CybercrimeI’ve written about cyber attacks, cyber extortion using ransomware in hospitals, medical identity theft, data mining risks with health/medical apps and fitness trackers, and more. I am not an IT professional so I’ve written this for the un-indoctrinated, which until a year ago, included myself.

It makes sense to review a few basics about how to stay safe if you use email, engage in social media (Facebook, Twitter, LinkedIn, etc.) shop online, browse the internet, use health or medical apps, bank online or have smart devices in your home. Even if all you do is search on the internet for answers to health questions, these strategies apply to you.

Knowledge is power. The more you know, the more easily you can make an informed choice.

Think of your computer, smart phone, iPad, and other electronic devices like you do your home. We all want to be safe at home and most of us implement strategies to support that safety. We lock our doors and windows, install alarms, have protective dogs, and more. Consider taking steps to protect yourself in much the same way while using your electronic devices that connect to the internet or Wi-Fi.

With the advancement of technology and the Internet of Things (IoT), we are all more interconnected. That means we need to be informed about the risks of interconnectedness and learn how to protect ourselves from hackers and other cyber criminals. Technology is growing too fast for us not to implement a few basics to prevent identity theft, financial theft, hacking, malware, phishing scams, and more.

The Basics

Public Open Wi-Fi

If while eating a muffin and drinking a latte at your local coffee bistro, you decide to do a little online shopping while you’re there, stop. Don’t do it. Public open Wi-Fi is not secure and most people don’t realize just how easy it is for a hacker to eavesdrop on your internet communication through the Wi-Fi and snag your personal information, including username and passwords. Your information can be exposed and retrieved by cyber criminals to commit identity theft.

Public open Wi-Fi is available to everyone in that location and no password is needed for use. It is not protected in any way. Coffee stores, hotels, gyms, universities, airports and other public places offer public Wi-Fi as a free service. It’s up to you to protect yourself.

  • Be sure to set your smart phone, laptop or other device to manually select Wi-Fi. This way you choose when you want to connect to Wi-Fi rather than your device automatically connecting.
  • Do not do online shopping, online banking or engage in social media if you use public open Wi-Fi. Your personal information will be at risk to hackers who can so easily eavesdrop on your activity.
  • Public open Wi-Fi users should only visit secure websites with https addresses. It looks like this–https.www.samplewebsite.com

 

Facebook, Twitter, LinkedIn & Other Social Media Sites

“Cyber criminals often create fake profiles to befriend you on Facebook,” according to Heimdal Security. “Their goal is to get you to leak confidential information to them. Be careful about friend requests on all social media sites.”

On LinkedIn, cyber criminals create fake profiles to help themselves to your personal data, such as your connections, your email address, and your phone number. Check every LinkedIn connection request before you accept.

Suspicious connection requests look like this:

  • Very few connections
  • Very little info in the person’s bio.
  • Generic information.

 

Strengthen Your Passwords

Admittedly, changing your passwords to beef them up is a big hassle. Who can remember their passwords? I know I can’t. I have them written down in a secure place. And yes, I’ve had to change my passwords more than once because I can’t remember my new passwords.

  • Create a unique password for each unique account. Don’t use the same password for multiple accounts. Although I have to admit I’ve been guilty of this.
  • Use a more complicated password that has the following: ! and #, numbers, upper and lower case letters.
  • Don’t reuse old passwords.
  • Don’t use your birthdate, telephone number or your street address. Cyber criminals can find that information on the internet. It’s common for people to use this information in passwords and hackers know it.
  • Use two-factor authentication, known as 2FA. It is a two-step verification, an extra layer of security that requires not just a password and username but something unique to you.
  • The rule of thumb has been to change passwords fairly often to outrun hackers. But a colleague pointed out that there is new research that unveils that changing passwords can actually decrease security. See for yourself here. Thanks to Meg Helgert for the information and this study.

 

Health/Medical Apps and Fitness Trackers

I don’t use these myself for security reasons. I purchased a FitBit some time ago and after reading the fine print, I returned it to the seller. FitBit, JawBone and other fitness trackers collect, share and sell consumers’ data to health insurers, employers, data brokers and others. Health/medical apps do it too.

More info in my article, How much health care data is mined without your knowledge.

Health related apps aren’t regulated by the FDA and aren’t covered by HIPAA, which means that the majority collect your sensitive data and do with it what they will. Most don’t have good privacy or security, according to PC World’s article, Why hackers love health apps.

 

Phishing Emails

Most of us use email in some form or another. What you might have received already and hopefully deleted, are phishing emails meant to fool you into thinking they are sent from a known business or bank. Cyber criminals make these phishing emails look real by using photos, images and logos from the original businesses. Many go undetected.

A phishing email might ask you to click on a legitimate-looking link or ask you to download an attachment.

Don’t do it.

The phony email might ask you to authenticate your username or password. You may be informed of a deposit or withdrawal and then asked to click on a link. Phishing emails lure you into giving them personal information such as social security numbers, credit card details, birth date, mother’s maiden name and more. This information can give a hacker all he needs to gain access to your accounts or to commit identity theft.

In 2013, Walmart customers were tricked into believing an email scam that requested that they update their account information urgently to keep them safe.

 

“Unsubscribe” Email Scam

According to the Identity Theft Resource Center, a new scam has arrived. “Savvy scammers have leveraged the power of annoying spam and dangerous phishing emails by combining them. The result is a barrage of identical looking spam emails that promise everything from weight loss to skin care products, all of which offer you multiple chances to click “unsubscribe” in order to stop receiving the emails.

Their tactic is to bombard you with these spam emails so you’ll do just about anything to make them stop. However, embedded in the “unsubscribe” link is a virus or malware that could infect your computer.

If you don’t recognize the sender, or you didn’t sign up for the emails, do not click on the “unsubscribe” link provided. Report the email as spam by clicking on the spam button on your email program.

Spam email can also include malware that allows a cyber criminal to control your computer remotely, freeze the contents and demand a ransom in exchange for the release of your personal photos and other data. More information on malware in my blog, Hospitals are sitting ducks for ransomware and other cyber attacks.

You can report phishing emails to the Federal Trade Commission at spam@UCE.gov or see their website here https://www.consumer.ftc.gov/articles/0038-spam

 

Keep Your Software Updates Current

Download your software updates on your computer, iPad, smart phone or other electronic device as soon as they become available. Or turn on the auto-download on your software updates. Software updates keep security on your device current. Updating the software on your apps can prevent 85 percent of targeted attacks. See Heimdal Security for more info on this.

 

Purchase Anti-Virus Software

Yes, you need it. I use Intego Mac Security. This is not an endorsement, just what my IT tech recommended. So far, my computer has been safe.

However, I did just hear from an IT person who read this blog and said that third party anti-virus software is unnecessary. You’ll have to do your own research on this as there seem to be two schools of thought.

 

Check Your Bank Statements Weekly

Even if you don’t bank online, you should be checking your accounts on a weekly basis. Review your statements for unfamiliar withdrawals and deposits. Alert your bank if you notice suspicious activity. Change your password immediately if you do.

 

Smart TVs, Smart Refrigerators, Smart Homes, Virtual Home Assistants, Smart Security Cameras, Smart Thermostats—The Internet of Things (IoT)

I don’t own any of these for a reason. I’m not against them as they make lives easier and I know people who love them. If you do purchase or already own a Smart TV or for example Amazon Echo (Alexa,) be sure to read the fine print. The voice command feature, if left on, can collect and send your voice data to a third party service that converts speech to text. Talk about a privacy issue, not to mention a creepy one. Read more about this here, Your Samsung SmartTV is Spying on You.

Please read the FBI’s warning about these Smart Devices.

I hope this helps.