How to Protect Yourself Against Hackers
Hackers have been making the news this season!
In late July, Graham Ivan Clark allegedly hacked into the Twitter accounts of high profile names like Barack Obama, Jeff Bezos, and Bill Gates. Using social engineering, Clark was allegedly able to gain access to Twitter’s own admin tools. According to the affidavit, “Clark then posted on their Twitter accounts a communication that if Bitcoins are sent to accounts they will be doubled and returned to the victim” and received about $117,000 in bitcoin.
More recently, the United States Department of State has jumped into the news by “offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.”
From Twitter bitcoin scams to robbing elections, hackers are using a number of tools to gain access to sensitive personal data and capitalize on it at the expense of unsuspecting folks. And this is not a rarity. According to Cisco, “53 percent of cyber attacks resulted in damages of $500,000 or more.”
Before you get hacked, there’s plenty you can do to protect yourself against cyber attacks – from becoming informed on common tactics to learning how to secure your personal data.
Common Hacker Attacks
Oftentimes, individuals and companies don’t know they’ve been hacked until it’s too late. The first step in self-protection is to familiarize yourself with the different types of attacks so you can keep an eye out for any attempts.
Malware: Any malicious software designed to gain access or cause damage to an unauthorized device, server, or computer network. Examples include viruses, ransomware, adware, and spyware.
Phishing: A fraudulent attack via email to obtain sensitive data by impersonating a trustworthy entity.
For example, an email impersonating PayPal support urging you to update your information. For more examples, check out UC Berkeley’s phishing archive.
Social engineering: An attack that uses human-to-human interaction to manipulate someone into giving sensitive information or performing certain actions.
For example, a person impersonating an IT employee from your company, asking you to give them access to your work accounts. For a real-world video example of a hacker using social engineering to change a person’s phone service information, watch here.
Zero-day exploit: An attack that occurs before the software creator is able to fix the vulnerability.
For example, before Apple is aware of a security vulnerability and can issue an OS update to fix it, hackers may take advantage.
A “man in the middle” attack: An attack that intercepts communication between two parties.
For example, you’re at a coffee shop using public wifi and a hacker intercepts communication to lead you to a site where they can monitor your activity and collect your personal data.
DNS hijacking: An attack that redirects someone to malicious websites. This is very similar to a “man in the middle” attack.
Interested in learning more hacking terms? Check out Vice’s glossary.
Install always-on privacy
Install Startpage's private search browser extension.
How to protect your phone, computer, and other devices from hackers
The best way to protect yourself against hackers is to keep your personal data private and adopt secure practices.
- Be cautious about opening emails. Verify the sender’s email address before opening. You can hover over the email address to reveal the actual email address. What appears as an email from PayPal may in fact be from [email protected].
- Check legitimacy before downloading attachments, extensions, and programs: Disable automatic attachment opening for your email. As a general rule, avoid websites that offer free downloads of normally paid products.
- Avoid connecting to public WiFi without protection: When you browse the web on public WiFi, you’re opening a door to your connection. Startpage protects against “man in the middle” and DNS hijacking by encrypting communications and blocking all non-HTTPS connections.
- Don’t allow websites to save your sensitive personal data. Often, websites and apps will give you the option to store your credit card information in your account. Avoid doing so because if hacked, you are giving hackers access to your credit card.
- Update the software on all your devices. Most companies push out security updates as soon as vulnerabilities are discovered. If you don’t update your software, you’re leaving yourself vulnerable to hackers.
Will this protect me from hackers?
Be wary of end-all solutions that claim to keep you completely secure and anonymous.
- Does a VPN protect you from hackers? To some extent, yes. VPNs can certainly help protect you from man in the middle attacks, but they are not always reliable. In 2018, researchers found that three popular VPNs were leaking data.
- Are ad blocker extensions safe? Ad blockers can definitely help protect you from malware, at least from advertising malware. But, as mentioned earlier, be careful with what you download or install. Just because it’s in the browser’s extension store or your app store, it doesn’t mean it’s safe. In December 2020, Avast revealed around 3 million may have been infected with malware from Chrome and Edge extensions.
That being said, security and privacy are not a product that you can buy. It’s all about consistently applying best practices and keep up to date on the latest hacker tactics.
Privacy Pro Tip: When visiting a website, make sure your connection is secure by checking if it’s a HTTPS url. If the S is missing (HTTP), your connection can be hijacked by a hacker. To stay protected, install EFF’s HTTPS Everywhere extension.