Here’s a horror story that proves that even the most tech-adept can be a victim of hacking and identity theft and why you really, really, really need to secure your primary email (the one most people use 99% of the time and for 99% of the stuff they do online). Mat Honan, an experienced journalist with tech-mag Wired, details how he recently became the victim of hacking, via Apple and Amazon security flaws – and his own foolishness. Read it!
Some basic – if lazy – tips? Make sure the email account you use for communicating with others (i.e. emailing!) is different from the one you use for signing in to your various online accounts (Facebook, Twitter, and especially online banking or credit card use). Most of us give out our personal email addresses with unthinking abandon and knowing your email can be the first step to being hacked. And if you are one of the few who is cautious in giving out your email address what about all those people who hold your email address in their address books? Do you trust them?
Ensure that you have a recovery email address set up for your main two email addresses and that it is used just for that: recovery only.
Use different passwords for different email addresses and online accounts and ensure that they are secure (i.e. hard to guess or break with brute force computing). I know it is a major pain but do it. Make them long (or as long as some idiot online services will make them. Microsoft actually restricts users on the new outlook.com to an inexplicable 16 digits. How is that for inculcating good security sense with the general public?). The normal rules, a mixture of upper case and lower case letters, numbers and special characters apply (if you’re allowed. Far too many online services prevent the use of special characters. There is still no password gold standard amongst the major providers nor does there look likely to be one anytime soon).
Do not place your email address online where it can be viewed by everyone and anyone unless it is a purpose made one for public engagement. And if you do have such a thing do not use it for any other purpose. That is asking to be a victim. And not just spam.
Do not place your actual real world address or phone number online (businesses aside). This is a no way never rule. That includes Facebook profiles. Just don’t do it. Ever. (And as a side note do not use location services on your social profiles. They will tell you that it is safe. The truth is that it is not. Broadcasting to the world your actual location at any given time is madness. It is not harmless, it is not fun, it is not ok).
All the usual stuff, good anti-viral and internet security software on your computer (and increasingly smartphones and tablets), regular backups of your data, still apply.
And do look at, and if possible follow, the extra security tools provided by the online services you use. Some seem inconvenient – but there can be much, much worse things.