizes third-party tracking.

Going the extra mile, you can also encrypt everything if you’re super sensitive about privacy invasion but these are more complicated and the technology is still evolving: you can download The Onion Router (torproject.org). It doesn’t enrypt, but it bounces requests through random servers across the globe, making it harder to tell who is prompting searches.  Textsecure for Android encrypts texts; an iOS version is in the works.

Finally, secure your sensitive online accounts with a double protective layer of authentication: After you type in your password, your phone is sent a unique string of numbers for a second login, so thieves would need physical access to your phone to screw with you.

Good luck, and safe computing to all!