CNBC: Cyber expert and ‘Shark Tank’ star Robert Herjavec: 10 easy online safety hacks you’re probably not doing
October 30, 2017
Enterprise data breaches dominate the headlines today, yet it's easy to get complacent in our day-to-day lives. We're connected to our devices 24-7 — laptops, tablets, mobile phones, Fitbits, etc. — whether it's for work or just fear of missing out.
My company, Herjavec Group, specializes in cybersecurity services for enterprises globally, but the foundational elements of security at the consumer level are very similar.
Following these 10 simple tips should prevent you from being the next consumer target, but first and foremost, I encourage you to exert some common sense. No one in Russia is emailing you because they want to marry you. Your best friend didn't travel to a faraway country without telling you (and now desperately needs a money transfer) and, my personal favorite, you didn't win a lottery you didn't enter!
Educating yourself about online security is the first step to being more Cyber Aware.
1. Enable multi-factor authentication (MFA) for all your accounts
In other words, not only should you have a password but you should also set up a secondary email/text verification code to access your accounts. Using MFA is a great way to deter cyber criminals from accessing your accounts. If a website notices someone logging into your account from a new device, they email or text you a verification code to ensure it's really you.
2. Cover internal laptop cameras
Hackers can easily gain remote access to your laptops and spy on you using the laptop's internal camera — scary right! Although many cameras have small light indicators to let you know when they're on, these indicators can be easily missed or turned off by a hacker. A small slider window can be purchased to cover the camera when not in use. Or use a not so techy solution... a piece of tape.
3. Don't do any shopping or banking on public Wi-Fi networks
Public Wi-Fi networks are often unsecure and are easily used by hackers to gain access to your information. If you are using public Wi-Fi, it is always recommended to use a virtual protection network service (VPN), software or an app that can easily be downloaded and will encrypt your outgoing data and shield it from prying eyes.
4. Ensure that websites are SSL-secure (https instead of http) before making financial transactions online
Shopping online has become the norm. Websites that are SSL-secure (use https://) safeguard personal information entered by users by encrypting the data, so it's inaccessible by criminals. Many don't realize that entering financial information on non-SSL-secure websites can leave their private data vulnerable to hackers. Look for https!
5. Delete old, unused software applications and apps from your devices
Take a look at all the apps and software programs you have installed your devices. How many have you used in the past year? Chances are, if you're not using these apps, you're not paying attention when security updates are made available. Hackers can easily use known security flaws to gain access to your devices via these apps.
6. Update your anti-virus software as soon as updates become available
If your new device comes equipped with anti-virus software, make sure it remains regularly updated. As hackers evolve and continue to develop new ransomware strains or re-hash older versions, updating anti-virus software will ensure that your devices are protected against any possible new strains.
7. Refresh your passwords every 30 days for all accounts and use unique passwords for each account
Right now, your Facebook, Instagram, Starbucks passwords are probably all the same as your online banking password. And even worse, your security code is your last name. Am I right??! Strong password etiquette is key to avoid being hacked. Many people recycle passwords for all or most of their accounts, and cyber criminals often rely on this practice to gain access to a users' private data.
8. Update computer/mobile software regularly
Updating your devices regularly ensures that any known security flaws are resolved so hackers are less likely to get into your systems. No matter how annoying it is waiting for your device to reboot after an update, that small amount of time will be well worth it versus being hacked.
9. Don't click on unknown links or open unknown attachments
Phishing emails and scams use sham links or attachments when trying to gain access to your personal information. When users click on the link provided, they are directed to a fake webpage that looks identical to the real version but is designed to extract your login information or automatically download hacking software onto your devices. As a general rule, unless you're absolutely certain the email sender is legitimate, do not click on any links or download any attachments.
10. Change the manufacturer's default passwords on all of your software
Manufacturers use simple, easily hackable passwords such as "password123" or "admin." Cyber criminals are fully aware of these passwords, so when attempting to gain access through software applications, they always try the default passwords first just in case users forgot to change them. In fact, the infamous Dyn attack, which brought down major popular websites such as Twitter, Netflix and Spotify, occurred in part because hackers were able to easily hijack numerous devices that still used factory-set default passwords.
Originally on cnbc.com