Sara finds an email in her inbox, notifying her that she has been the victim of a data leak through one of her social media accounts. Brad gets a similar email, letting him know that his private information is no longer secure after his favourite online store experienced a security breach. These types of notifications are almost commonplace as cybercriminals become increasingly sophisticated in their attacks on the networks that hold our data. In fact, there have been over 26 billion records exposed in what Canadian cybersecurity researchers are terming a “supermassive leak”.
Even information security giants like Norton and LastPass experienced breaches in 2023. Norton suspects that credential stuffing was the cause of the breach, where hackers use usernames and passwords that have been compromised on other sites to break into sites using the same usernames and passwords. When you fail to protect your data online, you’re also risking the data of millions of other users logged onto the same software programs you frequent.
Whether the damage occurs through your presence on a social media platform, via your favourite file transfer site, or a forum you frequent for education or entertainment, cyber threats are everywhere. So, what’s an average user to do?
Here are some tips on how you can travel more safely on today’s Internet:
- Never use the same password twice. Hackers who get access to your username and password on one site will try it on others. Even if you’ve updated your password on one account, duplications of an old password on sites you’ve forgotten about can leave you open to a breach. Browsers and independent apps that securely save your password can usually be used to generate an encrypted password, which it then saves for you. Some browsers, like Safari, will even warn you when passwords are subject to a breach or at risk of it due to duplication. If you’d prefer a third-party app, here is Forbe’s list of best password managers for 2024.
- Use 2-factor authentication. Most websites and social media accounts now offer 2-factor authentication, where you use your password along with a code generated to your phone or email, an authentication key or app, or biometrics, such as a fingerprint or facial ID, to log onto the site or app, making it impossible for a hacker to gain access without both forms of authentication. Go into the privacy settings anywhere you log in, and check for a 2-factor authentication setting. Standalone authenticator apps cover a wide variety of websites and apps, and are designed to constantly generate new codes, so there’s no risk that someone could reuse the same code to get access to your account. Here is PC Magazine’s list of the best authenticator apps for 2024.
- Find out if your information has been compromised. Websites and some security software programs will warn you if your information has been involved in a data breach, and suggest ways to address the breaches. Try haveibeenpwned.com or these alternatives to see if your data has been leaked online and where. Some security software programs for your computer and mobile devices, such as McAfee, will detect leaks and walk you through the steps to resolve them.
- Take a closer look before you click. With the advent of ChatGPT, and its proliferation to the masses, anyone with a bit of skill can create fake ads with real consequences. If an ad looks too good to be true, it likely is. Before you click that link for a celebrity endorsement, take a closer look. Compare images and videos used in the ad with other footage of that celebrity. Are their physical mannerisms and facial expressions matched by the footage in the ad? If the video or sound seem off, you’re likely looking at a fake ad.
- Check URLs and email senders’ addresses. If something comes across your social media platform or inbox, soliciting business and asking you to click a link, take a close look at that link, and the email of the sender. Do they look legitimate? Rather than click the link for a company, do an online search for them. What are people saying? Do reviews suggest this is a real company, or are you seeing articles calling it a scam? Conduct a search for suspicious email addresses to see if there are any complaints registered online involving them.
Taking these crucial steps to secure your information will have you well on your way to operating safely on today’s Internet. You can’t control the actions of the administrators of the websites, media, and software that you use, but you can have considerable control over whether your data is involved in a breach. Take these steps and protect yourself now and for the future.