As a sister publication to my other book, The Secrets of Safe Surfing, I'm using My New Status Bar to write some quick and ugly chapters on ways to protect the flock.
Over the next few months, advertisers, sponsors, spammers, scammers and hackers will bombard us with crap. These chapters will flag up potential cyber-attacks we may face over the next few months and some ways to deal with them.
For more comprehensive long-term security layers against hackers, scammers and spammers check out The Secrets of Safe Surfing in LINK1 below in the comments section
90% of cyber-attacks are carried out through email accounts and rely on a gullible user clicking a link.
Other hacking techniques like pinging, fake website links, browser injections or ultrasound tracking are rarer – though corporations are developing many of these exploits to improve their advertising revenues. But the prime techniques for gathering or stealing a user's data are through social engineering.
Our home address can be calculated by piecing together what we post online. EG If we mention our location in our FB account or recommend a local restaurant on Trip Advisor.
If we use our real name in social media accounts (they encourage this) and show images of our faces, or mention our hometown landmarks then a potential hacker has a name, face and local area where his target lives. Some users (even on WP) actually list their birthday and mention their age. Next, he just has to check if his target is dumb enough to use the same name (or user name) elsewhere on the web. There he'll search all previous posts his victim's made (they are there forever) and build a profile on them. Many users (including on WP) actually advertise their MAIN email address – and often the one they use for everything – in their online profile too. A one-off email address with a safe email provider and only dedicated to one social media account at a time is the safest option, but so few of us do it.
White Pages in the US or UK services like 123.com actually provide phone numbers and detailed addresses of named individuals for anyone who has the above details. A dedicated hacker will end up with the following.
Real Name
Picture/selfie
Full address
Phone Number
DOB
Email
Quite a lot to go on. A faked UK passport only needs a person's picture, their full name, DOB, birthplace and a signature. Fraudsters don't have to use our picture or signature – just one to match the person posing as us – if it's for a short-term scam. A scammer posing as a famous UK TV presenter, Gloria Hunniford, used a fake driver's license to take £100k from her account and didn't look anything like her!
But our real picture and ALL of these ID points can be retrieved online anyway if we are dumb enough to put them there. Fake passports are quite common in the UK – hundreds are seized every week. They could be detected as fake at a UK port, but are usually used as a means of fake ID to get into a bank account, open a new one or buy something in a store. There are many examples where bank staff or store owners didn't look too close and accepted ID like passports or driver's licence that turned out to be fake documents.
However, that sort of audacious crime needs someone with nerves of steel, even charm and bravado, and years of experience. The majority of criminals don't have that. So they take the easiest and more remote way of stealing our money or selling our details to other criminals or corporate data miners: they get a phishing rod.
Phishing is the hacker's term for hooking suckers through email. Smishing is a newish term for the same crime using texts. Both are highly effective, but will only work if the target has given out the information and uses the SAME email for every account. They will be able to convince you to tell them your passwords, usernames, contact lists, credit card numbers, etc, just with a simple email message. If you really want to be safe, consider the following tips.
TIP 1
Change your email addresses. If possible, you should have a different one for each social media account (including WP) – the more you have the safer you are – and separate them from personal email accounts, or ones you use for financial transactions.
TIP 2
Pick a safe email service.
Tutanota is a German email service with strong encryption at both ends (in and out). It's the only one I've found that doesn't demand a referred email address when we sign up to it. This means we can use it as a hub email account. It has some corporate trackers in some pages when you register (most do) but we can easily deflect them with the tracker blockers I discuss in Layer #5 ~BROWSERS (Part 4): Add-ons that protect us. LINK 2
When we sign up to our other secure email services, like mailfence, which requires a 'back up email address' before we can register, we can refer them to it.
LINK 3 tutanota and mailfence
TIP 3
Use hubs purely for email referrals. Never use them for anything personal or financial.
TIP 4
Move your private and financial emails to secure accounts. Never mix business with pleasure. Don't use same email address for social media accounts and bank, for instance. That way, if we get a banking email sent to an email account we only use for WP, then we know it's a scam.
TIP 5
Have different and secure passwords for each account and store them in a safe place away from your devices.
LINK 4 Top password tips
Layer #1 - PASSWORDS
As usual, PM me with queries or safe options that can help the flock.
YOU ARE READING
My new Status Bar
RandomThis isn't a story, it's a STATUS BAR. Check it out. Do the same. Read the latest update.
