04.02.2020
Article Article Medium

Off the hook

How to safeguard personal data from those who are willing to steal it

Хакерская атака
Reading time 4 minutes

The 28th of January is the international day of personal data protection since 2006. The Committee of Ministers of the Council of Europe has established the date to encourage people to increase their attention to the information they poste on the Internet. From this article, you will know what rules you should follow in order not to become an easy target for scammers.

Surf the net via VPN

Use VPN to provide encrypted Internet traffic and network anonymity. The data that pass through the VPN is secure because the technology creates a protective layer between the device and the Internet. Data interception is unlikely.

To use VPN, just download the application and log in. Choosing a service, remember that it should not store data or transfer it to anyone. It is proved that some free providers collect user information or do not encrypt traffic. Other services earn money on a subscription, not on data. Tor browser is an alternative to VPN. It preserves user’s anonymity and protects the Internet connection from surveillance.

Choose passwords properly

Rules for appropriate creating a password
Rules for appropriate creating a password

The main rule is one account — one password that is long and difficult. The more various symbols are used, the more effort hacker have to make to get the access to the account. Password manager is a handy tool that help not to forget all usernames and passwords. The program generates unique successions which are stored in an encrypted database for all usernames. To enter it, the master password is needed. It is the only succession to be remembered. By the way, some managers support two-factor authentication what makes them more secure.

Set up two-factor authentication

Try to apply it everywhere to protect data additionally. In this case to enter the account, the system requests two different types of data. Username and password is the first type, special code is the second. This code can be entered only by the mobile phone. It comes via SMS or email, sometimes biometric data or a USB key are used, though it occures less commonly. Moreover, a special authenticator application may be the second stage of protection. The app generates codes for entering accounts. This method is more reliable than SMS messages, because they are easy to intercept.

After having enabled two-step authentication in the account, choose which type of data you will enter in the second stage. Then set up backup ways to log in to your account
After having enabled two-step authentication in the account, choose which type of data you will enter in the second stage. Then set up backup ways to log in to your account

Encrypt!

Communicate via messengers that support end-to-end encryption instead of calling or sending SMS. Otherwise, correspondence and conversations will be stored on the servers of operators in the clear.

Enable the encryption of the file system. Then no one but you will get access to the decrypted correspondence, even if they get hold of a phone or laptop. The encryption is usually enabled on mobile devices by default while instructions for Windows or Mac computers are available on the Internet.

Disable displaying messages in notifications on the locked screen. If a hacker sees a one-time password from the Bank, even encryption will not help. For the same reason, put a PIN code on your SIM card: after stealing the phone and moving the card to his own, the attacker will still not get to your funds.

In 2019, hacker attacks on Sberbank began to occur 15-20% more often, and on January 2, 2020, the Bank was subjected to the most powerful attack in its history
In 2019, hacker attacks on Sberbank began to occur 15-20% more often, and on January 2, 2020, the Bank was subjected to the most powerful attack in its history

Encrypt the email: PGP technology will help to do this. The message is encrypted before sending and the interceptor will not be able to read it.

Use the HTTPS Protocol. Unlike HTTP, it encrypts the data that you put on the site, what means that they will not be able to intercept it.

Maintain the information hygiene

  • use licensed software
  • install updates
  • try to avoid public wi-fi networks
  • use anti-virus software
  • learn to make sure that no one is listening to you

Share the security rules with interlocutors whom you exchange data with, and then your correspondence will be protected at both ends.

Posted on Categories ArticleTags

Leave a Reply